Privacy Policy - Charingcross Storage

This Privacy Policy explains how Charingcross Storage collects, uses, stores, shares, and protects personal data when providing storage services to customers in our area. It applies to all Charingcross Storage customers in area, including prospective customers, account holders, authorised contacts, and individuals whose details are provided to us in connection with storage arrangements. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

For the purposes of data protection law, Charingcross Storage acts as the data controller for personal data collected in connection with our storage services, customer administration, billing, and security operations. This means we determine why and how personal data is processed. In some cases, we may also rely on trusted third-party processors who process personal data on our behalf and only under our instructions.

2. Information We Collect

We collect only the personal data that is necessary for running our storage business, meeting legal obligations, and managing our relationship with customers. Depending on the services used, we may collect the following categories of information:

  • Identity details such as full name, date of birth, and proof of identity information.
  • Contact details such as address, email address, and telephone number.
  • Account and contract details such as booking records, storage unit references, tenancy terms, payment status, and customer instructions.
  • Payment information such as billing records, transaction details, and partial payment card information handled through secure payment systems.
  • Access and security information such as entry logs, CCTV footage, alarm records, and site access records where applicable.
  • Communications such as emails, calls, notices, complaints, and service requests.
  • Vehicle or delivery details where relevant to site access, loading, unloading, or verification.
  • Special category data only where strictly necessary and where a lawful condition applies, for example if a customer voluntarily provides health information that affects access or emergency arrangements.

We may collect personal data directly from you, from authorised users you have named, from payment providers, from identity verification services, and from security systems operating on our premises.

3. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage storage accounts;
  • to verify identity and prevent fraud;
  • to process payments, invoices, refunds, and arrears;
  • to provide access to storage facilities and maintain security;
  • to communicate about bookings, renewals, changes, and service issues;
  • to comply with legal and regulatory obligations;
  • to protect our property, customers, and staff;
  • to resolve complaints, disputes, and claims;
  • to improve our services and maintain business records.

We do not use personal data in ways that are incompatible with the purposes for which it was collected, unless we have a lawful basis to do so.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each type of processing. We rely on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes account creation, identity checks, billing, access management, and providing the storage service you have requested.

Legal obligation

We process data where required to meet legal obligations, including tax rules, accounting requirements, fraud prevention, health and safety duties, and compliance with lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Our legitimate interests may include protecting the security of our premises, preventing unauthorised access, managing business operations, improving services, and defending legal claims.

Consent

In limited circumstances, we may rely on your consent, such as where optional marketing communications are offered. Where consent is used, you may withdraw it at any time, and this will not affect processing that has already occurred lawfully.

Vital interests and public task

These lawful bases are unlikely to apply in routine storage services, but may be used in exceptional situations where necessary to protect someone’s life or where required by a public authority.

5. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, security, and operational requirements. Retention periods are determined by the nature of the data and the purpose of processing.

  • Customer account and contract records are usually retained for the duration of the contract and for a further period where needed for legal or contractual claims.
  • Payment and invoicing records are retained in line with tax and accounting obligations.
  • Security logs and CCTV footage are retained for a limited period unless needed for investigation, enforcement, or legal proceedings.
  • Communications and complaints are retained as long as necessary to manage the enquiry and record the outcome.

When personal data is no longer required, we will delete it, anonymise it, or securely archive it in accordance with our retention procedures.

6. Sharing Your Data and Processors

We may share personal data with trusted third parties where necessary and lawful. These parties may act as processors or, in some cases, independent controllers. We only share the minimum amount of information needed for the specific purpose.

Typical processors and recipients may include:

  • IT and cloud service providers that host systems, manage backups, or support secure data storage;
  • payment processors that handle card or electronic transactions;
  • identity verification and fraud prevention providers used to confirm identity and reduce misuse;
  • security providers supporting CCTV, alarm systems, and access control;
  • professional advisers such as accountants, insurers, lawyers, or auditors;
  • regulators, law enforcement, and public authorities where disclosure is required by law or necessary to protect rights and safety.

Where we use processors, they are contractually required to process personal data only on our instructions, keep it secure, and comply with applicable data protection obligations.

7. International Transfers

If any service provider processes personal data outside the United Kingdom, we will ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms designed to protect your data to a standard consistent with UK GDPR.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, encryption, secure storage, staff training, monitoring, and incident response procedures. While no system is completely secure, we take reasonable steps to safeguard the information entrusted to us.

9. Your Rights

As a data subject, you have rights under UK GDPR in relation to your personal data. These rights may include:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restriction – to ask us to limit processing in certain cases;
  • Right to object – to object to processing based on legitimate interests;
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent – where processing is based on consent;
  • Right to complain – to raise concerns with the relevant supervisory authority if you believe your rights have been infringed.

These rights are not absolute and may be subject to legal exceptions. We may need to verify your identity before responding to a request.

10. Children’s Data

Our services are generally intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a customer’s lawful arrangement and provided by an adult with appropriate authority. If we become aware that we have collected child data inappropriately, we will take steps to delete or correct it.

11. Automated Decision-Making

We do not usually make decisions about customers solely by automated means that produce legal or similarly significant effects. If this changes, we will provide information about the logic involved, the significance of the processing, and your rights.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our business practices. The most current version will apply to your use of our services from the date it is published. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

13. Summary of Our Commitment

Charingcross Storage is committed to processing personal data responsibly, transparently, and securely. We collect only what is needed, use it for clear and lawful purposes, keep it only for as long as necessary, and work with processors that meet appropriate data protection standards. We also respect your rights and will handle requests in line with applicable law. This policy applies to all Charingcross Storage customers in area and forms part of our wider commitment to privacy and compliance.

Call Now!
Call Now Get a Quote
Charingcross Storage

GDPR-compliant privacy policy for Charingcross Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.