Privacy Policy - Selfstorage Ruislip

This Privacy Policy explains how Selfstorage Ruislip collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, visitors, and other individuals whose information we process. It applies to all Selfstorage Ruislip customers in the area, including anyone who enquires about, uses, or manages a storage unit or related services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy sets out what information we collect, why we collect it, the legal grounds we rely on, how long we keep it, who may process it on our behalf, and the rights available to you.

1. Information We Collect

We only collect personal data that is relevant and necessary for providing self storage services, managing accounts, fulfilling legal obligations, and operating our business efficiently. The types of information we may collect include:

  • Identity information: name, date of birth, and other identifying details.
  • Contact information: address, email address, telephone number, and emergency contact details where relevant.
  • Account and contract information: storage unit references, booking details, payment status, invoices, and agreement records.
  • Financial information: payment card details, billing records, and transaction confirmations. We do not normally store full card details unless required by the payment system used.
  • Usage information: access records, entry logs, CCTV footage, and site security records.
  • Communication records: emails, letters, call notes, complaint correspondence, and service enquiries.
  • Verification information: identity documents or proof of address where required for fraud prevention, compliance, or security.

We may also collect limited technical data when you interact with our digital systems, such as device identifiers, IP address, and system logs, where such data is necessary for security, troubleshooting, or service administration.

2. How We Use Your Personal Data

Selfstorage Ruislip uses personal data for the following purposes:

  • to assess enquiries and provide quotations;
  • to create and manage customer accounts and storage agreements;
  • to process payments, deposits, refunds, and outstanding balances;
  • to manage site access, security, and incident investigation;
  • to communicate with you about your account, services, or operational matters;
  • to maintain accurate business and financial records;
  • to comply with legal, regulatory, tax, insurance, and accounting obligations;
  • to prevent fraud, unauthorised access, theft, and misuse of facilities;
  • to defend legal claims and protect our legitimate business interests.

We will not use your personal data for purposes that are incompatible with those described in this policy unless required or permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Depending on the context, Selfstorage Ruislip may rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your account, providing storage, managing access, and handling payments.

Legal obligation

We may process and retain certain information to meet legal obligations, including accounting, tax, anti-fraud, and record-keeping requirements.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. Examples include site security, CCTV monitoring, fraud prevention, business administration, service improvement, and handling disputes. We always consider whether the processing is proportionate and whether less intrusive means are available.

Consent

In limited circumstances, we may rely on your consent, for example where you choose to receive certain optional communications. Where consent is used, you may withdraw it at any time. Withdrawal does not affect the lawfulness of processing carried out before the withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties who support our operations. These parties act as processors or independent controllers, depending on the service provided. We only share information where it is necessary, proportionate, and protected by appropriate contractual and security measures.

Processors may include:

  • Payment service providers for secure transaction processing;
  • IT and cloud service providers for hosting, email, storage, and system maintenance;
  • Security providers for CCTV, alarm monitoring, and access control;
  • Accountancy and auditing providers for financial management and statutory compliance;
  • Maintenance and facilities contractors where access to limited data is needed to carry out work;
  • Professional advisers such as lawyers, insurers, and consultants where required for advice or claims handling;
  • Public authorities where disclosure is required by law or necessary to protect rights, safety, or property.

All processors are required to handle personal data securely, use it only for specified purposes, and delete or return it when no longer needed. We do not sell personal data.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. The retention period depends on the type of record and why it is held.

  • Customer and contract records: retained for the duration of the agreement and for a reasonable period afterwards to manage queries, disputes, or claims.
  • Financial and tax records: retained for periods required by law and accepted accounting practice.
  • Security logs and CCTV footage: retained for a limited period unless needed for investigation, insurance, or legal action.
  • Enquiry records: retained only as long as necessary to respond to your request and assess potential services.

When data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures. Retention periods may vary depending on legal requirements and operational necessity.

6. Your Rights

As a data subject under the UK GDPR, you have a number of rights in relation to your personal data. These rights may be subject to legal limits and exemptions.

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate or incomplete data.
  • Right to erasure: in certain circumstances, you can ask us to delete your data.
  • Right to restriction: you can request that we limit how we use your data in certain situations.
  • Right to object: you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability: where applicable, you can request that we provide your data in a structured, commonly used format.
  • Right to withdraw consent: if processing is based on consent, you may withdraw it at any time.

We will respond to valid rights requests within the legal time limits. To protect your privacy, we may need to verify your identity before acting on a request.

7. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, encryption where suitable, staff confidentiality obligations, and regular review of security practices.

Although we work hard to safeguard your information, no system can be guaranteed completely secure. We will act promptly and in accordance with legal requirements if a data breach occurs.

8. International Transfers

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent legal protections. We only permit international transfers where the recipient can provide an appropriate level of data protection.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. Any revised version will apply from the date it is issued. We encourage customers to review this policy periodically so they remain informed about how their information is used.

10. General Principle

Selfstorage Ruislip is committed to processing personal data in a way that is lawful, transparent, and limited to what is necessary. We aim to ensure that all information is handled responsibly and that our customers understand how and why their data is used. If we change the way we process data in a significant way, we will take appropriate steps to inform affected individuals where required.

This Privacy Policy applies to all Selfstorage Ruislip customers in the area.

Call Now!
Call Now Get a Quote
Selfstorage Ruislip

GDPR-compliant Privacy Policy for Selfstorage Ruislip covering data collection, lawful basis, retention, processors, user rights, and area-wide applicability.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.