Privacy Policy - Southborough Storage

This Privacy Policy explains how Southborough Storage collects, uses, shares, retains, and protects personal data when providing storage services. It applies to all Southborough Storage customers in the area, including prospective customers, account holders, authorised users, and individuals who interact with us in connection with our services. We are committed to handling personal data in a manner that is lawful, fair, transparent, and consistent with the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Southborough Storage is the data controller for the personal information collected in connection with our storage services, website interactions, customer communications, payments, security procedures, and related business operations. This means we determine the purposes and means of processing personal data.

2. Personal Data We Collect

We collect only the information that is necessary for operating our business, delivering storage services, maintaining security, and meeting legal obligations. The types of personal data we may collect include:

  • Identity details such as name, date of birth, and title.
  • Contact details such as postal address, email address, and telephone number.
  • Account and booking information such as storage unit number, rental dates, access records, payment status, and service preferences.
  • Financial information such as billing details, transaction records, and payment confirmations.
  • Verification information where required to confirm identity or prevent fraud.
  • Security information such as CCTV images, entry logs, alarm records, and incident reports.
  • Communications including emails, calls, messages, complaints, and service requests.
  • Technical data such as device information, browser type, and limited usage data if our digital systems are used.

We do not intentionally collect special category data unless it is necessary and permitted by law, for example if you voluntarily provide information relevant to a claim, dispute, or accessibility request. Where this occurs, we apply additional safeguards.

3. How We Use Personal Data

We use personal data to provide, manage, and improve our services. Typical purposes include:

  • Setting up and administering customer accounts.
  • Managing storage unit rental agreements.
  • Processing payments, deposits, refunds, and invoices.
  • Communicating with customers about bookings, renewals, access, and service updates.
  • Verifying identity and preventing fraud, misuse, or unauthorised access.
  • Protecting customers, staff, premises, and stored property.
  • Meeting legal, regulatory, tax, accounting, and insurance obligations.
  • Handling disputes, claims, complaints, and enforcement actions.
  • Improving our operational processes, security controls, and customer experience.

4. Lawful Basis for Processing

We only process personal data where we have a valid lawful basis under data protection law. Depending on the specific activity, we rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing storage agreements, payments, access arrangements, and account administration.

Legal Obligation

We process personal data where required to comply with laws and regulations, such as tax, accounting, fraud prevention, health and safety, and lawful record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. Examples include securing our premises, preventing fraud, maintaining service quality, and resolving customer disputes. Where we rely on legitimate interests, we consider necessity, proportionality, and your reasonable expectations.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or where consent is the most appropriate basis. When we rely on consent, you may withdraw it at any time.

5. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary to provide services, protect our business, or comply with legal requirements. We ensure that appropriate contracts and safeguards are in place before any sharing occurs.

We may use the following categories of processors and service providers:

  • Payment processors to handle card and electronic payments securely.
  • IT and cloud service providers to store data, run software, and support business systems.
  • Security providers to support CCTV, alarms, and site security functions.
  • Accountancy and bookkeeping providers to support financial administration and compliance.
  • Legal and professional advisers where advice or representation is required.
  • Insurance providers and claims handlers where incidents, liabilities, or disputes arise.
  • Maintenance and facility contractors when access is needed for site operations, subject to confidentiality obligations.

We may also disclose data to law enforcement agencies, courts, regulators, or other authorities where legally required or where disclosure is necessary to protect rights, property, safety, or security. We do not sell personal data.

6. International Transfers

Where any processor or service provider stores or accesses personal data outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations, UK-approved contractual clauses, or equivalent protective measures. These steps are used to maintain a level of protection consistent with UK data protection requirements.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the reason it is held.

  • Customer account and contract data are generally retained for the duration of the service relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by applicable law.
  • Security records such as CCTV or access logs are retained for a limited period unless needed for an investigation, legal claim, or incident response.
  • Communications and complaints may be retained for as long as necessary to resolve the matter and demonstrate compliance.

When personal data is no longer required, we will securely delete, anonymise, or archive it in line with our retention and disposal procedures. Retention periods may be extended where there is an active legal hold, dispute, or regulatory requirement.

8. Data Security

We use reasonable technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, password protection, staff training, confidentiality obligations, secure storage, and monitoring of security systems. No system is completely risk-free, but we work to reduce risks to an appropriate level.

9. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access to obtain a copy of the personal data we hold about you.
  • Right to rectification to have inaccurate or incomplete data corrected.
  • Right to erasure in certain circumstances, also known as the right to be forgotten.
  • Right to restriction of processing in certain circumstances.
  • Right to data portability for data you provided to us and where processing is based on consent or contract.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent where processing is based on consent.
  • Right to challenge automated decisions where applicable, although we do not rely on significant automated decision-making in ordinary service delivery.

These rights are not absolute and may be subject to exceptions under the law. If you make a request, we may need to verify your identity before responding. We aim to handle requests within the time limits set by applicable law.

10. Children’s Data

Our services are intended for adults and business or household customers who are legally able to enter into storage agreements. We do not knowingly collect personal data from children unless it is incidental and necessary in a lawful context, such as an emergency contact reference. If we become aware that we have collected data unlawfully, we will take appropriate steps to delete or protect it.

11. Marketing and Preferences

We may send service-related communications that are necessary for the performance of our contract or to keep you informed about your account. Where marketing communications are sent, we will do so in accordance with applicable law. You can opt out of non-essential marketing at any time. We will not use your personal data for unrelated purposes without a valid lawful basis.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. The most current version will apply from the date it is published or otherwise communicated. We encourage customers to review it periodically so they remain informed about how their data is handled.

13. Summary of Our Commitment

Southborough Storage is committed to protecting personal data and respecting privacy rights. We collect only what is necessary, use it for clear and lawful purposes, share it only with trusted processors and authorised parties, retain it for appropriate periods, and support individuals in exercising their rights. If you are a customer in the area, this policy applies to you and describes how we manage your information responsibly and in line with GDPR principles.

Call Now!
Call Now Get a Quote
Southborough Storage

GDPR-compliant Privacy Policy for Southborough Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.