Privacy Policy - Southharrow Storage

This Privacy Policy explains how Southharrow Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, visitors, and other individuals whose information we process in connection with our storage services. It applies to all Southharrow Storage customers in the area and to anyone who interacts with us in relation to our services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services or otherwise providing personal data to us, you acknowledge that your information may be processed as described in this Privacy Policy. We aim to collect only the information that is necessary, use it only for legitimate purposes, and retain it only for as long as needed.

1. Who We Are

Southharrow Storage is the data controller for personal data we collect and process in the course of providing storage-related services. This means we determine the purposes and means of processing your personal information. In some cases, we may also act jointly with other parties or use external service providers who process data on our behalf. Where another organisation acts as a separate controller, it will be responsible for its own privacy practices.

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity information: name, title, date of birth, and other identifiers.
  • Contact information: address, email address, telephone number, and emergency contact details where relevant.
  • Account and service information: booking details, unit allocation, account references, payment status, service preferences, and records of communications.
  • Payment information: billing details, transaction records, and limited financial information required to process payments and refunds.
  • Security and access information: entry logs, CCTV images or recordings where used, vehicle registration details, and access records for security and safety purposes.
  • Correspondence: enquiries, complaints, feedback, and other communications we receive from you.
  • Technical information: device or browser information if you interact with digital systems we use, including log files and usage data.

We generally do not seek to collect special category data unless it is provided to us voluntarily or is necessary for a legal claim, safety concern, or other lawful purpose. If you choose to provide such information, we will only process it where a valid legal basis applies.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage customer accounts and storage arrangements;
  • to verify identity and protect against fraud or unauthorised access;
  • to process payments, invoices, refunds, and account adjustments;
  • to provide customer support and respond to enquiries;
  • to manage access to premises and improve site security;
  • to maintain records, monitor service performance, and resolve disputes;
  • to comply with legal, regulatory, tax, and insurance obligations;
  • to enforce our terms and conditions and protect our rights and property;
  • to detect, investigate, and prevent crime, misuse, or unlawful activity.

We may also use aggregated or anonymised information for reporting, service improvement, and planning. Such information does not identify you directly and is not treated as personal data.

4. Lawful Basis for Processing

We only process personal data where we have a lawful basis under data protection law. Depending on the circumstances, our processing may rely on one or more of the following bases:

  • Contract: processing is necessary to enter into or perform a contract with you, such as providing storage services, managing your account, and handling payments.
  • Legal obligation: processing is required to meet statutory, tax, accounting, safety, or regulatory requirements.
  • Legitimate interests: processing is necessary for our legitimate business interests, such as running and securing our facilities, preventing fraud, managing risk, and improving services, provided your interests and fundamental rights do not override those interests.
  • Consent: where we rely on your consent, we will make this clear at the time of collection and you may withdraw it at any time.
  • Vital interests: in rare situations, we may process data to protect someone’s life or physical safety.

Where we rely on legitimate interests, we carry out a balancing assessment to ensure our interests are not unfairly overriding your privacy rights. If you would like more information about our legitimate interests assessment, you may request it where appropriate.

5. How We Share Personal Data

We may share personal data with trusted third parties where necessary for the purposes described in this Policy. These may include:

  • Service providers and processors: businesses that support our operations, such as payment processing, IT support, data storage, administrative support, security systems, and communications tools.
  • Professional advisers: lawyers, accountants, insurers, auditors, and other advisers who require access in order to provide professional services.
  • Authorities and regulators: law enforcement, courts, tax authorities, and other public bodies where disclosure is required or permitted by law.
  • Other third parties: parties involved in a dispute, claim, or transaction where disclosure is necessary to protect our rights, property, or lawful interests.

Where third parties act as processors, they are only permitted to process personal data on our instructions and must implement appropriate security measures. We do not sell personal data.

6. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms approved under applicable data protection law. We will only transfer personal data where permitted and where suitable protections are available.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including meeting legal, accounting, insurance, and reporting requirements. Retention periods may vary depending on the type of information and the reason we hold it.

In general:

  • customer account and contract records are retained for the duration of the relationship and for a period afterwards to handle claims, disputes, and legal obligations;
  • payment and invoice records are retained for the period required by tax and accounting laws;
  • security records, such as access logs or CCTV, are retained for a limited period unless they are needed for an incident, investigation, or legal matter;
  • correspondence and complaint records are retained as long as needed to manage the issue and any follow-up obligations;
  • where data is no longer needed, it is securely deleted, anonymised, or destroyed.

We review retention periods periodically to ensure they remain appropriate and proportionate. We do not keep personal data indefinitely.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, encryption where appropriate, staff confidentiality obligations, secure storage, and regular monitoring of systems. While no system can be guaranteed to be completely secure, we work to maintain a high level of protection and to reduce the risk of data incidents.

Only personnel and authorised third parties who need access to personal data for legitimate purposes may process it.

9. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions or exemptions depending on the circumstances. They include:

  • Right of access: to request confirmation of whether we process your data and to obtain a copy of that data.
  • Right to rectification: to request correction of inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of personal data in certain circumstances.
  • Right to restriction: to request that we limit the way we use your data in certain situations.
  • Right to data portability: to receive some of your data in a structured, commonly used, machine-readable format and, where feasible, to have it transmitted to another controller.
  • Right to object: to object to processing based on legitimate interests or to direct marketing, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to raise concerns about how your data is handled and to seek a review of certain decisions that affect you. If you believe your rights have been infringed, you may complain to the relevant supervisory authority. We encourage you to raise concerns with us first so that we can attempt to resolve them promptly.

10. Children’s Data

Our services are intended for adults and business users where applicable. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful arrangement or an emergency contact, and only where appropriate safeguards are in place.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage you to review this Policy periodically to stay informed about how we process personal data.

12. Summary of Our Commitment

Southharrow Storage is committed to respecting privacy and protecting personal information. We collect only what we need, use it for clear and lawful purposes, retain it for limited periods, and share it only when necessary and with appropriate safeguards. We apply these standards to all Southharrow Storage customers in the area and aim to ensure that every person whose data we process can trust us to handle it responsibly and lawfully.

Call Now!
Call Now Get a Quote
Southharrow Storage

GDPR-compliant Privacy Policy for Southharrow Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.