Privacy Policy - Ardleighgreen Storage

Effective date: This Privacy Policy applies to all Ardleighgreen Storage customers in the area and explains how personal data is collected, used, stored, shared, and protected in connection with our storage services. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who we are

Ardleighgreen Storage provides storage services to individuals and businesses in the local area. In the course of providing our services, we may act as a data controller for the personal information we collect and process about customers, prospective customers, visitors, and other individuals who interact with us.

This policy describes the categories of personal data we collect, the purposes for which we use it, the legal bases we rely on, how long we keep it, the third parties who may process it on our behalf, and the rights available to you under data protection law.

2. Personal data we collect

We only collect personal data that is relevant and necessary for the operation of our storage services, administration, security, and legal compliance. Depending on how you use our services, we may collect the following information:

  • Identity data: name, title, date of birth, and identification details where needed for verification.
  • Contact data: postal address, email address, and telephone number.
  • Contract and account data: storage unit details, rental agreement information, payment status, and service history.
  • Financial data: billing and payment records, partial payment card details, and transaction references. We do not normally store full card information where payment processing is handled securely by a payment provider.
  • Security data: CCTV footage, access logs, key or access card records, incident reports, and security-related notes.
  • Communication data: correspondence, complaints, service requests, and records of enquiries.
  • Technical data: IP address, device identifiers, and usage data if you interact with digital systems we operate.

We generally collect data directly from you when you make an enquiry, sign an agreement, use our premises, communicate with us, or make a payment. In some cases, we may also receive information from third parties such as payment providers, identity verification services, insurance providers, or law enforcement where permitted by law.

3. How we use your data

We use personal data only for legitimate operational and legal purposes. These include:

  • setting up and managing storage agreements;
  • verifying identity and preventing fraud;
  • processing payments and managing accounts;
  • providing customer support and responding to requests;
  • operating access control and site security systems;
  • monitoring premises to prevent theft, damage, and unauthorised access;
  • meeting legal, tax, accounting, and regulatory obligations;
  • handling disputes, claims, and insurance matters;
  • improving our services and internal operations;
  • protecting the rights, property, and safety of Ardleighgreen Storage, customers, staff, and visitors.

We do not use personal data for unrelated purposes without first ensuring that such use is permitted by law.

4. Lawful basis for processing

Under the UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following bases depending on the activity involved:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage unit, billing, access, and support services.

Legal obligation

We may process data when required to comply with legal obligations, including record-keeping, accounting, taxation, anti-fraud requirements, and lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests and those interests are not overridden by your rights and freedoms. This may include business administration, site security, CCTV monitoring, protecting our property, preventing misuse, and handling disputes. Where we rely on legitimate interests, we consider the impact on you and balance our interests against yours.

Consent

In limited cases, we may ask for your consent, for example for certain optional communications or specific processing that does not fall under another lawful basis. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, and reporting obligations. Retention periods vary depending on the type of data and the reason for processing.

  • Contract and account records: retained for the duration of the storage relationship and for a reasonable period afterwards to deal with disputes, invoicing, and legal claims.
  • Financial and tax records: retained for the period required by applicable law.
  • Security records and CCTV: retained for a limited period unless required for an investigation, claim, or legal matter.
  • Enquiries and correspondence: retained for as long as necessary to manage the communication and related records.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Processors and sharing of data

We may share personal data with trusted third-party service providers who act as processors on our behalf. These processors only process data according to our instructions and are required to protect it appropriately.

Examples of processors and service categories may include:

  • Payment processors for secure transaction handling;
  • IT and cloud service providers for data storage, communications, and system maintenance;
  • Security service providers for surveillance, alarm, and access-control support;
  • Accounting and administrative providers for invoicing and financial record management;
  • Identity verification or fraud prevention services where necessary;
  • Insurance or legal advisers in connection with claims or disputes.

We may also disclose personal data where required by law, court order, or regulatory request, or where disclosure is necessary to protect the safety, rights, or property of Ardleighgreen Storage or others.

We do not sell your personal data.

7. International transfers

If any processor stores or accesses data outside the UK, we will ensure that appropriate safeguards are in place to protect your information to a standard consistent with UK data protection law. This may include the use of approved contractual protections or other lawful transfer mechanisms.

8. Security of your data

We take the security of personal data seriously and use appropriate technical and organisational measures to protect it against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure systems, staff confidentiality obligations, and monitoring of security-related activity.

While no system can be guaranteed as completely secure, we work to reduce risk and respond promptly to incidents where they occur.

9. Your rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to legal limitations, these rights may include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit processing in specific situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to contact us first so we can try to resolve any concerns promptly and fairly.

10. Children’s data

Our services are not intended for children, and we do not knowingly collect personal data from children except where it is necessary in connection with a lawful storage agreement or associated administrative requirement involving a parent, guardian, or authorised adult. If we become aware that data has been collected inappropriately, we will take appropriate steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the services we provide. Any updated version will apply from the date it is published or otherwise communicated. We recommend reviewing this policy periodically to stay informed about how we handle personal data.

12. Summary of our commitment

Ardleighgreen Storage is committed to responsible and lawful data protection practices. We collect only the data we need, use it for clear and legitimate purposes, keep it only as long as necessary, and share it only with trusted processors or where required by law. We also respect your rights and aim to ensure that your personal information is treated with care, transparency, and accountability.

Call Now!
Call Now Get a Quote
Ardleighgreen Storage

GDPR-compliant privacy policy for Ardleighgreen Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.