Privacy Policy - Erith Storage

This Privacy Policy explains how Erith Storage collects, uses, stores, shares, and protects personal data. It applies to all Erith Storage customers in the area, including prospective customers, current customers, and former customers who have used or enquired about our storage services. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to any individual whose personal data we process in connection with our storage services. This includes people who:

  • make an enquiry about storage services;
  • book or use a storage unit;
  • make payments or receive invoices;
  • communicate with us by phone, email, online forms, or in person;
  • visit our premises or access our facilities;
  • are authorised contacts, emergency contacts, or business representatives linked to a storage account.

We only process personal data where we have a valid reason to do so and where we have a lawful basis under data protection law.

2. Data we collect

We may collect and process different categories of personal data depending on how you interact with us. This may include:

Identity and contact information

  • full name;
  • address;
  • telephone number;
  • email address;
  • date of birth where needed for identity checks or account verification.

Account and transaction information

  • customer account details;
  • storage unit reference numbers;
  • payment records;
  • billing information;
  • invoice history;
  • service usage history;
  • communications about your account or storage arrangement.

Verification and security information

  • photographic identification or document details where required;
  • vehicle registration information;
  • access logs, key code activity, or entry records;
  • CCTV images where our premises are monitored for security and crime prevention;
  • incident reports relating to safety, damage, or suspicious activity.

Technical and usage data

  • device or browser information when you use digital services;
  • IP address and log files;
  • interaction data from online forms or emails;
  • preferences and service choices.

We do not intentionally collect more personal data than is necessary. We do not seek to collect special category data unless it is required for a specific lawful purpose, and where this happens we apply additional safeguards.

3. How we use your data

We use personal data to manage our business and provide storage services effectively. This includes:

  • creating and managing customer accounts;
  • processing bookings and payments;
  • verifying identity and preventing fraud;
  • communicating with you about your storage agreement;
  • responding to enquiries, complaints, and requests;
  • maintaining safety, security, and access control;
  • meeting legal, regulatory, tax, accounting, and insurance obligations;
  • protecting our property, customers, staff, and visitors;
  • defending legal claims or managing disputes;
  • improving our services, systems, and customer experience.

Where we use CCTV or access logs, this is done for legitimate security purposes, including the prevention and detection of crime and the protection of premises.

4. Lawful basis for processing

Under UK GDPR, we must have a lawful basis for each type of processing. Depending on the situation, Erith Storage relies on one or more of the following:

Contract

We process data when it is necessary to enter into or perform a contract with you. This includes setting up accounts, managing storage use, collecting payment, and providing services you have requested.

Legal obligation

We process data where necessary to comply with legal requirements, such as tax rules, accounting obligations, identity verification duties, fraud prevention obligations, or responding to lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. This may include service management, security, CCTV monitoring, facility protection, fraud detection, and internal administration. We always assess whether such processing is proportionate and necessary.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications or preferences. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. How and why we share data

We may share personal data with carefully selected third parties, but only where necessary and with appropriate safeguards. These may include:

  • payment providers that handle card or electronic payments;
  • IT and software providers who support our systems, record keeping, and security;
  • accounting and professional advisers for financial, audit, legal, or compliance purposes;
  • security service providers supporting surveillance, access control, or incident response;
  • insurers and claims handlers where required for policy administration or incident management;
  • regulators, courts, law enforcement, or public authorities where disclosure is required by law or necessary to protect rights and safety.

We do not sell personal data. If processors handle data on our behalf, they do so under written agreements and only on our instructions. They are required to protect data and to use it only for the purposes we specify.

6. Processors and safeguards

Where we engage data processors, we choose providers that offer appropriate technical and organisational safeguards. These may include encryption, access controls, audit logs, secure storage, staff training, and confidentiality obligations. Processors may only act on our instructions and must not use your personal data for their own purposes.

We take steps to ensure that any transfer of data outside the UK, if it occurs, is protected by appropriate legal mechanisms such as adequacy regulations or contractual safeguards.

7. Data retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods vary depending on the type of data and the reason for processing. In general:

  • customer account and contract records may be retained for the duration of the relationship and for a reasonable period afterward;
  • financial and transaction records are usually kept for the periods required by tax and accounting law;
  • security records and access logs are kept only as long as needed for safety, incident handling, and crime prevention;
  • CCTV footage is retained for a limited period unless needed for an investigation or legal claim;
  • enquiry records may be retained for follow-up, service improvement, or record-keeping purposes.

When data is no longer required, we delete it securely or anonymise it so that it can no longer identify you.

8. Your rights

Under data protection law, you have a number of rights in relation to your personal data. These may include:

  • the right to be informed about how your data is used;
  • the right of access to obtain a copy of your personal data;
  • the right to rectification to correct inaccurate or incomplete data;
  • the right to erasure in certain circumstances;
  • the right to restrict processing in certain situations;
  • the right to data portability where processing is based on consent or contract and carried out by automated means;
  • the right to object to processing based on legitimate interests or direct marketing;
  • rights related to automated decision-making, where applicable.

These rights are not absolute and may be subject to legal limits or exemptions. If we need to verify your identity before responding to a request, we may ask for additional information. We aim to respond within the time limits required by law.

9. Security of your data

We use reasonable technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, secure systems, staff confidentiality duties, and monitoring of relevant facilities. While we work hard to protect data, no system can be guaranteed to be completely secure.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain aware of how we process personal data.

11. Contact and complaints

If you have questions about this Privacy Policy, wish to exercise your rights, or are concerned about how your data has been handled, you can raise the matter through our usual customer service channels. You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

Last updated: This Privacy Policy is intended to provide a clear and lawful explanation of how Erith Storage handles personal data and to ensure that customers in the area understand their rights and our responsibilities.

Call Now!
Call Now Get a Quote
Erith Storage

GDPR-compliant Privacy Policy for Erith Storage covering data collection, lawful basis, retention, processors, user rights, and customer scope in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.