Privacy Policy - Belgravia Storage

Belgravia Storage is committed to protecting the privacy and security of personal data. This Privacy Policy explains how we collect, use, share, store, and protect personal information in connection with our storage services. It applies to all Belgravia Storage customers in the area, including prospective customers, current customers, former customers, and any individual who interacts with us in relation to our services.

1. Who We Are

For the purposes of data protection law, Belgravia Storage acts as the data controller for the personal data described in this Privacy Policy. This means we decide how and why your personal information is processed. We take our responsibilities under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 seriously and aim to process personal data fairly, lawfully, and transparently.

2. Personal Data We Collect

We collect and process only the personal data necessary to provide and manage our storage services, operate our business, and meet legal obligations. The categories of information we may collect include:

  • Identity information: name, title, date of birth, and similar identifying details.
  • Contact information: address, email address, phone number, and emergency or alternative contact details where provided.
  • Account and contract details: rental agreements, customer reference numbers, start and end dates, unit details, payment status, and service preferences.
  • Payment information: bank details, card information, billing records, and transaction history.
  • Security and access information: key fob or access code data, entry logs, CCTV recordings, alarm records, and site visit records.
  • Communication records: emails, letters, phone call notes, complaints, service requests, and other correspondence.
  • Technical information: limited information such as IP address or device data if you interact with our digital systems.
  • Verification information: identity documents or proof of address where needed for fraud prevention, legal compliance, or contract setup.

We do not intentionally collect special category data unless it is provided by you and there is a lawful reason to process it. If such data is received accidentally, we will handle it carefully and only retain it where necessary and lawful.

3. How We Collect Personal Data

We collect personal data directly from you when you:

  • apply for or sign a storage agreement;
  • make payments or set up billing arrangements;
  • communicate with us by phone, email, or in writing;
  • access our premises or use our security systems;
  • submit a complaint, enquiry, or request;
  • participate in identity checks or other verification steps.

We may also receive personal data from third parties such as payment providers, credit reference agencies, fraud prevention services, insurers, legal advisers, enforcement bodies, or representatives acting on your behalf. Where relevant, CCTV and access control systems may collect information automatically when you enter or leave our premises.

4. Why We Use Your Personal Data

We process personal data for the following purposes:

  • to create and manage customer accounts;
  • to provide storage space and related services;
  • to handle payments, invoices, refunds, and account administration;
  • to verify identity and prevent fraud;
  • to monitor site security and protect customers, staff, and property;
  • to deal with enquiries, complaints, and disputes;
  • to comply with legal and regulatory obligations;
  • to enforce contracts and protect our legitimate business interests;
  • to maintain business records and support operational planning.

5. Lawful Basis for Processing

We only process personal data where we have a valid lawful basis under data protection law. Depending on the context, we may rely on one or more of the following bases:

Contract

We process your data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access, taking payments, and delivering services under your rental agreement.

Legal Obligation

We may process personal data where necessary to comply with legal requirements, including accounting rules, tax obligations, health and safety duties, fraud prevention requirements, and responses to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests may include securing our premises, managing risk, investigating misuse, improving services, preventing crime, and defending legal claims.

Consent

In limited situations, we may rely on your consent. Where we do so, you have the right to withdraw consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.

6. Sharing Your Personal Data

We do not sell personal data. We may share information where necessary and appropriate with trusted third parties who help us operate our business. These may include:

  • Payment service providers who process card, bank, or other transactions;
  • IT and cloud service providers who host systems, store records, or support communications;
  • Security providers who maintain CCTV, access control, or alarm systems;
  • Professional advisers such as lawyers, accountants, auditors, and insurers;
  • Government bodies, regulators, and law enforcement where disclosure is required by law or necessary to protect rights and safety;
  • Debt recovery or enforcement partners where a customer account is in arrears or contract enforcement is needed.

All processors are required to handle personal data in accordance with data protection law, to use it only for specified purposes, and to maintain appropriate security measures. Where we engage processors, we remain responsible for ensuring that your data is protected.

7. International Transfers

In some cases, personal data may be processed outside the United Kingdom. If this happens, we will take appropriate steps to ensure your information receives an adequate level of protection, using approved safeguards such as standard contractual clauses or equivalent legal mechanisms where required.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, reporting, and dispute-resolution requirements. Retention periods may vary depending on the type of data and our obligations. In general:

  • customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards;
  • financial and transaction records are kept for the periods required by tax and accounting law;
  • security records, including CCTV footage, are retained only for as long as needed for security, incident review, or investigation;
  • correspondence and complaint records may be retained while the matter is active and for a period afterwards to support audits or legal defence.

When personal data is no longer needed, we will delete, anonymise, or securely destroy it. We aim to keep data no longer than necessary.

9. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access restrictions, encryption, secure storage, staff training, monitoring of systems, and physical security controls. While no system can be guaranteed to be completely secure, we work to maintain a level of protection appropriate to the risk.

10. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights are not absolute and may be subject to legal exceptions or limitations. They include:

  • Right of access: to request a copy of the personal data we hold about you;
  • Right to rectification: to ask us to correct inaccurate or incomplete data;
  • Right to erasure: to request deletion of your data in certain circumstances;
  • Right to restriction: to ask us to limit how we use your data in certain cases;
  • Right to object: to object to processing based on legitimate interests or direct marketing;
  • Right to data portability: to receive certain data in a structured, commonly used, machine-readable format;
  • Right to withdraw consent: where processing is based on consent;
  • Right to lodge a complaint: with the relevant data protection authority if you believe your rights have been infringed.

If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits set by law and will explain if any limitation applies.

11. Automated Decision-Making

We do not generally use automated decision-making that produces legal or similarly significant effects. If this position changes, we will update this Privacy Policy and provide appropriate information about the logic involved, the significance of the processing, and any rights you may have.

12. Children’s Data

Our storage services are not directed at children, and we do not knowingly collect personal data from children except where necessary in relation to an adult customer’s account or where required by law. If we become aware that we have collected children’s data inappropriately, we will take steps to delete it where lawful and practical.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

14. Summary of Our Commitment

Belgravia Storage will always aim to process personal data in a fair, transparent, and secure manner. We collect only what we need, use it for clear and lawful purposes, retain it for appropriate periods, and respect the rights of every customer. Our approach is guided by accountability, necessity, and respect for privacy.

Call Now!
Call Now Get a Quote
Belgravia Storage

GDPR-compliant privacy policy for Belgravia Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.