Privacy Policy - Selfstorage Hampstead

This Privacy Policy explains how Selfstorage Hampstead collects, uses, stores, shares, and protects personal data relating to customers, prospective customers, visitors, and other individuals who interact with our services. It applies to all Selfstorage Hampstead customers in the area, as well as anyone who makes an enquiry, enters into an agreement with us, visits our premises, or otherwise provides personal data to us.

We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We take privacy seriously and seek to ensure that only the minimum necessary information is processed for clearly defined purposes.

1. Personal Data We Collect

We may collect and process different categories of personal data depending on how you interact with us. This may include:

  • Identity data such as your name, date of birth, and proof of identity.
  • Contact data such as address, email address, and telephone number.
  • Contract data such as storage unit details, rental period, payment status, and agreement records.
  • Financial data such as billing details, payment method information, and transaction history.
  • Usage data such as access records, key or code usage, and site attendance information.
  • Security data such as CCTV images, incident reports, and access logs.
  • Communication data such as emails, messages, complaints, and notes from phone or in-person conversations.
  • Technical data where relevant, including device or browser information if you interact with digital services.

We generally collect personal data directly from you when you complete forms, sign an agreement, make payments, contact us, or use our services. In some cases, we may receive data from third parties such as payment providers, identity verification services, insurers, or legal and regulatory bodies.

2. How We Use Your Data

We use personal data only where permitted by law and only for specified purposes. These purposes may include:

  • setting up and managing your storage account;
  • verifying your identity and protecting against fraud;
  • processing bookings, payments, and refunds;
  • providing customer support and responding to enquiries;
  • maintaining site safety, security, and access control;
  • recording incidents, disputes, or insurance-related matters;
  • meeting legal, tax, accounting, and regulatory obligations;
  • operating and improving our services;
  • defending or establishing legal claims where necessary.

We will not use your data for unrelated purposes without first ensuring that we have a lawful basis to do so.

3. Lawful Basis for Processing

Under data protection law, we must identify a lawful basis for each processing activity. Depending on the circumstances, Selfstorage Hampstead may rely on the following lawful bases:

Performance of a contract

We process personal data when it is necessary to enter into or perform a storage agreement with you. This includes creating your account, administering the unit, managing payments, and providing the services you have requested.

Compliance with a legal obligation

We may process data to comply with laws and regulations, including tax, accounting, fraud prevention, health and safety, and lawful disclosure requirements.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided that those interests are not overridden by your rights and freedoms. Examples include securing our premises, protecting property, preventing fraud, keeping records, and managing service quality. Where legitimate interests are relied upon, we consider the impact on individuals and apply appropriate safeguards.

Consent

In limited situations, we may rely on your consent, for example where it is required for certain optional communications or non-essential processing. Where consent is used, you may withdraw it at any time. This will not affect processing that has already taken place lawfully before withdrawal.

4. Sharing Your Data and Processors

We may share your personal data with trusted third parties where necessary to operate our business and provide services. These third parties act either as processors processing data on our behalf, or as independent controllers where they determine their own purposes for processing.

Examples of processors and service providers may include:

  • payment processing providers;
  • identity verification and fraud prevention services;
  • IT hosting, cloud storage, and software support providers;
  • security and CCTV system providers;
  • accounting, audit, and bookkeeping services;
  • customer communication and administration platforms;
  • professional advisers such as lawyers and insurers.

All processors are required to handle personal data securely, act only on our documented instructions, and implement appropriate technical and organisational measures to protect data. We do not sell personal data.

We may also disclose information where required by law, court order, law enforcement request, or to protect the rights, property, or safety of Selfstorage Hampstead, our customers, or others.

5. International Transfers

If personal data is transferred outside the UK, we will ensure that suitable safeguards are in place. This may include an adequacy decision, the UK International Data Transfer Agreement, or other lawful transfer mechanism designed to protect your information to an equivalent standard.

6. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, including for the fulfilment of contractual, legal, accounting, insurance, and dispute resolution obligations.

Retention periods may vary depending on the type of data. For example:

  • Contract and account records are normally retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Payment and accounting records are retained in line with legal and financial obligations.
  • Security and CCTV records are retained only for as long as needed for monitoring, investigation, or incident management.
  • Correspondence and complaints are retained for as long as needed to resolve the matter and maintain accurate records.

When data is no longer required, we will delete, anonymise, or securely destroy it in a manner appropriate to the nature of the information.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption where suitable, secure storage, staff confidentiality obligations, and monitoring of systems and premises.

While we work hard to protect information, no system can be guaranteed to be completely secure. If a personal data breach occurs and we are legally required to do so, we will take appropriate steps to assess and report it, and to mitigate any potential harm.

8. Your Rights

Under data protection law, you have a number of important rights in relation to your personal data. These may include:

  • the right of access to request a copy of the personal data we hold about you;
  • the right to rectification to ask us to correct inaccurate or incomplete data;
  • the right to erasure in certain circumstances, also known as the right to be forgotten;
  • the right to restrict processing in certain situations;
  • the right to object to processing based on legitimate interests or direct marketing;
  • the right to data portability where processing is based on consent or contract and carried out by automated means;
  • the right to withdraw consent where consent is the lawful basis relied upon;
  • the right to complain to the UK Information Commissioner’s Office if you believe your data has been mishandled.

Some rights are subject to legal exceptions and may not apply in every case. We will assess each request carefully and respond in accordance with applicable law.

9. How We Handle Requests

If you wish to exercise any of your rights, we may need to verify your identity before responding. This is to ensure that personal data is not disclosed to the wrong person. We aim to respond within the required legal timeframe and will keep you informed if additional time is needed due to complexity or the number of requests received.

We may refuse or limit a request where permitted by law, for example if the request is manifestly unfounded or excessive, or if we are required to retain information for legal reasons.

10. Children’s Data

Our services are not intended for children, and we do not knowingly collect personal data from children unless it is provided by a parent, guardian, or authorised representative in connection with a lawful and necessary arrangement. If we become aware that we have collected data from a child without an appropriate basis, we will take reasonable steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational requirements. Any revised version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

12. Our Commitment

Selfstorage Hampstead is committed to lawful, transparent, and responsible data processing. We aim to ensure that personal data is collected only where necessary, used only for legitimate purposes, retained only for as long as needed, and protected through appropriate safeguards. We respect your privacy and will continue to process information in a manner that is fair, secure, and proportionate.

This Privacy Policy applies to all Selfstorage Hampstead customers in the area.

Call Now!
Call Now Get a Quote
Selfstorage Hampstead

GDPR-compliant privacy policy for Selfstorage Hampstead covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.