Privacy Policy - Cambridgeheath Storage

Cambridgeheath Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our storage services, visit our premises, communicate with us, or otherwise interact with us. It also explains the rights you have under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to all Cambridgeheath Storage customers in area, including individual customers, business customers, account holders, authorised users, and prospective customers who enquire about our services. By using our services, you acknowledge the practices described in this policy.

1. Personal Data We Collect

We collect only the personal data necessary to operate our storage services, manage customer accounts, maintain security, meet legal obligations, and improve service quality. The categories of data we may collect include:

  • Identity details: name, title, date of birth, and identification information where required.
  • Contact details: postal address, email address, telephone number, and billing address.
  • Account and service information: customer number, storage unit details, rental dates, payment history, access records, and correspondence related to your account.
  • Financial information: payment card details, bank details, invoices, and transaction records, where needed for billing and refunds.
  • Security and access data: CCTV footage, entry logs, gate or key access records, and incident reports.
  • Communications: emails, phone calls, messages, complaints, queries, and any supporting documents you choose to provide.
  • Technical data: limited device and usage information if you interact with digital systems we use to manage bookings or accounts.

We generally collect personal data directly from you. In some cases, we may receive information from third parties such as payment processors, referees, insurers, recovery agents, legal advisers, or public authorities, where lawful and necessary.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage storage agreements;
  • to provide access to storage units and related services;
  • to process payments, refunds, and account administration;
  • to verify identity and prevent fraud;
  • to maintain security, including monitoring premises and investigating incidents;
  • to communicate with you about your account, notices, or service changes;
  • to handle complaints, disputes, and claims;
  • to comply with legal, regulatory, insurance, and tax obligations;
  • to improve our services, systems, and customer experience;
  • to defend our legal rights and enforce agreements where necessary.

We will only use your personal data where we have a lawful basis to do so. We do not use your data in ways that are incompatible with the purposes described above.

3. Lawful Basis for Processing

Under data protection law, we must identify a lawful basis for each processing activity. Cambridgeheath Storage relies on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a storage contract with you. This includes managing your account, providing access, taking payments, and communicating about your service.

Legal Obligation

We may process personal data to comply with laws and regulations, including accounting, tax, security, fraud prevention, and responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting our property, monitoring security, preventing misuse, improving operations, and managing customer relationships.

Consent

In limited cases, we may ask for your consent, for example for certain optional communications or specific uses of information. Where consent is relied upon, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties, but only when necessary and only with appropriate safeguards in place. These third parties may act as data processors or independent controllers depending on the service they provide.

Examples of processors and service providers may include:

  • Payment processors: to handle card payments, direct debits, and refunds;
  • IT and cloud service providers: to host systems, store records, and support secure communications;
  • Security providers: to support CCTV, alarm systems, access control, and incident management;
  • Professional advisers: such as accountants, insurers, auditors, and legal advisers;
  • Debt recovery or collections partners: where accounts become overdue and action is required;
  • Maintenance and property contractors: where access is needed for repairs, safety checks, or operational support;
  • Public authorities and regulators: where disclosure is required by law or to protect rights and safety.

All processors are required to handle personal data in accordance with written agreements and applicable data protection law. We do not sell your personal data.

5. International Transfers

If any service provider processes personal data outside the United Kingdom, we ensure appropriate safeguards are in place, such as adequacy regulations, approved contractual clauses, or other lawful transfer mechanisms. These safeguards are designed to protect your information to a standard consistent with UK data protection requirements.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, security, and contractual obligations. Retention periods vary depending on the type of data and the reason for processing.

In general:

  • customer account records are retained for the duration of the relationship and for a reasonable period afterwards;
  • financial and invoicing records are retained for periods required by tax and accounting law;
  • security records, including CCTV and access logs, are kept only as long as necessary for security and incident management, unless needed longer for investigations or legal claims;
  • complaints, disputes, and correspondence may be retained until the matter is resolved and for a further period where required to defend legal claims.

When data is no longer needed, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, system monitoring, and restricted use of information. While no system can be guaranteed completely secure, we continually review our safeguards and take reasonable steps to protect the information entrusted to us.

8. Your Rights Under Data Protection Law

You have a number of rights in relation to your personal data. These rights apply subject to legal limits and exemptions. They include:

  • Right of access: you may request a copy of the personal data we hold about you;
  • Right to rectification: you may ask us to correct inaccurate or incomplete information;
  • Right to erasure: you may request deletion of your data in certain circumstances;
  • Right to restrict processing: you may ask us to limit how we use your data in certain situations;
  • Right to object: you may object to processing based on legitimate interests or direct marketing;
  • Right to data portability: you may request certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time;
  • Right to complain: you may raise concerns with the relevant data protection authority if you believe your rights have been infringed.

We may need to verify your identity before responding to a request. We will respond within the time limits required by law and will not normally charge a fee unless a request is manifestly unfounded or excessive.

9. Children’s Data

Our storage services are not directed at children, and we do not knowingly collect personal data from children except where necessary and lawful in connection with a customer account or legal obligation. If we become aware that we have collected data unlawfully, we will take appropriate steps to delete or protect it.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

11. Summary of Key Principles

Cambridgeheath Storage will only collect personal data that is relevant and necessary, use it fairly and lawfully, keep it secure, share it only where needed, and retain it only for as long as required. We are committed to respecting privacy and ensuring that all Cambridgeheath Storage customers in area can use our services with confidence.

By using Cambridgeheath Storage services, you acknowledge that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Cambridgeheath Storage

GDPR-compliant Privacy Policy for Cambridgeheath Storage covering data collection, lawful basis, processors, retention, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.