Privacy Policy - Surreyquays Storage

This Privacy Policy explains how Surreyquays Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, website visitors, and other individuals whose information we process in connection with our storage services. It applies to all Surreyquays Storage customers in area, including anyone who uses our storage facilities, requests a quotation, makes an enquiry, enters into a storage agreement, or communicates with us in relation to our services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to explain what data we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal data.

1. Personal Data We Collect

We may collect and process different types of personal data depending on your relationship with us and how you use our services. The categories of data may include:

  • Identity information such as your name, date of birth, and identification details provided for verification purposes.
  • Contact details such as postal address, billing address, email address, and telephone number.
  • Contract and account information such as storage unit reference, agreement details, payment history, correspondence, and service preferences.
  • Financial information such as payment method details, transaction records, and invoicing data.
  • Security and access information such as CCTV records, access logs, incident reports, and other site security records where applicable.
  • Communication data including enquiries, complaints, feedback, notes from calls or written communications, and records of consent where relevant.
  • Technical data where you interact with our digital systems, such as device information, IP address, and usage logs, if applicable.

We generally collect personal data directly from you when you complete forms, sign an agreement, make a payment, contact us, or use our storage services. In some cases, we may also receive information from third parties such as payment providers, identity verification services, insurers, or legal and regulatory bodies.

2. How We Use Your Data

We use personal data only where we have a lawful and proper reason to do so. Our main purposes for processing personal data are:

  • to manage enquiries and provide quotations;
  • to create and administer customer accounts and storage agreements;
  • to verify identity and prevent fraud;
  • to process payments, issue invoices, and handle refunds where appropriate;
  • to provide access to storage services and maintain site security;
  • to communicate with you about your account, service updates, or changes to terms;
  • to manage complaints, disputes, and claims;
  • to comply with legal, accounting, tax, insurance, and regulatory obligations;
  • to improve our services, operations, and customer experience;
  • to establish, exercise, or defend legal rights.

We will not use your personal data for purposes that are incompatible with those described in this policy unless we notify you and, where required, obtain the appropriate permission.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of your personal data. We rely on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your account, providing storage services, taking payments, and managing your access to the facility.

Legal Obligation

We process certain data where we are required to comply with legal obligations, such as tax records, accounting requirements, fraud prevention obligations, or lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. This may include protecting our property, preventing misuse, improving operations, maintaining records, and dealing with disputes. When relying on this basis, we assess the impact on individuals and ensure appropriate safeguards are in place.

Consent

In limited circumstances, we may ask for your consent to process your personal data, for example where consent is required for certain marketing communications or optional services. Where we rely on consent, you may withdraw it at any time, and withdrawal will not affect the lawfulness of processing before withdrawal.

Vital Interests

In rare situations, we may process personal data to protect someone’s vital interests, such as in an emergency involving safety or health.

4. Data Sharing and Processors

We do not sell personal data. However, we may share data with trusted third parties where necessary and proportionate to run our business and provide services. These parties may act as processors or, in some cases, as independent controllers.

Examples of processors and service providers may include:

  • IT and software providers that host customer records, account systems, or security systems;
  • payment processors and banking services that handle card payments and financial transactions;
  • cloud storage and document management services used to store records securely;
  • security contractors or monitoring providers supporting site safety and access control;
  • professional advisers such as accountants, auditors, insurers, legal advisers, and debt recovery providers;
  • regulatory or public bodies where disclosure is required by law or necessary to protect rights, safety, or property.

Where third parties process data on our behalf, they are required to act only on our instructions, keep the data confidential, and implement appropriate technical and organisational security measures. We take reasonable steps to ensure that any processor we use complies with data protection law and provides adequate protection for your information.

5. International Transfers

If any of our service providers store or access personal data outside the UK, we will ensure that appropriate safeguards are in place before such transfers occur. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms designed to protect your information.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, and in line with legal, regulatory, and operational requirements. Retention periods may vary depending on the type of data and the reason for processing.

In general, we may retain information for the following periods:

  • Customer account and contract data for the duration of the relationship and for a reasonable period afterwards to handle queries or claims.
  • Financial and transaction records for the period required by tax, accounting, and auditing laws.
  • Security records such as access logs or CCTV footage for a limited period, unless needed for an investigation, insurance matter, or legal claim.
  • Correspondence and complaints for as long as necessary to resolve the issue and maintain records of our dealings.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. In some cases, we may need to retain data longer where required by law or where it is necessary to establish, exercise, or defend legal claims.

7. Security of Personal Data

We take the security of personal data seriously and use appropriate measures to protect it against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, system monitoring, and regular review of our processes.

While no system can be guaranteed to be completely secure, we work to maintain a level of protection appropriate to the nature of the data we process and the risks involved.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions, exemptions, or legal limits. Your rights include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to raise a concern with the relevant data protection authority if you believe your rights have not been respected. We encourage you to contact us first so that we can address your concerns promptly and fairly.

9. Marketing Communications

Where permitted by law, we may send you service updates or limited marketing communications. You can object to receiving marketing at any time. If you do, we will stop using your data for that purpose. We will not send unnecessary communications and will only use your contact details where we have a lawful basis to do so.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any revised version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

11. Summary of Our Commitment

We are committed to treating personal data with care, transparency, and respect. Our approach is based on lawfulness, data minimisation, security, and accountability. We only collect data that is needed, only keep it for as long as necessary, and only share it where there is a valid reason to do so. This Privacy Policy applies to all Surreyquays Storage customers in area and reflects our ongoing commitment to protecting privacy in line with applicable data protection law.

Call Now!
Call Now Get a Quote
Surreyquays Storage

GDPR-compliant Privacy Policy for Surreyquays Storage covering data collection, lawful basis, retention, processors, user rights, and scope for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.