Privacy Policy - Selfstorage Barnes

This Privacy Policy explains how Selfstorage Barnes collects, uses, stores, shares, and protects personal data in connection with our self storage services. It applies to all Selfstorage Barnes customers in the area, including prospective customers, current customers, former customers, and any individual who interacts with us in relation to an account, reservation, enquiry, or storage agreement.

We are committed to processing personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We only collect and use personal data where we have a valid legal basis and we keep it only for as long as necessary for the purposes set out in this policy.

1. Personal Data We Collect

We may collect and process different categories of personal data depending on how you use our services. The types of data we collect may include:

  • Identity data such as your name, title, and date of birth where required.
  • Contact data such as your address, email address, and telephone number.
  • Account and contract data such as storage unit details, booking records, agreement information, payment status, and service history.
  • Financial data such as billing details, payment confirmations, and transaction records. We do not normally store full card information where payment processing is handled securely by a payment provider.
  • Identification and verification data where we are required to verify identity for security, fraud prevention, or legal compliance.
  • Access and security data such as CCTV records, access logs, alarm records, and visitor logs where applicable.
  • Communication data such as correspondence, enquiries, complaints, and feedback.
  • Technical data such as IP address, device information, and usage data if you interact with our digital systems or forms.

We may also collect information from third parties where necessary, including payment processors, identity verification providers, fraud prevention services, insurers, or public authorities. Where relevant, we may also receive information from a person acting on your behalf, such as an authorised representative.

2. How We Use Personal Data

We use personal data only for specific and legitimate purposes, including:

  • creating and managing storage accounts and contracts;
  • verifying identity and preventing misuse, fraud, or unauthorised access;
  • processing payments, refunds, and account administration;
  • communicating with you about your booking, account, or storage unit;
  • maintaining site security and protecting our premises, customers, staff, and property;
  • meeting legal, regulatory, tax, accounting, and insurance obligations;
  • resolving disputes, enforcing contractual rights, and managing claims;
  • improving our services, systems, and customer experience;
  • handling complaints and responding to enquiries;
  • sending service-related updates where permitted by law.

We do not use personal data for purposes that are incompatible with the original reasons for collection unless we have a lawful basis to do so and, where required, we notify you.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for every processing activity. Depending on the circumstance, we rely on one or more of the following bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, processing payments, providing access, and administering your account.

Legal Obligation

We may process data where necessary to comply with legal duties, including accounting records, tax compliance, safeguarding, fraud prevention, and responses to lawful requests from authorities.

Legitimate Interests

We may process data for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests include protecting our site, preventing fraud, improving operations, managing risk, and defending legal claims.

Consent

In limited cases, we may rely on your consent, for example for optional marketing communications or certain non-essential uses of data. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests and Public Task

These bases are unlikely to apply in routine storage services, but we may use them if necessary in exceptional circumstances, such as to protect someone’s life or comply with a legal public duty.

4. Data Sharing and Processors

We may share personal data with trusted third parties where necessary to operate our services and meet our obligations. These third parties act as processors or, in some cases, independent controllers. We ensure appropriate contracts and safeguards are in place before sharing data.

Typical processors and service providers may include:

  • Payment processors who handle secure payment transactions and related fraud controls;
  • IT and cloud service providers who host, maintain, or support our systems and data storage;
  • Security providers who assist with CCTV, alarm monitoring, access control, and site protection;
  • Identity verification and fraud prevention services used to confirm identity or reduce misuse;
  • Professional advisers such as accountants, auditors, legal advisers, and insurers;
  • Maintenance and operational contractors who may need limited access to carry out work;
  • Public authorities, regulators, or law enforcement where disclosure is required by law or necessary to protect rights, safety, or security.

We do not sell your personal data. If we share data with a processor, they may only act on our instructions and must keep the information secure and confidential.

5. Retention of Personal Data

We retain personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, and reporting requirements. Retention periods may vary depending on the type of record and why it is held.

  • Contract and account records are usually retained for the duration of the customer relationship and for a period afterwards to manage claims, disputes, and record-keeping obligations.
  • Payment and financial records are generally retained for the period required by tax and accounting law.
  • Security records such as access logs and CCTV footage are kept only for as long as necessary for safety, monitoring, incident investigation, or legal purposes.
  • Enquiry and correspondence records are retained for a reasonable period to support service administration and complaint handling.

When data is no longer needed, it is securely deleted, anonymised, or destroyed in line with our retention procedures.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, password protections, encryption where appropriate, staff training, secure disposal, and physical security controls at our premises.

While no system can be guaranteed to be completely secure, we take data protection seriously and review our safeguards regularly to reduce risk.

7. Your Rights Under Data Protection Law

You have a number of rights in relation to your personal data. These rights may be subject to legal limitations and exemptions, but we will always consider your request carefully.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete data.
  • Right to erasure – you can ask us to delete personal data in certain circumstances.
  • Right to restriction – you can ask us to limit how we use your data in certain situations.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability – you can request your data in a structured, commonly used format in some cases.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to complain to the relevant data protection authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve the matter promptly and fairly.

8. Automated Decision-Making

We do not normally use automated decision-making that produces legal or similarly significant effects about you. If this position changes, we will provide appropriate information about how decisions are made and the rights available to you.

9. Children’s Data

Our services are generally intended for adults. We do not knowingly collect personal data from children except where necessary in connection with a contract or where a parent, guardian, or authorised adult provides information on their behalf.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, operational practices, or the way we process personal data. Any updates will apply from the date they are published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their data is used.

11. Summary of Our Commitments

Selfstorage Barnes is committed to keeping personal data secure, using it only for lawful purposes, retaining it only as long as needed, and respecting the rights of every customer. We process data transparently, use trusted processors under appropriate safeguards, and apply this policy to all Selfstorage Barnes customers in the area.

This policy is intended to provide clear information about our data handling practices and to support compliance with applicable data protection laws.

Call Now!
Call Now Get a Quote
Selfstorage Barnes

GDPR-compliant privacy policy for Selfstorage Barnes covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.