Privacy Policy - Northumberlandheath Storage

This Privacy Policy explains how Northumberlandheath Storage collects, uses, stores, shares, and protects personal data in connection with our storage services. It applies to all Northumberlandheath Storage customers in the area, including prospective customers, current customers, former customers, account holders, and individuals who interact with us on behalf of a business customer.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your personal data.

1. Data We Collect

We only collect personal data that is relevant to providing storage services, managing our relationship with you, meeting legal obligations, and protecting our business, staff, and customers. The categories of personal data we may collect include:

  • Identity data such as your name, title, and, where needed, proof of identity.
  • Contact data such as your address, email address, and telephone number.
  • Account and contract data such as customer reference numbers, rental agreements, billing details, payment records, and service preferences.
  • Financial data such as payment method details, transaction records, and information needed to process refunds or resolve billing disputes.
  • Usage data such as records of access to storage premises, delivery logs, and service interactions.
  • Security data such as CCTV footage, access control records, incident reports, and related security information.
  • Communication data such as correspondence with us, complaints, enquiries, feedback, and notes from calls or messages.
  • Technical data where applicable, such as device or system information used to support online service management or security systems.

We generally collect personal data directly from you when you complete an enquiry, sign a contract, make a payment, communicate with us, or use our facilities. In some cases, we may receive data from third parties such as payment providers, identity verification services, insurers, legal advisers, or publicly available sources where this is necessary and permitted by law.

2. How We Use Personal Data

Northumberlandheath Storage uses personal data only where we have a lawful reason to do so. We use personal data for the following purposes:

  • to set up and manage storage accounts;
  • to verify identity and prevent fraud;
  • to process payments and manage billing;
  • to provide access to storage units and related services;
  • to respond to enquiries, complaints, and customer support requests;
  • to maintain safety and security at our premises;
  • to meet legal, tax, accounting, and regulatory obligations;
  • to defend or pursue legal claims;
  • to improve our operations, systems, and customer service;
  • to send service-related notices and important updates.

We do not use personal data for purposes that are incompatible with the reasons for which it was collected unless we are required or permitted to do so by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of your personal data. Depending on the context, we may rely on one or more of the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform our contract with you. This includes creating your account, providing storage services, managing payments, and communicating about your rental arrangement.

Legal Obligation

We may process data to comply with laws and regulations, including tax, accounting, consumer protection, anti-fraud, and record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and rights do not override those interests. This may include protecting our premises, preventing misuse of our services, managing disputes, improving service quality, and maintaining internal records. Where we rely on legitimate interests, we assess the impact on your rights and freedoms.

Consent

In limited circumstances, we may rely on your consent, for example where it is required for specific optional communications or certain types of processing not covered by another lawful basis. Where we rely on consent, you may withdraw it at any time.

4. Sharing and Processors

We may share personal data with trusted third parties who help us operate our business. These third parties act either as independent controllers or as processors acting on our instructions. We only disclose data where necessary and appropriate safeguards are in place.

Processors may include:

  • payment service providers who process card or electronic payments;
  • IT and cloud service providers who support our systems, data storage, and security;
  • customer management software providers;
  • security and CCTV monitoring providers;
  • maintenance, cleaning, and facilities support contractors where relevant to site operations;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • debt recovery or dispute resolution providers, where lawful and necessary;
  • public authorities, regulators, law enforcement, or courts where required by law.

All processors are required to keep personal data secure, use it only for specified purposes, and comply with data protection obligations. We do not sell your personal data.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, and reporting obligations. Retention periods vary according to the type of data and the reason for holding it.

  • Customer and contract records are typically retained for the duration of the service relationship and for a period afterwards to manage queries, disputes, and legal claims.
  • Payment and accounting records are retained for the period required by tax and financial regulations.
  • Security records such as CCTV footage are kept only as long as needed for safety, incident investigation, or lawful purposes, after which they are deleted or overwritten.
  • Complaint and correspondence records are retained for an appropriate period based on the nature of the issue and applicable limitation periods.

When personal data is no longer needed, we will securely delete, destroy, or anonymise it. In some cases, we may retain minimal information longer where required to comply with legal obligations or to establish, exercise, or defend legal claims.

6. Security of Your Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, staff confidentiality obligations, secure storage, system monitoring, and data minimisation practices. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risks associated with the data we process.

7. International Transfers

If any of our processors or service providers store or access personal data outside the United Kingdom, we will ensure appropriate safeguards are in place in accordance with data protection law. This may include the use of approved contractual protections or transfers to countries recognised as providing adequate protection.

8. Your Rights

Subject to conditions and exemptions under data protection law, you have the following rights regarding your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restrict processing – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data has been handled unlawfully or unfairly. We encourage you to contact us first so we can try to resolve any concerns promptly.

9. Children’s Data

Our services are intended for adults and business users. We do not knowingly collect personal data from children unless it is necessary for a specific lawful purpose and appropriate safeguards are in place.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any revised version will apply from the date it is published. We encourage you to review this policy periodically to stay informed about how we protect your personal data.

By using Northumberlandheath Storage services, you acknowledge that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Northumberlandheath Storage

GDPR-compliant Privacy Policy for Northumberlandheath Storage covering data collection, lawful basis, retention, processors, and user rights for all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.