Privacy Policy - Brentcross Storage

This Privacy Policy explains how Brentcross Storage collects, uses, stores, shares, and protects personal data. It applies to all Brentcross Storage customers in the area, including individuals who enquire about, book, access, pay for, or otherwise use our storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Brentcross Storage provides self-storage and related services to customers in the local area. For the purposes of data protection law, we act as the data controller for the personal information we collect and use about customers, prospective customers, visitors, and other individuals whose data we process in connection with our business.

2. Information We Collect

We collect only the personal data necessary to provide our services, manage our relationship with you, operate our business, and comply with legal obligations. The information we may collect includes:

  • Identity details such as your name, date of birth, and proof of identity where required;
  • Contact details such as address, telephone number, and email address;
  • Account and service details including booking information, storage unit references, access permissions, rental history, and service preferences;
  • Payment information such as billing details and transaction records;
  • Security and access information such as entry logs, CCTV recordings, and records of access to storage facilities;
  • Communications including emails, letters, call notes, complaints, feedback, and other correspondence;
  • Technical information where applicable, such as device or browser data collected through our systems or website tools used for service management;
  • Emergency or special instructions you provide to us for handling your account or stored items.

We do not intentionally collect special category data unless you choose to provide it or it is necessary for a specific legal or operational reason. If such data is processed, we will only do so where a valid lawful basis exists and appropriate safeguards are in place.

3. How We Collect Your Data

We may collect personal data directly from you when you:

  • make an enquiry or request a quotation;
  • enter into a storage agreement;
  • pay invoices or update your account details;
  • contact us by phone, email, in person, or through forms;
  • visit our premises or use our access systems.

We may also collect data from third parties where lawful and appropriate, such as payment providers, identity verification services, legal representatives, insurers, or other authorised persons acting on your behalf.

4. Lawful Basis for Processing

We process personal data only where the law allows us to do so. Depending on the purpose, our lawful bases include:

  • Performance of a contract — to provide storage services, manage your account, take payments, and fulfil our obligations under the storage agreement;
  • Legal obligation — to comply with tax, accounting, fraud prevention, health and safety, security, and other regulatory requirements;
  • Legitimate interests — to operate and protect our business, monitor site security, improve services, prevent misuse, and handle disputes, provided our interests are not overridden by your rights and freedoms;
  • Consent — where we ask for your permission for specific optional activities, and you are free to withdraw consent at any time;
  • Vital interests — in rare cases where processing is necessary to protect someone’s life;
  • Public task or official authority — only where applicable and required by law.

We do not rely on consent where another lawful basis is more appropriate for core service delivery.

5. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage storage accounts;
  • to verify identity and prevent fraud;
  • to process payments and issue invoices or receipts;
  • to provide access to storage units and manage entry controls;
  • to communicate with you about your service, account, or stored items;
  • to maintain security through CCTV, alarms, and access logs;
  • to investigate complaints, incidents, or disputes;
  • to comply with legal, tax, and regulatory duties;
  • to improve our services, systems, and operational procedures;
  • to protect our rights, property, staff, customers, and premises.

We only use personal data for the purposes for which it was collected unless we reasonably believe another compatible purpose applies.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required or permitted by law. Retention periods may vary depending on the type of data and why it is held.

Typical retention approach

  • Customer and contract records are generally kept for the duration of the service relationship and for a period afterward to deal with claims, audits, or legal requirements;
  • Financial and accounting records are kept for the period required by tax and accounting law;
  • Security records such as access logs and CCTV footage are kept for limited periods unless needed for an investigation or legal matter;
  • Correspondence and complaints may be kept for as long as needed to resolve matters and maintain an accurate business record.

When data is no longer required, we will delete it securely or anonymise it where appropriate.

7. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for service delivery, legal compliance, or legitimate business purposes. These third parties may act as data processors or independent controllers depending on the context.

Examples of processors and service providers

  • Payment processors to handle card and electronic payments;
  • IT and cloud service providers to store and secure business records and systems;
  • Accountancy and bookkeeping providers for financial administration;
  • Identity verification or fraud prevention providers where checks are needed;
  • Security service providers supporting access control, alarms, or CCTV systems;
  • Professional advisers such as lawyers, insurers, and auditors;
  • Public authorities and regulators where disclosure is required by law or necessary to protect rights and safety.

Where a processor is used, we require them to handle personal data only on our instructions, keep it secure, and use it only for the agreed purpose. We do not sell personal data.

8. International Transfers

If any personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it, such as an adequacy regulation, standard contractual clauses, or another lawful transfer mechanism recognised under data protection law.

9. Security Measures

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, password protection, staff training, secure storage, data minimisation, and monitoring of systems. No system is completely secure, but we take reasonable steps to reduce risk and maintain confidentiality.

10. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access to obtain a copy of the personal data we hold about you;
  • Right to rectification to correct inaccurate or incomplete data;
  • Right to erasure in certain circumstances, also known as the right to be forgotten;
  • Right to restriction to limit how we use your data in certain situations;
  • Right to object to processing based on legitimate interests or for direct marketing;
  • Right to data portability to receive certain data in a structured, commonly used format;
  • Right to withdraw consent where processing is based on consent;
  • Right not to be subject to automated decision-making where applicable.

These rights are not absolute and may be subject to legal exceptions. If you exercise a right, we may need to verify your identity before responding.

11. Children’s Data

Our services are generally intended for adults. We do not knowingly collect children’s personal data unless it is provided by an authorised adult for a legitimate purpose connected with our services. If we become aware that we have collected data unlawfully, we will take appropriate steps to delete or correct it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any revised version will apply from the date it becomes effective. We encourage customers to review this policy periodically so they remain informed about how personal data is handled.

13. Summary of Our Commitment

Brentcross Storage respects your privacy and aims to process your personal data lawfully, securely, and transparently. We collect only the information needed to deliver our services, rely on clear lawful bases, keep data only for as long as necessary, use trusted processors under contract, and recognise your data protection rights. This policy is designed to support a responsible and compliant approach to customer data across all Brentcross Storage services in the area.

Call Now!
Call Now Get a Quote
Brentcross Storage

GDPR-compliant privacy policy for Brentcross Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.