Privacy Policy - Eastdulwich Storage

Eastdulwich Storage is committed to protecting the privacy and personal data of all customers in the East Dulwich area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Eastdulwich Storage customers in area, including prospective customers, current customers, account holders, and anyone who interacts with us in connection with storage services.

1. Who We Are

For the purposes of data protection law, Eastdulwich Storage acts as the data controller for the personal information we process in connection with our storage services. This means we determine why and how your personal data is used. We only process personal data where we have a lawful basis to do so and only for purposes that are necessary, relevant, and proportionate.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, title, date of birth, and identification details where required.
  • Contact data: address, email address, telephone number, and emergency contact details if provided.
  • Account data: customer reference numbers, booking details, unit size, service preferences, and communication records.
  • Payment data: billing details, payment status, and transaction records. Where payments are processed through third-party providers, we may receive limited payment confirmation information.
  • Security and access data: CCTV footage, access logs, alarm records, and records of entry or exit where applicable.
  • Correspondence data: information included in emails, forms, letters, complaints, claims, or other communications with us.
  • Technical data: limited internet or device information if you use our digital systems, such as IP address, browser type, and session data.

We generally collect personal data directly from you when you make an enquiry, sign up for storage, complete forms, communicate with us, or use our services. In some cases, we may also receive information from third parties such as payment processors, identity verification providers, insurance partners, or legal and regulatory bodies where appropriate.

3. How We Use Your Data

We use your personal data for the following purposes:

  • to provide storage services and manage your account;
  • to verify your identity and prevent fraud;
  • to process payments and maintain financial records;
  • to communicate with you about your booking, services, or account;
  • to manage access to storage facilities and maintain site security;
  • to respond to enquiries, complaints, and disputes;
  • to comply with legal obligations, including tax, accounting, and regulatory requirements;
  • to enforce or defend our legal rights where necessary;
  • to improve our services, systems, and customer experience.

We do not use your personal data for purposes that are incompatible with the reasons it was originally collected unless we have a lawful basis to do so.

4. Lawful Basis for Processing

We only process personal data when we have a lawful basis under data protection law. Depending on the context, we rely on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access to your unit, processing your payments, and delivering agreed services.

Legal obligation

We may process your data where we need to comply with legal obligations, such as keeping financial and tax records, responding to lawful requests, and meeting security or regulatory requirements.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include protecting our premises, preventing misuse of services, managing operational risk, maintaining records, and improving our business. We always assess whether our interests are proportionate and whether any impact on your privacy is limited.

Consent

In limited situations, we may ask for your consent to process specific data or to send optional communications. Where we rely on consent, you can withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before consent was withdrawn.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements. Retention periods may vary depending on the type of data and the reason for processing.

  • Customer account records: retained for the duration of the contract and for a reasonable period afterwards to deal with queries, disputes, or legal claims.
  • Payment and accounting records: retained for the period required by law, typically to meet tax and financial obligations.
  • Security records: retained only as long as necessary for safety, incident management, or investigation purposes.
  • Correspondence and complaints: retained for as long as needed to resolve the matter and maintain evidence of our actions.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. In some cases, we may retain data for longer if required by law or where necessary to establish, exercise, or defend legal claims.

6. Sharing Your Information

We may share your personal data with trusted third parties, known as processors or independent controllers, only where necessary and appropriate. These may include:

  • Payment processors for handling card or electronic transactions;
  • IT and cloud service providers that support our systems, storage, and communications;
  • Security providers involved in access control, CCTV support, or site monitoring;
  • Professional advisers such as accountants, auditors, insurers, and legal advisers;
  • Authorities and regulators where we are legally required to provide information;
  • Debt recovery or dispute resolution partners where necessary to manage unpaid balances or enforce agreements.

Where we use processors, they are required to process your data only on our instructions, to keep it secure, and to comply with data protection law. We do not sell your personal data.

7. International Transfers

Some of our processors may store or access data outside the United Kingdom. Where this happens, we take appropriate steps to ensure your data remains protected, including using approved contractual safeguards and assessing the security of the destination country. We only transfer data where there is a lawful mechanism in place to protect your rights.

8. Data Security

We use reasonable technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, password protection, limited staff access, staff training, and monitoring of systems and facilities. While we take data security seriously, no system can be guaranteed to be completely secure.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the circumstances:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data in certain circumstances.
  • Right to restrict processing: you may ask us to limit how we use your data in certain situations.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability: you may request that certain data be provided to you or another organisation in a structured format where applicable.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data has not been handled lawfully. We encourage you to contact us first so that we can try to resolve any concerns promptly and fairly.

10. Children’s Data

Our services are generally intended for adults. We do not knowingly collect personal data from children except where it is necessary and appropriate in connection with a customer relationship, for example where emergency contact details are supplied. If we become aware that we have collected data improperly, we will take steps to delete it where required.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our data processing practices. Any updates will be made in a clear and accessible form. We encourage customers to review this policy periodically so they remain informed about how their data is used.

12. Summary of Our Approach

Eastdulwich Storage values privacy, transparency, and accountability. We only collect data that is necessary to deliver storage services, operate securely, and meet legal obligations. We process personal data on clear lawful bases, retain it only as long as needed, and share it only with trusted processors or other parties where appropriate. We respect your rights and will always aim to handle your information fairly, securely, and in line with the law.

This policy applies to all Eastdulwich Storage customers in area.

Call Now!
Call Now Get a Quote
Eastdulwich Storage

GDPR-compliant privacy policy for Eastdulwich Storage covering data collection, lawful basis, retention, processors, rights, and regional applicability.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.