Privacy Policy - Ruislip Storage

Effective date: This Privacy Policy applies to all Ruislip Storage customers in the Ruislip area and explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Ruislip Storage is committed to protecting your privacy and handling your personal data responsibly, fairly, and transparently. This Privacy Policy sets out what information we collect, why we collect it, the lawful bases we rely on, how long we keep it, who may process it on our behalf, and the rights you have over your information.

By using our storage services, making an enquiry, entering into a storage agreement, or otherwise interacting with us, you acknowledge that your personal data may be processed as described in this Privacy Policy. We only collect and use data that is necessary for legitimate business and legal purposes, and we take steps to ensure that it is kept secure and used appropriately.

2. Data We Collect

We may collect and process several categories of personal data depending on your relationship with us and the services you use. This may include:

  • Identity information: full name, date of birth, and identification details where required for verification.
  • Contact details: address, telephone number, and email address.
  • Account and contract information: storage unit number, start and end dates of the agreement, payment status, and service preferences.
  • Financial information: billing details, payment records, and transaction references. We do not store full card details unless required by our payment provider’s systems.
  • Security information: access logs, entry records, CCTV footage, alarm data, and incident reports, where applicable.
  • Communication records: enquiries, complaints, correspondence, and notes of conversations.
  • Technical information: device and browser data, IP address, and website usage information where relevant to service provision and security.

In limited cases, we may also process special category data if you voluntarily provide it or if it is necessary to protect legal rights or comply with legal obligations. We aim to avoid collecting such information unless strictly needed.

3. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage your storage account;
  • to verify identity and prevent fraud;
  • to provide access to storage facilities and maintain site security;
  • to process payments, refunds, and outstanding balances;
  • to communicate with you about your agreement, notices, or service updates;
  • to handle enquiries, complaints, and disputes;
  • to meet legal, regulatory, accounting, and tax obligations;
  • to improve service quality, safety, and operational efficiency;
  • to defend or establish legal claims where required.

We only process personal data for specified, explicit, and legitimate purposes and do not use it in a manner that is incompatible with those purposes.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each type of processing activity. The lawful bases we rely on are:

4.1 Contract

We process your personal data where it is necessary to enter into or perform a storage agreement with you. This includes creating your account, managing your unit, and delivering the services you requested.

4.2 Legal Obligation

We may process your data to comply with laws and regulations, including tax, accounting, fraud prevention, and record-keeping obligations.

4.3 Legitimate Interests

We may process your data where it is necessary for our legitimate interests, provided these are not overridden by your rights and freedoms. Legitimate interests may include ensuring site security, preventing unauthorised access, improving our services, and managing business operations.

4.4 Consent

In limited situations, we may rely on your consent, for example where you opt in to receive certain types of marketing communications. Where consent is used, you may withdraw it at any time.

4.5 Vital Interests

In rare circumstances, we may process personal data where necessary to protect someone’s vital interests, such as in an emergency or safety incident.

5. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, contractual, accounting, and reporting requirements. Retention periods vary depending on the type of data and the reason it is held.

  • Customer and contract records: retained for the duration of the relationship and for a reasonable period afterwards.
  • Payment and accounting records: retained in line with tax and financial record requirements.
  • Security records: kept only as long as necessary for safety, incident review, or investigation purposes.
  • Correspondence and complaints: retained for as long as needed to resolve issues and maintain an accurate service history.

When personal data is no longer required, we will securely delete, anonymise, or destroy it. We do not keep data longer than necessary.

6. Data Sharing and Processors

We may share personal data with trusted third parties who act as data processors or independent controllers, depending on the service they provide. These parties are only allowed to process data on our instructions or for their own lawful purposes where applicable.

Examples of processors and recipients may include:

  • Payment service providers: to process transactions and manage billing.
  • IT and cloud service providers: to host systems, store records, and support digital operations.
  • Security providers: to assist with site monitoring, alarm systems, and incident management.
  • Professional advisers: such as accountants, auditors, insurers, or legal advisers.
  • Public authorities: where disclosure is required by law, court order, or lawful request.

We require processors to apply appropriate technical and organisational measures to protect personal data and to process it only in accordance with our instructions and applicable law. We do not sell personal data.

7. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent legal protections. We only transfer data where necessary and where a suitable level of protection can be maintained.

8. Data Security

We use reasonable and proportionate security measures to help prevent unauthorised access, accidental loss, misuse, or disclosure of personal data. These measures may include access controls, secure storage, staff training, and monitoring of systems and premises.

While we take data security seriously, no system is completely secure. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will respond in accordance with legal requirements and notify you where necessary.

9. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to complain to the Information Commissioner’s Office if you believe your data has been mishandled. We encourage you to raise any concerns with us first so that we may try to resolve them promptly.

10. Marketing

If we send marketing communications, we will do so in compliance with applicable law. You may opt out of receiving marketing at any time, and we will respect your choice. Operational messages related to your storage agreement are not marketing and may still be sent when necessary.

11. Children’s Data

Our services are not intended for children, and we do not knowingly collect personal data from children unless it is necessary in the context of an adult customer’s account or legal responsibility. If we become aware that we have collected data from a child without an appropriate lawful basis, we will take steps to delete or protect it as required.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any revised version will replace the previous one from the date it takes effect. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

13. Contacting Us About Privacy

If you have questions about this Privacy Policy, want to exercise your rights, or need more information about how your data is handled, you may contact the appropriate person or team responsible for privacy administration within Ruislip Storage. We will aim to respond to privacy requests in accordance with applicable legal timelines and may ask for information to verify your identity before fulfilling your request.

In summary: Ruislip Storage processes personal data lawfully, fairly, and transparently, using it only for legitimate operational, contractual, and legal purposes. We keep data only as long as needed, share it only with trusted processors and required authorities, and respect your rights under data protection law.

Call Now!
Call Now Get a Quote
Ruislip Storage

GDPR-compliant Privacy Policy for Ruislip Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the Ruislip area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.