Self Storage Hammersmith Privacy Policy
This Privacy Policy explains how Self Storage Hammersmith collects, uses, stores, and protects the personal data of all our customers and prospective customers in the Self Storage Hammersmith service area. We are committed to handling your information fairly, lawfully, and transparently in accordance with the UK General Data Protection Regulation and applicable data protection laws.
Scope and Data Controller
This Privacy Policy applies to all individuals who use or enquire about storage units, related services, or facilities provided by Self Storage Hammersmith within our operating area. It also applies to visitors to our premises and to users of our online enquiry and booking channels.
Self Storage Hammersmith is the data controller for the personal data described in this policy. This means we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable law.
Personal Data We Collect
We may collect and process the following categories of personal data depending on how you interact with us and which services you use:
Identification and contact details such as name, postal address, billing address, contact address, and other contact details you choose to provide to us.
Account and contract information such as customer reference numbers, contract start and end dates, unit number, storage size, agreed services, and communication preferences.
Payment and billing information such as limited payment card details processed via secure third party payment providers, payment method, invoices, payment history, and records of any arrears or refunds.
Verification and security information such as copies or details of identification documents where required by law or for fraud prevention purposes, vehicle registration number for site access, and information obtained from access control systems such as entry logs.
Communications and correspondence such as records of enquiries, complaints, feedback, emails, letters, phone call notes, and messages submitted through online forms.
Technical and usage data such as information about how you use our website or online services, including IP address, device information, and basic analytics data, collected through standard server logs and similar technologies.
CCTV images collected through closed circuit television systems operating on our premises for security and crime prevention purposes.
Lawful Basis for Processing
We only process your personal data where we have a lawful basis under the UK GDPR. Depending on the context, we rely on one or more of the following lawful bases:
Performance of a contract: We process your personal data to enter into and manage our storage agreement with you, including setting up your account, providing access to your storage unit, handling payments, and communicating with you about your contract.
Compliance with legal obligations: We may process your information to comply with legal and regulatory requirements, such as tax and accounting rules, fraud and crime prevention obligations, and obligations to cooperate with law enforcement or regulatory authorities.
Legitimate interests: We may process your personal data where it is necessary for our legitimate business interests and where these interests are not overridden by your rights. These interests may include maintaining the security of our premises and customers property, managing our relationship with you, improving our services, handling queries and complaints, and protecting our legal rights.
Consent: In limited circumstances, we may rely on your consent, for example for certain types of optional marketing communications. When we rely on consent, you can withdraw it at any time.
How We Use Your Personal Data
We use the personal data we collect for the following purposes:
To process enquiries, provide information about our storage services, and prepare quotes.
To set up and manage your customer account and storage contract, including arranging access, managing renewals, and adjusting services at your request.
To process payments, issue invoices, manage billing, and handle refunds or debt recovery where necessary.
To maintain the safety and security of our premises, customers, and staff, including through access control systems, visitor logs, and CCTV monitoring.
To respond to your communications, handle feedback, and resolve complaints or disputes.
To comply with legal and regulatory obligations and to cooperate with competent authorities where required.
To maintain accurate business records, perform internal reporting, and manage our operations efficiently.
Where permitted, to send you information about our services similar to those you already use or have enquired about, and to keep you informed about changes to our terms or policies.
Data Retention
We keep your personal data only for as long as is necessary to fulfil the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.
In general, we retain customer account and contract information for a period necessary to manage your contract and for a reasonable time afterwards to deal with queries, disputes, or potential legal claims. Financial and transactional records are usually kept for periods required by tax and accounting laws.
CCTV footage and access logs are kept for a limited period, typically only as long as necessary for security and incident investigation purposes, unless a longer retention is required in connection with a specific incident or legal obligation.
When personal data is no longer needed, we will securely delete it or anonymise it so that you can no longer be identified.
Data Processors and Sharing of Personal Data
We may share your personal data with carefully selected third parties who act as data processors on our behalf. These processors only process your personal data in accordance with our instructions and for the purposes set out in this Privacy Policy.
Examples of such processors include IT and cloud service providers, payment processing providers, customer management system providers, security and access control system providers, and professional advisers who assist us with legal, financial, or regulatory matters.
We may also share your personal data with other third parties where required by law, where necessary for the establishment, exercise, or defence of legal claims, or where we are involved in a business reorganisation or transfer relating to our storage operations.
We do not sell your personal data. Any third party with whom we share data is required to keep it secure and to use it only for the purposes for which it was provided.
International Transfers
If we use service providers located outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect your personal data in accordance with data protection law, such as the use of standard contractual clauses or equivalent protection mechanisms where required.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exemptions, but we will always respond to any request you make in accordance with the law.
Right of access: You have the right to obtain confirmation as to whether we process your personal data and, if so, to request a copy of that data and certain additional information.
Right to rectification: You have the right to request that inaccurate or incomplete personal data about you is corrected or updated.
Right to erasure: In certain circumstances, you may request that we delete your personal data, for example where it is no longer necessary for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
Right to restriction of processing: You may ask us to restrict the processing of your personal data in certain situations, for example while we are verifying its accuracy or dealing with an objection.
Right to object: You have the right to object to the processing of your personal data where we rely on legitimate interests as our lawful basis. You also have the right to object at any time to the processing of your personal data for direct marketing.
Right to data portability: In certain circumstances, you may request that we provide you with your personal data in a structured, commonly used, and machine readable format, or that we transmit it to another controller where technically feasible.
Where we rely on consent as a lawful basis for processing, you have the right to withdraw your consent at any time. This will not affect the lawfulness of any processing carried out before you withdraw consent.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include access controls, staff training, secure storage, and the careful selection and oversight of our data processors.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any changes will be posted in the most recent version of this policy, and significant changes may be notified to you through additional communication channels where appropriate.
Contact and Complaints
If you have any questions about this Privacy Policy or how we handle your personal data, or if you wish to exercise any of your data protection rights, you can contact us using the usual communication channels you use to reach Self Storage Hammersmith.
You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe that your rights have been infringed. We encourage you to contact us first so that we can try to resolve any concerns directly.
