Privacy Policy - Charlton Storage

This Privacy Policy explains how Charlton Storage collects, uses, shares, stores, and protects personal data in connection with the services we provide. It applies to all Charlton Storage customers in the area, including prospective customers, current customers, former customers, visitors to our premises, and people who communicate with us about our services.

We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Charlton Storage provides storage services to individuals and businesses. For the purposes of data protection law, we act as the data controller for the personal data we collect and use in relation to our services, administration, safety, security, and legal obligations.

This policy sets out the principles and practices we follow when processing personal data. It should be read together with any specific notices or terms provided at the time you use our services.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as name, title, date of birth, and identification details where required.
  • Contact data such as postal address, email address, and telephone number.
  • Customer and account data such as booking details, account references, service preferences, billing information, and records of payments.
  • Transaction data such as payment status, invoices, and service history.
  • Technical data such as IP address, device information, browser type, and usage data when you interact with digital systems we use.
  • Security data such as CCTV images, access records, key or entry logs, and incident reports.
  • Communication data such as enquiries, complaints, feedback, and correspondence.
  • Legal and compliance data where we need to verify identity, detect fraud, or meet legal and regulatory duties.

We usually collect personal data directly from you when you enquire about our services, complete forms, make payments, visit our site, or communicate with us. We may also receive data from third parties such as payment providers, identity verification services, insurers, legal advisers, or public authorities where necessary and lawful.

3. How We Use Personal Data

We use personal data only where we have a valid legal basis and for legitimate business purposes connected with our storage services. This may include:

  • setting up and managing customer accounts;
  • providing storage services and related administration;
  • processing payments, refunds, and invoices;
  • verifying identity and preventing fraud;
  • maintaining safety, security, and access control;
  • responding to enquiries, complaints, and service requests;
  • meeting legal, tax, accounting, and regulatory obligations;
  • protecting our rights, property, and customers;
  • improving our services, systems, and operations;
  • sending essential service communications.

We will only use your personal data for the purposes for which it was collected unless we reasonably consider that we need to use it for another compatible purpose. If we need to use your data for an unrelated purpose, we will explain the legal basis and, where required, seek your consent.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Charlton Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your booking, account, payments, and delivery of storage services.

Legal obligation

We process data where necessary to comply with legal obligations, including tax, accounting, health and safety, fraud prevention, and lawful requests from public authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. These interests may include running our business efficiently, securing our premises, preventing misuse, managing disputes, and improving services. We always balance our interests against your privacy rights.

Consent

In limited situations, we may rely on your consent, for example for optional marketing communications or certain non-essential uses of data. Where consent is used, you may withdraw it at any time.

5. Sharing and Processors

We may share personal data with trusted third parties where necessary and lawful. These third parties may act as processors or, in some cases, as independent controllers.

Examples of processors and service providers include:

  • Payment processors who handle card or online payment transactions;
  • IT and cloud service providers who store or support our systems;
  • Security providers who assist with CCTV, alarm systems, and access control;
  • Accountants and professional advisers who support financial and legal compliance;
  • Maintenance and facilities providers who may access limited data when carrying out work;
  • Identity verification or fraud prevention services where required;
  • Delivery or logistics partners if needed to support service operations.

We require processors to act only on our instructions, to keep data secure, and to comply with applicable data protection law. We do not sell personal data.

We may also disclose personal data if required to comply with law, enforce our terms, protect our rights, investigate suspected unlawful activity, or respond to lawful requests from regulators, courts, or law enforcement agencies.

6. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We only allow such transfers where adequate protection is maintained.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and why it is held.

In general:

  • customer and contract records are retained for the period needed to manage the relationship and handle disputes;
  • financial and tax records are retained in line with legal obligations;
  • security records, including CCTV, are retained for a limited period unless needed for an incident, investigation, or legal claim;
  • enquiry records may be kept for a reasonable period to support customer service and business administration.

When personal data is no longer required, we will securely delete, anonymise, or otherwise dispose of it.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff training, physical security, encryption where appropriate, and regular review of our systems and procedures.

While we take reasonable steps to safeguard data, no system can be guaranteed to be completely secure. We therefore encourage customers to use strong security practices when communicating with us and to notify us promptly of any suspected misuse of their information.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the circumstances and legal basis for processing:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restriction – to ask us to limit how we use your data;
  • Right to data portability – to receive certain data in a structured, commonly used format;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to withdraw consent – where processing is based on consent;
  • Right to complain – to raise concerns with the relevant data protection authority.

We will respond to rights requests in line with legal requirements and may need to verify your identity before taking action. Some rights may be limited where data must be retained for legal, contractual, or security reasons.

10. Children’s Data

Our services are generally intended for adults and business customers. We do not knowingly collect personal data from children unless required in exceptional circumstances and in a lawful manner. If we become aware that we have collected data improperly, we will take appropriate steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. The latest version will apply from the date it takes effect. We encourage customers to review it periodically to remain informed about how we use personal data.

12. Summary of Key Points

In short: Charlton Storage collects only the data needed to provide and secure our services, uses it on lawful grounds, shares it only with trusted processors or where required by law, and keeps it only for as long as necessary. We respect your rights and aim to handle all personal data responsibly and transparently.

This policy applies to all Charlton Storage customers in the area.

Call Now!
Call Now Get a Quote
Charlton Storage

GDPR-compliant Privacy Policy for Charlton Storage covering data collection, lawful basis, retention, processors, rights, and area-wide customer application.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.