Privacy Policy - Barnehurst Storage

Effective date: This Privacy Policy applies to all Barnehurst Storage customers in the area and explains how we collect, use, store, and protect personal data in connection with our storage services.

1. Introduction

Barnehurst Storage is committed to handling personal information in a lawful, fair, and transparent manner. We respect your privacy and are dedicated to complying with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy sets out what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your personal data.

By using our storage services, entering into an agreement with us, visiting our premises, or interacting with us in connection with your storage account, you acknowledge that your personal data may be processed as described in this policy.

2. Data We Collect

We only collect personal data that is relevant and necessary for providing our storage services, maintaining security, fulfilling legal obligations, and managing our business operations. The categories of data we may collect include:

  • Identity information: your name, date of birth, and any identification details required for verification.
  • Contact details: address, email address, telephone number, and billing or correspondence address.
  • Account and contract information: customer account records, rental agreements, payment status, and service preferences.
  • Payment information: transaction details, payment confirmations, invoice records, and related financial information. We do not store card details unless strictly necessary and securely handled by payment processors.
  • Security and access information: access logs, CCTV footage, gate entry records, keyholder details, and incident reports where applicable.
  • Communications: emails, phone notes, written correspondence, complaints, claims, and other interactions with us.
  • Technical information: limited device or usage data when you interact with our digital systems, where applicable.

We do not intentionally collect special category data unless it is provided by you or required by law, and only where a valid legal basis exists. If you share such data with us, we will handle it with extra care and strict confidentiality.

3. How We Use Your Personal Data

We use personal data only for specified, explicit, and legitimate purposes. These may include:

  • setting up and managing your storage account;
  • verifying identity and preventing fraud;
  • processing payments and maintaining financial records;
  • providing access to storage units and managing site security;
  • responding to enquiries, complaints, and service requests;
  • meeting legal, tax, accounting, and regulatory obligations;
  • protecting our business, property, staff, customers, and other lawful interests;
  • improving our services and operational efficiency;
  • handling disputes, claims, or enforcement actions.

We will not use your personal data for purposes that are incompatible with the reasons for which it was collected unless we have a valid legal basis or your consent where required.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the situation, we rely on one or more of the following:

Contract

We process your data where it is necessary to enter into or perform our storage agreement with you, including account management, billing, access control, and service delivery.

Legal obligation

We may process and retain information where required to comply with legal duties, such as tax rules, accounting standards, fraud prevention requirements, or requests from regulatory bodies and law enforcement.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include site security, CCTV monitoring, preventing misuse of facilities, managing disputes, and improving service quality.

Consent

In limited cases, we may rely on your consent, for example where you choose to receive optional marketing communications or where specific processing requires consent by law. You may withdraw consent at any time, and this will not affect the lawfulness of processing before withdrawal.

Vital interests and public task

These bases are unlikely to apply in ordinary storage operations, but may be used in exceptional circumstances where necessary to protect life or where processing is required by public authorities.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to meet legal, accounting, and reporting requirements. Retention periods vary according to the type of data and the reason for processing.

  • Account and contract records: kept for the duration of the customer relationship and for a reasonable period after it ends.
  • Financial records: retained in line with tax and accounting obligations.
  • Security logs and CCTV records: retained for limited periods unless required longer for investigation, insurance, legal claims, or crime prevention.
  • Complaints and correspondence: retained as necessary to resolve issues, demonstrate compliance, and defend legal claims.

When data is no longer required, we will securely delete, anonymise, or destroy it. Retention is never indefinite unless a specific legal reason requires us to keep certain records longer.

6. Processors and Third Parties

We may share personal data with trusted third parties that act as processors on our behalf or as independent controllers where necessary. These organisations are only permitted to use your data in accordance with our instructions or their own legal obligations.

Examples may include:

  • IT and hosting providers supporting secure data storage and system maintenance;
  • payment service providers handling transactions and payment verification;
  • security providers assisting with CCTV, alarm systems, or access controls;
  • accountants, auditors, and professional advisers supporting compliance and financial management;
  • legal advisers and insurers where claims, disputes, or risk management require it;
  • regulators, courts, and law enforcement when disclosure is required by law.

We require processors to implement appropriate technical and organisational measures to protect personal data. Where data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place in accordance with applicable law.

7. Data Security

We use appropriate security measures to help protect personal data from accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access restrictions, secure systems, staff confidentiality obligations, monitoring tools, and physical security controls. While no system is completely risk-free, we work to keep risks as low as reasonably possible.

Only authorised personnel and approved service providers may access personal data where necessary for legitimate business purposes.

8. Your Rights

As a data subject, you have a number of rights under data protection law. Subject to certain conditions and exemptions, you may have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete information;
  • erase your personal data in limited circumstances;
  • restrict how we process your data in certain situations;
  • object to processing based on legitimate interests or direct marketing;
  • data portability for information you have provided to us, where applicable;
  • withdraw consent where processing relies on consent;
  • lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your rights have been infringed.

We may need to verify your identity before responding to a request. We will respond within the time limits required by law and may refuse or limit requests where permitted by law.

9. Cookies and Similar Technologies

If any digital tools or online systems are used in connection with our services, they may use cookies or similar technologies to support functionality, security, and basic analytics. Where consent is required, you will be given a choice. Non-essential technologies will not be used without proper legal basis.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulatory guidance, or our business practices. Any revised version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

11. Summary

Barnehurst Storage processes personal data only where necessary and lawful, primarily to provide storage services, maintain security, manage accounts, and comply with legal obligations. We retain data only for as long as needed, use approved processors, and respect your rights under data protection law. This policy applies to all Barnehurst Storage customers in the area.

Privacy and trust are central to our service. We aim to process data responsibly, keep it secure, and ensure that any use of personal information is appropriate, proportionate, and transparent.

Call Now!
Call Now Get a Quote
Barnehurst Storage

GDPR-compliant Privacy Policy for Barnehurst Storage covering data collection, lawful basis, retention, processors, rights, and security for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.