Privacy Policy - Selhurst Storage

Effective Date: This Privacy Policy applies to all Selhurst Storage customers in the area and explains how we collect, use, share, store, and protect personal data when you use our storage services, access our premises, make enquiries, or otherwise interact with us.

1. Introduction

Selhurst Storage is committed to handling personal data in a lawful, fair, and transparent manner. We respect the privacy of our customers, visitors, contractors, and anyone else whose personal information we process in connection with our services. This Privacy Policy is designed to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

In this Policy, personal data means any information that identifies, or can be used to identify, a living individual. This may include names, addresses, phone numbers, email addresses, identification details, payment information, vehicle registration details, security records, and correspondence.

2. Personal Data We Collect

We only collect personal data that is relevant and necessary for providing storage services, maintaining security, managing accounts, and meeting legal and operational obligations. The categories of data we may collect include:

  • Identity data: name, date of birth, and identification documentation where required.
  • Contact data: address, email address, telephone number, and preferred communication details.
  • Account and contract data: storage unit details, booking records, rental terms, account status, and service history.
  • Payment data: billing records, payment confirmations, transaction references, and limited financial details needed to process payments or refunds.
  • Security data: CCTV footage, access logs, alarm records, entry times, and incident reports.
  • Communications data: messages, complaints, enquiries, and any other correspondence with us.
  • Technical data: website or device information if you interact with our digital systems, including IP address and usage logs where applicable.

We may also receive personal data from third parties where necessary, such as payment providers, referees, insurers, legal advisors, or public authorities.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide storage services and manage customer accounts;
  • to verify identity, prevent fraud, and maintain site security;
  • to process payments, invoices, refunds, and related financial matters;
  • to communicate with customers about bookings, contract changes, or service matters;
  • to operate CCTV, access control, and incident management systems;
  • to deal with disputes, complaints, insurance claims, and legal matters;
  • to comply with legal, regulatory, tax, accounting, and safeguarding obligations;
  • to improve our operations, premises, and customer experience;
  • to send essential service messages where necessary for contract performance or legal compliance.

We do not use personal data for unnecessary purposes, and we will not process it in ways that are incompatible with the reasons it was originally collected unless we have a valid legal basis to do so.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the context, Selhurst Storage may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing storage bookings, setting up accounts, taking payment, communicating service information, and carrying out obligations under our storage agreement.

Legal obligation

We process certain personal data to comply with legal duties, including tax, accounting, business record-keeping, health and safety, crime prevention, and lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests. Examples include protecting our premises, preventing theft or fraud, resolving disputes, improving our services, and maintaining secure records. Where we rely on legitimate interests, we carefully consider whether the processing is proportionate and expected in the circumstances.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or marketing where required. When consent is used, you can withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before it was withdrawn.

Vital interests

In rare cases, we may process data where necessary to protect someone’s life or physical safety.

5. Data Sharing and Processors

We may share personal data with trusted third parties who help us run our business. These recipients act as processors or, in some cases, independent controllers. They only receive data necessary for the services they provide and must handle it securely and lawfully.

Typical processors and service providers may include:

  • IT and cloud service providers: for secure data hosting, storage, and backup.
  • Payment processors: for handling card payments, direct debits, and financial transactions.
  • Security providers: for CCTV systems, alarm monitoring, access control, and site protection.
  • Accountants and auditors: for financial record management and compliance support.
  • Legal and professional advisers: for dispute resolution, regulatory matters, and contractual advice.
  • Maintenance and facilities contractors: where access to relevant data is necessary to carry out work safely and effectively.
  • Debt recovery or credit control providers: where required to recover outstanding amounts in a lawful manner.

We may also disclose personal data to law enforcement, regulators, insurers, courts, or other public bodies where required or permitted by law. If we transfer personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, contractual, and security requirements. Retention periods vary depending on the type of information and the reason we hold it.

As a general approach:

  • Customer and contract records are retained for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records are retained in line with legal requirements.
  • CCTV and access records are normally kept only for a limited period unless they are required for an investigation, dispute, or legal claim.
  • Complaints and correspondence are retained for as long as needed to manage the issue and maintain proper records.

When data is no longer needed, we will delete, anonymise, or securely dispose of it.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or destruction. These measures may include access restrictions, password controls, encryption where appropriate, staff confidentiality obligations, and secure record management. Although no system can be guaranteed completely secure, we take reasonable steps to reduce risk and monitor for security incidents.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to certain conditions and exemptions, these may include:

  • The right of access to request a copy of the personal data we hold about you.
  • The right to rectification to correct inaccurate or incomplete information.
  • The right to erasure in certain circumstances, sometimes called the right to be forgotten.
  • The right to restrict processing in certain situations.
  • The right to data portability for information you have provided to us where processing is based on consent or contract and carried out by automated means.
  • The right to object to processing based on legitimate interests or to direct marketing.
  • The right to withdraw consent where processing is based on consent.
  • The right to lodge a complaint with the Information Commissioner’s Office if you believe your data has been handled improperly.

We may need to verify your identity before responding to a rights request. This helps us protect your information and ensure we only disclose data to the correct person.

9. Children’s Data

Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is required in connection with a lawful and appropriate business arrangement. If we become aware that data has been collected inappropriately, we will take steps to delete it where required.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational requirements. Any updated version will apply from the date it is made available. We encourage customers to review it periodically so they remain informed about how their personal data is handled.

11. Summary of Key Principles

Selhurst Storage follows these core principles when processing personal data:

  • Lawfulness, fairness, and transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

By using our services, you acknowledge that we may process your personal data as described in this Privacy Policy, always in accordance with applicable data protection laws and our responsibility to treat your information with care and respect.

Call Now!
Call Now Get a Quote
Selhurst Storage

GDPR-compliant Privacy Policy for Selhurst Storage covering data collection, lawful bases, processors, retention, security, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.