Privacy Policy - Lowerclapton Storage

Last updated: This Privacy Policy explains how Lowerclapton Storage collects, uses, stores, shares, and protects personal data in accordance with the UK GDPR and the Data Protection Act 2018.

This policy applies to all Lowerclapton Storage customers in the area, including individuals and businesses using storage services, making enquiries, or otherwise interacting with our services.

1. Who We Are

Lowerclapton Storage is a storage services provider that processes personal data in connection with customer accounts, reservations, payments, security, access control, and service administration. For the purposes of data protection law, we act as the data controller for the personal data described in this policy, unless we clearly state otherwise.

We are committed to handling personal data fairly, lawfully, and transparently. We only collect information that is relevant and necessary for providing storage services, protecting our site and customers, meeting legal obligations, and managing our business operations.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: full name, date of birth, and identification details where required for verification.
  • Contact data: address, email address, telephone number, and correspondence details.
  • Account and service data: storage unit details, booking information, access permissions, account history, and service preferences.
  • Payment data: billing address, payment status, transaction records, and limited payment-related information processed through payment providers.
  • Security and access data: entry logs, access times, key or code usage, CCTV images where applicable, and incident records.
  • Communications data: messages, calls, complaints, claims, and other interactions with us.
  • Technical data: device and usage information where collected through digital systems, such as IP address, browser type, or system logs.
  • Legal and compliance data: records needed to comply with tax, contractual, insurance, fraud prevention, and regulatory obligations.

We generally do not seek to collect special category data. If such data is inadvertently provided, we will only process it where permitted by law and only to the extent necessary.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to register customers and manage storage accounts;
  • to verify identity and prevent fraudulent or unlawful use of our services;
  • to provide, maintain, and administer storage services;
  • to process payments, issue invoices, and manage debt recovery where needed;
  • to manage access to storage facilities and protect the security of customers, staff, and property;
  • to respond to enquiries, complaints, and support requests;
  • to comply with legal and regulatory obligations;
  • to enforce contracts, terms of service, and site rules;
  • to detect and prevent crime, misuse, or unauthorised access;
  • to maintain records for business, tax, audit, and insurance purposes.

We only use personal data for the purposes for which it was collected unless we reasonably believe another compatible purpose applies and is lawful.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the purpose, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as creating an account, managing your storage unit, taking payment, or providing customer support.

Legal obligation

We may process data where required to meet legal duties, including tax and accounting requirements, fraud prevention, insurance obligations, or responding to lawful requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided your rights do not override those interests. These interests include protecting our premises, preventing misuse, improving service delivery, managing customer relationships, and maintaining business records. When we rely on legitimate interests, we ensure that the processing is proportionate and respectful of privacy.

Consent

In limited cases, we may rely on your consent, for example where consent is the most appropriate basis for specific optional communications or services. Where we rely on consent, you may withdraw it at any time.

5. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary and lawful. These parties act either as our processors or as independent controllers.

Processors are service providers that process data on our behalf and only under our instructions. We may use processors for:

  • payment processing;
  • IT hosting and cloud storage;
  • email and communication systems;
  • customer relationship management;
  • security monitoring and access systems;
  • professional services such as accounting, legal, or audit support.

All processors are required to protect personal data through appropriate contractual and technical safeguards. They may not use the data for their own purposes.

We may also disclose data where necessary to:

  • law enforcement or regulatory authorities;
  • courts, tribunals, or legal advisers;
  • insurers or claim handlers;
  • debt recovery or fraud prevention providers;
  • property owners or managing agents where required for site operation or legal compliance.

We do not sell personal data.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes described in this policy, or as required by law. Retention periods vary depending on the type of information and the reason it was collected.

In general:

  • Customer account and contract records are retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Payment and invoicing records are kept for the period required by tax and accounting laws.
  • Security logs and CCTV-related records are kept only as long as necessary for safety, incident management, or investigation purposes.
  • Complaints and correspondence are retained for as long as needed to resolve the matter and demonstrate compliance.
  • Legal claims or dispute records may be kept until the matter is fully resolved and any applicable limitation period has expired.

When personal data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

7. International Transfers

If any personal data is transferred outside the UK, we will ensure appropriate safeguards are in place in line with applicable data protection requirements. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We take care to ensure that transferred data remains protected to a standard equivalent to UK data protection law.

8. Data Security

We use a range of technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, encrypted systems where appropriate, secure storage, staff training, and restricted internal access on a need-to-know basis.

However, no system is completely secure. While we take reasonable steps to protect your information, we cannot guarantee absolute security.

9. Your Rights

Depending on the circumstances and the legal basis for processing, you may have the following rights under data protection law:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain situations.
  • Right to restriction: to ask us to limit how we use your data in certain circumstances.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You may also have rights relating to automated decision-making if such processing is used, although we do not routinely rely on solely automated decisions that produce legal or similarly significant effects.

If you exercise any of these rights, we may need to verify your identity before responding. In some cases, legal obligations or legitimate interests may mean that we cannot fully comply with a request, but we will always explain our decision.

10. Complaints and Supervisory Authority

If you have concerns about how we handle personal data, we encourage you to raise them with us first so we can try to resolve the issue. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) or another relevant supervisory authority.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our services. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

Summary statement: Lowerclapton Storage processes personal data lawfully, securely, and transparently for storage services, with clear retention limits, trusted processors, and rights for customers in the area.

Call Now!
Call Now Get a Quote
Lowerclapton Storage

GDPR-compliant Privacy Policy for Lowerclapton Storage covering data collection, lawful basis, retention, processors, user rights, and applicability to all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.