Privacy Policy - Brentpark Storage

Effective date: This Privacy Policy applies to all Brentpark Storage customers in the area and explains how we collect, use, store, share, and protect personal data in connection with our storage services.

Brentpark Storage is committed to handling personal data fairly, lawfully, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any other applicable privacy laws.

1. Scope of this Privacy Policy

This Privacy Policy applies to personal data we process when you:

  • request information about our storage services;
  • enter into a storage agreement with us;
  • use our facilities, administrative services, or account management systems;
  • communicate with us by phone, email, in writing, or in person;
  • interact with us as an authorised contact, business customer, supplier representative, or visitor.

It covers both prospective and current customers, as well as certain other individuals whose data we may process in connection with the provision of our services.

2. Personal Data We Collect

We collect only the data needed to operate our services, meet legal obligations, and manage customer relationships effectively. Depending on your interactions with us, we may collect the following categories of data:

2.1 Identity and contact details

  • Full name
  • Residential or business address
  • Telephone number
  • Email address
  • Date of birth, where required for identity verification

2.2 Account and service information

  • Customer reference numbers
  • Storage unit details
  • Booking, tenancy, and payment records
  • Communication records relating to your account
  • Notes about service requests or special instructions

2.3 Financial information

  • Payment status
  • Transaction history
  • Billing records
  • Limited payment-related information needed to process charges

2.4 Security and access information

  • Entry logs
  • Access code records
  • CCTV images where used for security purposes
  • Incident reports, where applicable

2.5 Technical and usage data

  • Device or browser information if you use digital services
  • IP address and log data
  • Cookies or similar technologies used on relevant systems, where applicable

We do not intentionally collect special category data unless it is necessary and lawful to do so. If such data is provided by you incidentally, we will handle it with extra care and only where permitted by law.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide and administer storage services;
  • to verify identity and prevent fraud;
  • to manage contracts, bookings, payments, and account queries;
  • to maintain site security and protect property;
  • to monitor compliance with our terms and policies;
  • to communicate service updates, reminders, and operational notices;
  • to handle complaints, claims, or disputes;
  • to meet legal, tax, accounting, and regulatory obligations;
  • to improve our operations, systems, and customer service;
  • to exercise or defend legal rights where necessary.

We only process personal data where we have a valid reason to do so and where our use is compatible with the original purpose for which the data was collected.

4. Lawful Basis for Processing

Under data protection law, we must identify a lawful basis for each processing activity. Brentpark Storage relies on the following bases:

4.1 Performance of a contract

We process personal data where it is necessary to enter into or perform a storage agreement with you, including managing your account, providing access, and administering payments.

4.2 Legal obligation

We process data to comply with laws and regulations, such as accounting requirements, tax rules, fraud prevention, and lawful requests from authorities.

4.3 Legitimate interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests. This includes protecting our premises, preventing misuse, improving services, and managing ordinary business operations.

4.4 Consent

In limited situations, we may rely on your consent, for example for certain optional communications or processing activities. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

Important: We do not rely on consent where another lawful basis is more appropriate, such as when processing is required to fulfil our contract with you or comply with law.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting obligations.

Retention periods vary depending on the type of data and the reason for processing. In general:

  • customer account and contract records are kept for the duration of the relationship and for a reasonable period afterwards;
  • financial and tax records are retained in line with legal requirements;
  • security logs and access records are retained only as long as needed for safety, investigations, or operational purposes;
  • communications and complaint records are retained for as long as needed to resolve issues and demonstrate proper handling;
  • data held on the basis of consent is kept until consent is withdrawn or the purpose ends.

When data is no longer required, we will delete it or anonymise it securely. We may retain some information for longer where necessary to establish, exercise, or defend legal claims.

6. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for business operations, legal compliance, or service delivery. These third parties act as either independent controllers or processors acting on our instructions.

6.1 Processors we may use

  • IT and system support providers
  • Cloud storage and hosting providers
  • Payment processing services
  • Security and CCTV service providers
  • Accountancy, auditing, or administrative support providers
  • Professional advisers such as legal or insurance advisers

We require processors to:

  • process data only on our documented instructions;
  • keep data confidential and secure;
  • use appropriate technical and organisational safeguards;
  • assist with data subject requests where appropriate;
  • delete or return personal data when the service ends, unless retention is legally required.

We may also disclose data to law enforcement, regulators, courts, or other public authorities where we are legally required or permitted to do so.

7. Data Security

We use reasonable and appropriate security measures to protect personal data against unauthorised access, loss, destruction, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, limited data access, and monitoring of systems and premises.

Although we take security seriously, no method of transmission or storage is completely secure. Where a personal data breach occurs and we are legally required to do so, we will notify affected individuals and relevant authorities.

8. Your Rights Under Data Protection Law

Subject to legal limits and exemptions, you have the following rights in relation to your personal data:

  • Right of access - to request a copy of the personal data we hold about you;
  • Right to rectification - to ask us to correct inaccurate or incomplete data;
  • Right to erasure - to request deletion of your data in certain circumstances;
  • Right to restriction - to ask us to limit processing in certain situations;
  • Right to object - to object to processing based on legitimate interests or direct marketing;
  • Right to data portability - to receive certain data in a structured, commonly used format;
  • Right to withdraw consent - where processing is based on consent;
  • Right to complain - to a supervisory authority if you believe your rights have been infringed.

We will respond to valid requests within the timeframe required by law. In some cases, we may need to verify your identity before fulfilling a request.

9. Automated Decision-Making

We do not use fully automated decision-making that produces legal or similarly significant effects about you, unless we have informed you of it and it is lawful to do so. If this changes, we will provide clear information about the logic involved and the consequences for you.

10. International Data Transfers

If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place so that your data remains protected in line with applicable law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any revised version will apply from the date it is published or otherwise communicated. We encourage you to review it periodically.

12. Summary of Our Commitment

Brentpark Storage will only collect data that is necessary, process it fairly, retain it for appropriate periods, and use trusted processors under strict controls. We respect your privacy rights and aim to be transparent about how your information is handled. This Privacy Policy is intended to apply to all Brentpark Storage customers in the area, ensuring a consistent and lawful approach to data protection.

Call Now!
Call Now Get a Quote
Brentpark Storage

GDPR-compliant privacy policy for Brentpark Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.