Privacy Policy - Uptonpark Storage

Effective date: This Privacy Policy applies to all Uptonpark Storage customers in the area and explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018.

Uptonpark Storage is committed to handling personal data fairly, lawfully, and transparently. This policy applies to customers, prospective customers, business account holders, authorised users, and individuals who interact with us in connection with storage services, account administration, access control, billing, and security management.

1. Personal Data We Collect

We collect only the information needed to operate our storage services safely and efficiently. The categories of personal data we may collect include:

  • Identity data: name, date of birth, and identification details used to verify identity.
  • Contact data: postal address, email address, and telephone number.
  • Account data: customer account references, rental unit details, payment status, and service history.
  • Financial data: billing information, payment records, and transaction details. We do not store full card details where payment processing is handled by secure payment providers.
  • Access data: gate access logs, key fob or code usage, CCTV images, and security-related records.
  • Communications data: correspondence, support requests, complaints, and notes relating to service delivery.
  • Technical data: limited device or system information where necessary for security, diagnostics, and fraud prevention.

We may also receive personal data from third parties where it is lawful to do so, for example from payment processors, identity verification services, insurers, debt recovery providers, or individuals authorised to act on a customer’s behalf.

2. How We Use Personal Data

We use personal data only for specified, explicit, and legitimate purposes. These include:

  • setting up and managing storage accounts;
  • verifying identity and preventing fraud;
  • processing payments and managing billing;
  • granting and monitoring access to storage facilities;
  • providing customer support and resolving disputes;
  • maintaining security, including CCTV monitoring and incident investigation;
  • meeting legal, tax, accounting, and regulatory obligations;
  • protecting our business, customers, staff, and property;
  • enforcing contracts, recovering debts, or defending legal claims.

We will not use personal data in a manner that is incompatible with these purposes unless we have a lawful basis to do so and, where required, we notify you.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Depending on the context, we rely on the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes opening your account, managing storage unit rental, taking payment, providing access, and delivering agreed services.

Legal Obligation

We process personal data where required to comply with laws and regulations, including tax law, accounting requirements, anti-fraud duties, and record-keeping obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. These interests include safeguarding our facilities, preventing theft or misuse, maintaining business records, improving operations, enforcing terms, and protecting against unlawful activity.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications or non-essential processing. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. Retention periods depend on the type of information and the reason for holding it.

  • Customer account records: retained for the duration of the storage agreement and for a reasonable period afterwards.
  • Payment and accounting records: retained for the period required by tax and financial regulations.
  • Access logs and security records: retained for a limited period unless needed longer for incident investigation, dispute resolution, or legal claims.
  • Communication records: retained as long as needed to manage the enquiry or complaint and for appropriate follow-up.
  • CCTV footage: retained for a short period unless an incident requires preservation.

When data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures.

5. Data Processors and Sharing

We may share personal data with trusted third-party service providers acting as data processors on our behalf. These processors only handle personal data under our instructions and must implement appropriate security and confidentiality measures.

Examples of processors may include:

  • payment service providers;
  • identity verification and fraud prevention services;
  • IT hosting, cloud storage, and software providers;
  • security monitoring and CCTV management providers;
  • customer communication platforms;
  • accounting, audit, and compliance support services;
  • debt recovery or legal service providers, where necessary.

We may also disclose personal data to:

  • law enforcement agencies or regulatory authorities when required by law;
  • courts, tribunals, and legal advisers in connection with disputes;
  • emergency services where necessary to protect vital interests;
  • insurers or other relevant parties in the event of a claim or incident.

Where personal data is shared, we ensure that appropriate safeguards are in place and that disclosures are limited to what is necessary.

6. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against accidental loss, unlawful access, misuse, alteration, or disclosure. These measures may include access controls, encryption, secure storage, staff training, visitor management, and monitoring of systems and facilities. No system is completely secure, but we work continuously to reduce risk and protect the information entrusted to us.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions and exemptions.

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate or incomplete data.
  • Right to erasure: you can ask us to delete personal data in certain circumstances.
  • Right to restrict processing: you can ask us to limit how we use your data in certain cases.
  • Right to object: you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability: you can request that we provide certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

8. Automated Decision-Making

We do not make decisions based solely on automated processing that produce legal or similarly significant effects, unless permitted by law and with appropriate safeguards. If this changes, we will provide relevant information about the logic involved and your rights.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any changes will apply from the date they are published or otherwise communicated. We encourage you to review this policy periodically to stay informed about how we protect your personal data.

10. Summary of Our Approach

In summary, Uptonpark Storage processes personal data only where we have a valid lawful basis, retains it for no longer than necessary, uses reputable processors under contract, and respects your rights under data protection law. We are committed to maintaining privacy, security, and transparency in all customer relationships across the area we serve.

Call Now!
Call Now Get a Quote
Uptonpark Storage

GDPR-compliant Privacy Policy for Uptonpark Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.