Privacy Policy - Selfstorage Pimlico

Effective date: This Privacy Policy applies to all Selfstorage Pimlico customers in the area and explains how personal data is collected, used, stored, shared, and protected when you use our storage services.

1. Introduction

Selfstorage Pimlico is committed to handling personal data in a fair, transparent, and secure manner. We respect your privacy and process personal information in line with the UK GDPR and the Data Protection Act 2018. This policy applies to all Selfstorage Pimlico customers in the area, including prospective customers, account holders, authorised users, visitors, contractors, and anyone else whose personal data we process in connection with our services.

We only collect and use personal data where we have a lawful basis to do so, and we limit processing to what is necessary for the purposes described in this policy.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, title, date of birth, and identification details.
  • Contact information such as address, email address, and telephone number.
  • Account and contract information such as tenancy or storage agreement details, account reference numbers, preferences, and correspondence records.
  • Payment information such as billing details, transaction history, and limited payment data necessary to process charges.
  • Security information such as access logs, entry records, CCTV images, incident reports, and alarm-related records where applicable.
  • Verification information such as proof of identity or address where needed to meet legal or security obligations.
  • Communications including emails, messages, complaints, claims, or service-related notes.

We may also collect technical information when you interact with digital systems used for administration, such as device type, IP address, and basic usage data, where applicable and permitted by law.

3. How We Use Your Data

We use personal data for the following purposes:

  • To set up and manage your storage account.
  • To verify identity and prevent fraud.
  • To provide access to storage facilities and manage security.
  • To process payments, refunds, and account administration.
  • To communicate with you about your account, access arrangements, service changes, or important notices.
  • To handle complaints, disputes, damage claims, and incidents.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.
  • To protect the rights, property, and safety of our customers, staff, and premises.

We will not use your personal data for purposes that are incompatible with those listed above unless we are required or permitted to do so by law.

4. Lawful Basis for Processing

We process personal data only when permitted under UK GDPR. Depending on the context, the lawful bases we rely on are:

  • Contract – where processing is necessary to enter into or perform a storage agreement with you.
  • Legal obligation – where we must process information to comply with laws, including accounting, recordkeeping, fraud prevention, or compliance duties.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as securing our premises, managing operations, preventing misuse, or resolving disputes, provided your rights and freedoms do not override those interests.
  • Consent – where we specifically ask for your consent, for example for certain optional communications or other limited processing activities. You may withdraw consent at any time.

Where we rely on legitimate interests, we assess the potential impact on your privacy and ensure that any processing is proportionate and necessary. We do not rely on consent where another lawful basis is more appropriate.

5. Sharing Your Data and Processors

We may share personal data with trusted third parties where necessary for the operation of our services. These third parties act either as independent controllers or as processors acting on our instructions.

Processors

Our processors may include providers who support:

  • Payment processing and billing administration.
  • IT hosting, cloud storage, and system maintenance.
  • Customer relationship management and communications tools.
  • Security services, including monitored access systems and CCTV support.
  • Document storage, archiving, and secure destruction.

Where a processor is used, we require them to act only on our documented instructions, keep data secure, and comply with applicable data protection law. Processors are not allowed to use your data for their own purposes.

Other disclosures

We may also disclose personal data to:

  • Legal and professional advisers.
  • Law enforcement, regulators, courts, or public authorities when required by law.
  • Insurers, auditors, or dispute resolution bodies where reasonably necessary.
  • Successors in title or business transferees in the event of a reorganisation or sale, subject to appropriate protections.

We do not sell your personal data.

6. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, and for as long as required by law, contract, or legitimate business need. Retention periods depend on the type of data and the reason for processing.

  • Account and contract records are generally retained for the duration of the agreement and for a period afterwards to handle disputes, tax, accounting, and legal claims.
  • Payment and invoicing records are retained for statutory accounting and tax purposes.
  • Security records such as access logs and CCTV images are retained for a limited period unless needed for an investigation, legal claim, or incident response.
  • Correspondence and complaint records are kept as long as needed to manage the matter and to demonstrate compliance.

When data is no longer required, we will delete it securely or anonymise it so it can no longer identify you. Retention is reviewed periodically to ensure we do not keep information longer than necessary.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include restricted access controls, staff training, secure storage, password protection, encryption where appropriate, and regular review of security practices.

Although no system can be guaranteed completely secure, we take data protection seriously and maintain safeguards designed to reduce risk and to respond quickly to security incidents.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to obtain confirmation and a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restrict processing – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to request transfer of certain data to you or another organisation, where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable legal requirements. In some cases, we may need to verify your identity before acting on your request. Some rights may be limited where data must be retained for legal, security, or contractual reasons.

9. International Transfers

Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or equivalent protections required by law. Any international transfer will be carried out only when necessary and with suitable security measures.

10. Automated Decision-Making

We do not use personal data for solely automated decision-making that produces legal or similarly significant effects on you, unless we have informed you and are legally permitted to do so. If such processing were introduced, we would ensure that appropriate safeguards and human review are available where required.

11. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data from children except where it is necessary in connection with a lawful service arrangement or where required by law. If we become aware that we have collected personal data inappropriately, we will take steps to delete it or secure the appropriate authorisation.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, operations, or data handling practices. When changes are made, the updated version will apply from its effective date. We encourage you to review this policy periodically to stay informed about how we process personal data.

13. Complaints

If you are concerned about how your personal data is handled, you have the right to raise a complaint with the relevant data protection authority. We also encourage you to first raise any concerns with us so we can address them promptly and fairly.

This Privacy Policy is intended to provide clear information about how Selfstorage Pimlico handles personal data. By using our services, you acknowledge that you have read and understood the practices described here.

Call Now!
Call Now Get a Quote
Selfstorage Pimlico

GDPR-compliant Privacy Policy for Selfstorage Pimlico covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.