Privacy Policy - Stmargarets Storage

This Privacy Policy explains how Stmargarets Storage collects, uses, stores, shares, and protects personal data. It applies to all Stmargarets Storage customers in the area, including individuals, business customers, and any other users who provide personal information in connection with storage services, account management, payments, access control, or customer support.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, where applicable.

1. Who This Policy Applies To

This policy applies to:

  • Customers who rent storage units or related services;
  • Prospective customers who enquire about services;
  • Individuals who visit our site or premises where personal data may be collected;
  • Payors, guarantors, account holders, and authorized representatives;
  • Any person whose data is processed in the course of providing storage services.

2. Personal Data We Collect

We may collect the following categories of personal data:

Identity and contact details

  • Name;
  • Postal address;
  • Email address;
  • Telephone number;
  • Date of birth, where needed for identification or verification;
  • Business name and role, if applicable.

Account and service information

  • Storage unit number and access records;
  • Rental dates, account status, and service history;
  • Correspondence and support requests;
  • Notes relating to your account or instructions you provide.

Financial and transaction data

  • Payment status;
  • Invoices and receipts;
  • Bank or card-related payment information processed by secure payment providers;
  • Records of outstanding balances, refunds, or charges.

Security and technical data

  • CCTV images where used for safety and security;
  • Access logs, key fob, PIN, or entry information;
  • Device or browser data when you interact with digital systems, if applicable;
  • Incident reports, if needed for security or insurance purposes.

We only collect data that is necessary and relevant to deliver our services, manage our relationship with you, and maintain the security and integrity of our operations.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To register and manage customer accounts;
  • To provide storage services and maintain access to units;
  • To process payments, issue invoices, and manage billing;
  • To communicate with customers about their account or service;
  • To verify identity and prevent fraud, misuse, or unauthorized access;
  • To protect our premises, customers, staff, and property;
  • To comply with legal, regulatory, tax, and insurance obligations;
  • To resolve disputes, enforce agreements, and recover debts where lawful;
  • To improve our services, systems, and customer experience.

We do not use personal data for purposes that are incompatible with those described above without informing you and, where required, obtaining a valid legal basis.

4. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the situation, our lawful bases may include:

Performance of a contract

We process personal data to enter into and perform our storage agreement with you. This includes setting up your account, providing access to your unit, managing billing, and communicating about the service.

Legal obligation

We may process personal data where necessary to comply with laws and regulations, including accounting, tax, anti-fraud, and recordkeeping obligations.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include security monitoring, preventing unauthorized access, improving our services, and managing risk.

Consent

In limited cases, we may rely on your consent, for example where we collect optional data for a specific purpose. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

Vital interests

In rare circumstances, we may process data to protect someone’s vital interests, such as in an emergency.

5. Data Sharing and Processors

We may share personal data with trusted third parties, but only where necessary and subject to appropriate safeguards. These third parties may act as processors or independent controllers depending on the service they provide.

Processors

Processors may include:

  • IT and cloud service providers;
  • Payment processing providers;
  • Security and CCTV system providers;
  • Customer management or booking system providers;
  • Professional advisers acting on our behalf, such as accountants, auditors, or legal advisers;
  • Maintenance or support contractors who need limited access to perform services.

All processors are required to handle personal data only on our instructions, keep it secure, and comply with data protection law.

Other disclosures

We may also disclose personal data where required:

  • To law enforcement or public authorities;
  • To courts, tribunals, or regulators;
  • To insurers, debt recovery agents, or dispute resolution professionals where lawful and necessary;
  • In connection with a business reorganization, transfer, or sale, subject to legal safeguards.

We do not sell personal data.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, tax, insurance, and operational requirements.

Retention periods vary depending on the type of data and the purpose of processing. In general:

  • Account and contract records are kept for the duration of the customer relationship and for a reasonable period after it ends;
  • Financial records are retained for the period required by tax and accounting laws;
  • Security records, such as access logs or CCTV footage, are kept for a limited period unless needed for an investigation, legal claim, or security incident;
  • Correspondence and service records are retained as long as needed to manage the relationship or resolve issues.

When data is no longer required, we will delete it, anonymize it, or securely destroy it in accordance with our retention procedures.

7. Data Security

We use appropriate technical and organizational measures to protect personal data from unauthorized access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, system monitoring, and limited access on a need-to-know basis.

No system is completely secure, but we take reasonable steps to reduce risk and protect the information entrusted to us.

8. International Transfers

If personal data is transferred outside the United Kingdom or European Economic Area, we will ensure that appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, where required by law.

9. Your Rights

Depending on your location and the legal basis used, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restriction – to limit how we process your data in certain cases;
  • Right to data portability – to receive certain data in a structured, commonly used format;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to withdraw consent – where processing is based on consent;
  • Right to complain – to a relevant data protection authority if you believe your rights have been violated.

Some rights may be subject to legal exceptions. For example, we may need to retain certain data to comply with legal obligations or to establish, exercise, or defend legal claims.

You will not usually be charged for exercising your rights, although we may charge a reasonable fee or refuse requests that are manifestly unfounded, repetitive, or excessive, where permitted by law.

10. Marketing Preferences

Where we send marketing communications, we will do so in line with applicable law. You may opt out of marketing at any time. Transactional or service-related messages will still be sent where necessary for your account or service.

11. Children’s Data

Our storage services are not directed to children, and we do not knowingly collect personal data from children except where necessary and lawful in the context of an adult-managed account or legal obligation.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our operational practices. The latest version will apply from the date it is made available. We encourage customers to review this policy periodically.

13. Summary of Our Commitment

Stmargarets Storage is committed to processing personal data responsibly, securely, and lawfully. We collect only what we need, use it for clear purposes, keep it only as long as necessary, and protect the rights of every customer. This policy applies to all Stmargarets Storage customers in area and should be read as part of our overall commitment to privacy and data protection.

Call Now!
Call Now Get a Quote
Stmargarets Storage

GDPR-compliant Privacy Policy for Stmargarets Storage covering data collection, lawful basis, retention, processors, security, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.