Privacy Policy - Barnsbury Storage

This Privacy Policy explains how Barnsbury Storage collects, uses, stores, shares, and protects personal data. It applies to all Barnsbury Storage customers in area, including prospective customers, existing customers, account holders, visitors, and any person who interacts with our services. We are committed to handling personal data in a fair, lawful, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Barnsbury Storage provides storage-related services and associated customer support. In providing these services, we may act as a data controller for the personal data we collect and use. This means we decide how and why your personal data is processed. We take our responsibilities seriously and apply appropriate safeguards to protect the information entrusted to us.

2. Information we collect

We collect personal data that is necessary to provide storage services, manage customer relationships, operate our business, and comply with legal obligations. The exact information collected may vary depending on how you interact with us. The categories of data may include:

  • Identity data such as your name, date of birth, and identification details where required for verification.
  • Contact data such as your postal address, email address, and telephone number.
  • Account and contract data including customer reference numbers, booking details, service preferences, and correspondence related to your storage arrangement.
  • Payment data such as billing information, payment confirmations, and transaction records. We do not store full payment card details where a third-party payment processor handles the transaction.
  • Security data such as CCTV recordings, access logs, gate entry records, alarm information, and incident reports where applicable.
  • Technical data such as device information, IP addresses, and usage logs when you interact with our digital systems.
  • Communication data such as emails, messages, call notes, and records of complaints or service requests.

We may also collect limited data from third parties, such as identity verification providers, payment providers, or public sources, where needed for lawful business purposes.

3. How we use personal data

We use personal data to deliver our services and run our business efficiently. The main purposes include:

  • creating and managing customer accounts;
  • processing bookings, payments, and refunds;
  • verifying identity and preventing fraud;
  • providing customer support and handling enquiries;
  • maintaining site safety, security, and access control;
  • monitoring compliance with contracts, policies, and site rules;
  • meeting legal, tax, accounting, and regulatory obligations;
  • resolving disputes, enforcing agreements, and defending legal claims;
  • improving our services, systems, and operational performance.

We only process personal data when we have a valid lawful basis and when the processing is necessary for a specific purpose.

4. Lawful basis for processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the activity, Barnsbury Storage relies on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage agreement, processing payments, managing access, and providing customer support connected to the service.

Legal obligation

We may process personal data where it is necessary to comply with a legal obligation, such as tax record-keeping, accounting requirements, fraud prevention rules, or responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. This may include site security, service improvement, record keeping, incident management, and business administration. We always consider whether the processing is proportionate and whether it could reasonably be expected by you.

Consent

In limited situations, we rely on your consent, for example where it is required for certain optional communications or specific uses of data. Where consent is used, you may withdraw it at any time, and this will not affect the lawfulness of processing carried out before withdrawal.

5. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, reporting, and operational requirements. Retention periods depend on the type of data and the purpose of processing.

  • Customer and contract records are generally retained for the duration of the relationship and for a reasonable period afterwards to manage disputes, queries, or claims.
  • Financial and accounting records are kept for the period required by law.
  • Security records, including CCTV and access logs, are retained for a limited period unless needed longer for incident investigation, evidence, or legal proceedings.
  • Communications and support records are retained for as long as necessary to resolve the matter and maintain accurate records.

When personal data is no longer required, we will securely delete, anonymise, or archive it in line with our retention practices. We do not keep personal data indefinitely.

6. Processors and sharing of data

We may share personal data with trusted third parties who act as processors or, in some cases, independent controllers. Processors only handle data on our instructions and are contractually required to keep it secure and use it only for specified purposes. These may include:

  • payment service providers;
  • IT and cloud hosting providers;
  • identity verification and fraud prevention services;
  • security and CCTV system providers;
  • customer management and communications tools;
  • professional advisers such as accountants, auditors, insurers, or legal advisers;
  • public authorities, regulators, or law enforcement where required by law.

We only share the minimum amount of data necessary for the relevant purpose. Where a third party acts as an independent controller, that organisation is responsible for its own privacy practices.

7. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, staff training, encryption where appropriate, secure storage, and regular review of security practices. While we take every reasonable step to safeguard data, no system can be guaranteed completely secure.

8. Your rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to legal conditions or exemptions. They include:

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – in certain cases, you may ask us to delete your personal data.
  • Right to restriction – you may ask us to limit how we use your data in certain circumstances.
  • Right to data portability – you may request that we provide certain data in a structured, commonly used format.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant supervisory authority if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve them promptly and fairly.

9. International transfers

Where personal data is transferred outside the UK, we will ensure that suitable safeguards are in place to protect it. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We will only transfer data where permitted under applicable data protection law.

10. Children

Our services are not directed to children, and we do not knowingly collect personal data from children except where necessary in connection with a customer account or lawful business requirement. If we become aware that we have collected data from a child unlawfully, we will take appropriate steps to delete it.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. Any updates will take effect when published. We encourage customers to review this policy periodically so they remain informed about how their personal data is used.

By using Barnsbury Storage services, you acknowledge that you have read and understood this Privacy Policy. We are committed to handling your information responsibly, protecting your privacy, and maintaining the trust of all Barnsbury Storage customers in area.

Call Now!
Call Now Get a Quote
Barnsbury Storage

GDPR-compliant Privacy Policy for Barnsbury Storage covering data collection, lawful basis, retention, processors, user rights, and customer scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.