Privacy Policy - Uxbridge Storage

Uxbridge Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Uxbridge Storage customers in the area, including individuals, businesses, and anyone who uses our storage services, accesses our facilities, or communicates with us in connection with those services.

1. Scope of this Policy

This Policy applies to personal data processed by Uxbridge Storage in connection with our storage services, facility access, administrative operations, account management, billing, security, and customer support. It covers data collected directly from customers, data received from authorised third parties, and data generated through the use of our services.

We aim to process personal data in a way that is lawful, fair, transparent, and proportionate. We collect only what is necessary for clearly defined purposes and keep it only for as long as needed.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, title, date of birth, and identification details where required for verification.
  • Contact data: address, email address, phone number, and billing or correspondence details.
  • Account data: storage unit details, rental history, payment records, access logs, and service preferences.
  • Financial data: payment card information, bank details, invoicing information, and transaction records.
  • Security data: CCTV recordings, access control records, gate entry logs, and incident reports.
  • Communication data: enquiries, complaints, support requests, and other communications.
  • Technical data: device information, IP addresses, browser data, and usage data if you interact with our digital systems.

In limited circumstances, we may also process information relating to authorised representatives, emergency contacts, or individuals connected to a business customer. We do not intentionally collect special category data unless it is required for a specific legal or operational purpose and we have an appropriate lawful basis.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to register and manage customer accounts;
  • to provide storage services and manage unit access;
  • to process payments, refunds, and invoices;
  • to verify identity and prevent fraud;
  • to maintain security and protect our premises, staff, and customers;
  • to respond to enquiries, complaints, and support requests;
  • to meet legal, regulatory, tax, and accounting obligations;
  • to manage disputes, claims, and insurance matters;
  • to improve our operations, services, and security procedures.

We do not use customer data for purposes that are incompatible with the reasons it was collected unless permitted by law or supported by a valid lawful basis.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis to process personal data. Depending on the context, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, providing access to your unit, billing for services, and managing your customer relationship.

Legal Obligation

We may process personal data where required to comply with a legal obligation, such as tax rules, accounting standards, fraud prevention, record-keeping requirements, or lawful requests from public authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. These interests include site security, preventing misuse of our services, improving efficiency, managing business operations, and defending legal claims. Where we rely on this basis, we assess the impact on individuals and limit processing to what is necessary and proportionate.

Consent

In limited cases, we may rely on your consent, for example where certain optional communications or specific data uses require it. If we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting requirements. Retention periods depend on the type of information and the reason we hold it.

  • Customer account and contract records: retained for the duration of the relationship and for a reasonable period afterwards.
  • Payment and financial records: retained for the period required by tax and accounting law.
  • Security and access records: retained for a limited period, unless needed longer for an investigation, claim, or legal obligation.
  • Enquiry and correspondence records: retained as long as needed to handle the matter and maintain business records.

When data is no longer required, we securely delete, anonymise, or destroy it. We apply appropriate retention controls to reduce unnecessary storage of personal information.

6. Processors and Third Parties

We may share personal data with trusted third parties who act as processors or independent controllers, but only where necessary and under appropriate safeguards. These may include:

  • payment providers for processing transactions;
  • IT and system providers for hosting, maintenance, backup, and security;
  • security and monitoring providers supporting site protection and incident response;
  • professional advisers such as accountants, auditors, insurers, or legal advisers;
  • debt recovery or dispute resolution services where lawfully required;
  • public authorities or regulators where disclosure is required by law.

Where a third party acts as a processor, it processes personal data only on our instructions and under a contract requiring confidentiality, security, and compliance with data protection law. If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place.

7. Data Security

We use technical and organisational measures designed to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access restrictions, staff training, secure storage, encryption where appropriate, and monitoring of systems and premises. Although no system is completely secure, we take reasonable and proportionate steps to protect the information we hold.

8. Your Rights

Subject to applicable law, you have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data protection rights have been infringed. Before doing so, we encourage you to raise any concerns with us so we can try to resolve them.

9. Children’s Data

Our services are generally intended for adults and business users. We do not knowingly collect personal data from children unless it is necessary and lawful in a specific situation, such as where a parent or legal guardian provides details for an authorised purpose. If we learn that we have collected data improperly, we will take appropriate steps to delete or correct it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this Policy periodically to stay informed about how their data is handled.

11. Summary of Our Commitment

Uxbridge Storage respects your privacy and treats personal data with care. We collect only the information needed to provide and secure our services, use it under a valid lawful basis, retain it only as long as necessary, and share it only with appropriate processors or other parties where justified. This Policy applies to all Uxbridge Storage customers in the area. Our aim is to ensure transparency, accountability, and compliance with data protection law at every stage of our service.

Call Now!
Call Now Get a Quote
Uxbridge Storage

GDPR-compliant Privacy Policy for Uxbridge Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.