Privacy Policy - Riddlesdown Storage

This Privacy Policy explains how Riddlesdown Storage collects, uses, stores, and protects personal data when providing storage services. It applies to all Riddlesdown Storage customers in the area, including prospective customers, current customers, former customers, and any individuals whose personal data is processed in connection with our services.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018. This policy is intended to be clear, transparent, and easy to understand.

1. Personal Data We Collect

We collect only the personal data that is necessary to provide and manage our storage services, meet legal obligations, and protect our business and customers. The types of data we may collect include:

  • Identity data: name, title, date of birth, and identification details where needed for verification.
  • Contact data: postal address, email address, and telephone number.
  • Account and contract data: storage unit details, booking information, payment status, correspondence, and service preferences.
  • Payment data: billing information, transaction records, and payment confirmations. We do not normally store full card details where payments are processed securely by payment providers.
  • Access and security data: entry logs, security records, CCTV footage where used, and records of visits or access to premises.
  • Communications data: messages, complaints, enquiries, and notes from conversations relating to customer service or account administration.
  • Technical data: limited information such as device or browser identifiers where necessary for website security or service integrity, if applicable.

We may also receive personal data from third parties, such as payment processors, identity verification services, insurers, legal advisors, or referral partners, where this is necessary for the provision of services or the performance of a contract.

2. How We Use Personal Data

Riddlesdown Storage uses personal data for the following purposes:

  • to set up and manage customer accounts;
  • to provide storage services and related support;
  • to verify identity and prevent fraud;
  • to process payments, invoices, and refunds;
  • to communicate about bookings, changes, notices, and account matters;
  • to maintain security, monitor access, and protect premises, staff, and customers;
  • to handle complaints, disputes, and claims;
  • to comply with legal and regulatory requirements;
  • to improve our services, operations, and customer experience;
  • to establish, exercise, or defend legal claims.

We will only use personal data for the purpose for which it was collected unless we reasonably consider that we need to use it for another compatible purpose. If we need to use data for an unrelated purpose, we will explain the legal basis and, where required, seek further permission.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Riddlesdown Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with a customer. This includes setting up storage agreements, managing accounts, taking payment, and providing customer support connected to the contract.

Legal Obligation

We may process personal data to comply with legal requirements, such as tax rules, accounting obligations, fraud prevention duties, health and safety responsibilities, and lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by the rights and freedoms of individuals. This may include safeguarding our property, improving services, managing risk, enforcing contractual rights, and preventing misuse of our premises or services.

Consent

In limited cases, we may rely on consent, for example where it is the most appropriate basis for a particular optional communication or activity. Where consent is used, individuals may withdraw it at any time.

4. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These third parties act either as processors or as independent controllers depending on the service they provide.

Our processors may include:

  • Payment processors that handle secure payment transactions;
  • IT and cloud service providers that store or support customer records;
  • Security providers that help manage alarms, access control, or surveillance systems;
  • Accountancy and bookkeeping providers that support financial administration;
  • Customer management software providers that help us manage bookings and communications;
  • Legal and professional advisors where advice or representation is needed.

Where a third party acts as a processor, they process personal data only on our instructions and are required to implement appropriate security and confidentiality measures. We do not sell personal data.

We may also disclose personal data where required by law, to protect the rights, property, or safety of Riddlesdown Storage, our customers, or others, or in connection with a business transaction such as restructuring, transfer of assets, or sale of part of the business.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for the fulfilment of legal, accounting, tax, security, and contractual requirements. Retention periods vary depending on the type of data and the reason for holding it.

In general:

  • customer contract and account records are kept for the duration of the relationship and for a reasonable period afterwards;
  • financial and tax records are kept for the period required by law;
  • security records, including access logs and CCTV where applicable, are retained for a limited period unless needed longer for investigation or legal purposes;
  • correspondence and complaint records are retained as needed to respond, resolve disputes, and evidence decisions.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify an individual.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unlawful access, alteration, disclosure, or destruction. These measures may include restricted access controls, secure storage, staff confidentiality obligations, and regular review of our security practices.

While we take data security seriously, no system can be guaranteed to be completely secure. If a data breach occurs that is likely to result in a risk to individuals, we will handle it in accordance with applicable law and take steps to reduce harm.

7. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place so that the information continues to receive a level of protection required by data protection law. This may include approved contractual safeguards or transfers to countries recognised as providing adequate protection.

8. Your Rights

Individuals whose personal data we process have a number of rights under data protection law. These rights may be subject to conditions or exemptions, depending on the circumstances.

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data in certain circumstances.
  • Right to restriction: you may ask us to limit how we use your data in certain situations.
  • Right to data portability: you may request that certain data be provided in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests and to direct marketing where applicable.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner's Office if you believe your data has not been handled properly. We encourage customers to raise concerns with us first so that we can try to resolve the issue promptly.

9. Children’s Data

Our services are generally intended for adults. We do not knowingly collect personal data from children except where it is necessary in relation to a lawful customer arrangement and only to the extent permitted by law.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or the way we process personal data. Any updated version will apply from the date it is published or otherwise communicated, as appropriate. We recommend reviewing this policy periodically to stay informed about how we protect personal data.

By using Riddlesdown Storage services, customers in the area acknowledge that their personal data may be processed in accordance with this Privacy Policy.

Call Now!
Call Now Get a Quote
Riddlesdown Storage

GDPR-compliant Privacy Policy for Riddlesdown Storage covering data collection, lawful basis, retention, processors, rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.