Privacy Policy - Bermondsey Storage

Effective Date: This Privacy Policy applies to all Bermondsey Storage customers in the area and explains how personal data is collected, used, shared, retained, and protected in accordance with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Bermondsey Storage is committed to respecting your privacy and protecting your personal data. This Privacy Policy describes the types of information we collect from customers, prospective customers, visitors, and other individuals who interact with our storage services, as well as how and why that information is processed. We aim to be transparent, fair, and lawful in all data processing activities.

By using Bermondsey Storage services, you acknowledge that your personal data may be processed as described in this policy. We only process personal data when we have a valid legal basis to do so, and we limit processing to what is necessary for specific, legitimate purposes.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: full name, date of birth, and proof of identity where required.
  • Contact data: address, email address, telephone number, and emergency contact details if provided.
  • Account and service data: storage unit details, booking information, access records, payment status, invoices, and service preferences.
  • Financial data: payment card details or bank account information when necessary for billing and refunds. Sensitive payment details may be handled through secure payment processors rather than stored by us directly.
  • Technical data: IP address, browser type, device identifiers, and usage information collected through security systems, access systems, or digital platforms.
  • Security data: CCTV images, access logs, visitor records, incident reports, and related information necessary to protect the site, customers, staff, and property.
  • Communication data: enquiries, complaints, notices, and correspondence you send to us or receive from us.

We generally collect personal data directly from you when you make a booking, sign an agreement, visit the premises, make a payment, or communicate with us. In some cases, we may also receive data from third parties such as payment providers, identity verification services, insurers, debt recovery providers, or legal advisers.

3. How We Use Your Data

We use personal data for the following purposes:

  • to create and manage customer accounts and storage agreements;
  • to verify identity and prevent fraud or misuse;
  • to provide access to storage facilities and manage security;
  • to process payments, refunds, and invoices;
  • to communicate with you about your account, service changes, or important notices;
  • to maintain records, resolve disputes, and enforce our terms;
  • to comply with legal and regulatory obligations;
  • to protect the safety, security, and integrity of our site and services;
  • to improve our services, systems, and customer experience;
  • to handle insurance claims, legal claims, or investigations where necessary.

We may also use aggregated or anonymised data for analytical purposes, provided that it does not identify any individual.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for every processing activity. Bermondsey Storage relies on one or more of the following lawful bases:

4.1 Contract

We process your personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access to your unit, taking payment, and delivering agreed services.

4.2 Legal Obligation

We process certain information to comply with legal obligations, such as accounting, tax, fraud prevention, security requirements, and responding to lawful requests from public authorities.

4.3 Legitimate Interests

We process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include site security, CCTV monitoring, access control, service improvement, debt recovery, and business administration. We carry out appropriate balancing assessments to ensure that our interests are justified and that your privacy is respected.

4.4 Consent

Where required, we rely on your consent, for example for certain types of optional marketing or non-essential communications. If we ask for consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, reporting, and security requirements. Retention periods depend on the nature of the data and the reason for processing.

  • Contract and account records: retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records: retained for the period required by applicable law.
  • Security records and CCTV footage: retained for a limited period unless needed for an incident, investigation, or legal claim.
  • Correspondence and complaints: retained as long as necessary to resolve issues and maintain evidence of actions taken.
  • Marketing preferences: retained until you update your preferences or withdraw consent, where applicable.

When data is no longer required, we securely delete, destroy, or anonymise it. Retention periods may vary depending on the circumstances and any legal obligations that apply.

6. Processors and Data Sharing

We may share personal data with trusted third parties acting as processors or independent controllers where necessary and lawful. These parties only process personal data according to our instructions or for their own lawful purposes where applicable.

Examples of processors and third parties may include:

  • payment service providers;
  • accounting and bookkeeping providers;
  • IT hosting, software, and cloud service providers;
  • security contractors and CCTV system providers;
  • identity verification and fraud prevention services;
  • customer support and communication platforms;
  • legal advisers, auditors, insurers, and professional consultants;
  • debt recovery agents or collection services where lawful and necessary.

We require our processors to implement appropriate technical and organisational security measures and to process personal data only for authorised purposes. Where data is shared with independent controllers, such as law enforcement or regulatory bodies, they will be responsible for their own processing activities.

7. International Transfers

If personal data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We will take reasonable steps to ensure your data remains protected to the standards required by applicable law.

8. Data Security

We use reasonable and appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access restrictions, encryption, secure storage, staff training, monitoring, and system controls. While no system can be guaranteed completely secure, we take privacy and security seriously and regularly review our safeguards.

9. Your Rights

Subject to certain legal limits, you have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format and request transfer where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You may also have the right to challenge decisions based solely on automated processing, though Bermondsey Storage does not normally rely on fully automated decision-making producing legal or similarly significant effects.

If you wish to exercise any of these rights, we may ask for information to verify your identity before responding. We will aim to respond within the time limits required by law.

10. Complaints

If you have concerns about how we handle your personal data, you should raise the issue through our internal complaint process so we can review and address it. You also have the right to lodge a complaint with the UK data protection supervisory authority if you believe your data protection rights have been violated.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data processing practices. Any updated version will apply from the effective date stated in the revised policy. We encourage you to review this policy periodically so that you remain informed about how we protect your personal data.

12. Summary of Our Commitment

Bermondsey Storage is committed to processing personal data fairly, lawfully, and transparently. We collect only what is needed, use it for clear and legitimate purposes, retain it only as long as necessary, and share it only with approved processors or other third parties when lawful. We respect your rights and work to ensure that all Bermondsey Storage customers in the area can trust us with their personal information.

This policy applies to all Bermondsey Storage customers in area.

Call Now!
Call Now Get a Quote
Bermondsey Storage

GDPR-compliant Privacy Policy for Bermondsey Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.