Privacy Policy - Childshill Storage

This Privacy Policy explains how Childshill Storage collects, uses, stores, shares, and protects personal data relating to its customers and prospective customers in the area. It applies to all Childshill Storage customers in the area, including individuals, businesses, and authorised representatives who interact with our services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who This Policy Applies To

This policy applies to individuals who use, enquire about, or otherwise engage with Childshill Storage services in the area. It covers customers, account holders, guarantors, emergency contacts, visitors to our premises where relevant, and people acting on behalf of a business customer. It also applies to people whose data we receive when they are named on documents, access arrangements, or payment records.

2. Personal Data We Collect

We collect only the personal data needed to provide secure storage services, manage accounts, maintain safety, and comply with legal obligations. The types of information we may collect include:

  • Identity information such as full name, date of birth, and identification details.
  • Contact information such as postal address, email address, and telephone number.
  • Account information such as customer reference numbers, unit allocation, start and end dates, and service preferences.
  • Payment information such as billing details, transaction records, and payment status.
  • Access and security information such as entry records, CCTV images, alarm logs, and key or access code records where applicable.
  • Communication records such as emails, telephone notes, complaints, and service requests.
  • Legal and compliance data such as verification records, anti-fraud checks, and documentation needed to meet statutory requirements.

We normally collect data directly from you, but we may also receive it from third parties where necessary, for example from payment providers, identity verification services, insurers, or persons authorised to act for you.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To create and manage customer accounts.
  • To verify identity and prevent fraud.
  • To provide storage access and related services.
  • To process payments, refunds, and account administration.
  • To communicate with customers about bookings, invoices, service changes, and notices.
  • To maintain security, investigate incidents, and protect people and property.
  • To comply with legal, regulatory, tax, and accounting obligations.
  • To handle complaints, disputes, and claims.

We will only use personal data for a new purpose if that purpose is compatible with the original reason for collection or if we have a lawful basis to do so.

4. Lawful Basis for Processing

We process personal data only where a lawful basis under the UK GDPR applies. Depending on the circumstances, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement with you, such as setting up an account, managing access, or administering payments.

Legal Obligation

We process data where we are required to do so by law, including record-keeping, tax, accounting, fraud prevention, and responding to lawful requests from public authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and freedoms. Examples include maintaining site security, preventing misuse of the service, managing customer relations, and improving operations. Where we rely on legitimate interests, we consider the impact on privacy and use safeguards to protect your information.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications or specific uses not covered by other lawful bases. Where consent is used, you may withdraw it at any time. Withdrawal will not affect processing already carried out lawfully before consent was withdrawn.

5. Sharing and Processors

We do not sell personal data. We may share information with trusted third parties where necessary to provide our services, manage our business, or comply with the law. These third parties may act as processors or independent controllers.

Processors may include:

  • Payment service providers that process card and account transactions.
  • Identity verification and fraud prevention providers.
  • IT and cloud hosting providers that store or support our systems.
  • Security and monitoring providers, including CCTV and alarm support providers.
  • Professional advisers such as accountants, insurers, and legal advisers.
  • Service partners who help us carry out operational tasks under our instructions.

When we use processors, we require them to protect personal data, act only on our instructions, and maintain appropriate technical and organisational security measures. We may also disclose data to law enforcement, regulators, courts, or other authorised bodies where required or permitted by law.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including meeting legal, accounting, or reporting requirements. The retention period depends on the type of data and the context in which it is used.

  • Customer account records are generally kept for the duration of the contract and for a reasonable period after the contract ends.
  • Payment and accounting records are retained for the periods required by tax and financial law.
  • Security records such as access logs and CCTV images are kept only for as long as needed for security, incident management, or investigations.
  • Communications and complaint records are kept for the time needed to resolve issues and demonstrate how we handled them.

When personal data is no longer required, we delete it securely or anonymise it so it can no longer identify an individual. In some cases, we may retain limited data for legal claims, dispute resolution, or compliance purposes.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access controls, secure storage, staff training, encryption where appropriate, and regular review of our information practices. While no system can be guaranteed completely secure, we take privacy and data protection seriously and continually assess our safeguards.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to ask us to delete personal data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.

These rights are not absolute. In some situations, legal requirements or legitimate business needs may mean we can retain or continue to process your data despite a request. We will always assess requests carefully and respond in line with the law.

9. Children’s Data

Childshill Storage services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary and lawful in connection with an account or authorised access arrangement. If we become aware that we have collected data in error, we will take appropriate steps to delete it or seek proper authorisation where required.

10. International Transfers

Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it, such as adequacy regulations, standard contractual clauses, or equivalent legal mechanisms. Any transfer will be carried out only when necessary and with suitable protection.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any revised version will apply from the date it takes effect. We encourage customers to review the policy periodically so they remain informed about how their data is handled.

12. Our Commitment

We aim to process personal data in a way that is lawful, fair, transparent, and proportionate. We only collect what we need, keep it for no longer than necessary, and take care to ensure that customers in the Childshill Storage area can trust us with their information. If you provide us with personal data, you can expect it to be treated with care, confidentiality, and respect.

Call Now!
Call Now Get a Quote
Childshill Storage

GDPR-compliant Privacy Policy for Childshill Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.