Privacy Policy - Lewisham Storage

Lewisham Storage is committed to protecting the privacy and personal data of all customers in the Lewisham area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Lewisham Storage customers in area, including prospective customers, current customers, former customers, and anyone who interacts with our services on behalf of a business or organisation.

1. Who We Are

For the purposes of data protection law, Lewisham Storage is the data controller for the personal data described in this policy. This means we decide why and how your personal information is processed when you use our storage services, make enquiries, or otherwise interact with us.

We take our responsibilities seriously and aim to ensure that all personal data is handled lawfully, fairly, and transparently. Our approach is based on the principles of data minimisation, purpose limitation, and storage limitation.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, date of birth, and identification details where required for security or verification purposes.
  • Contact details including address, email address, and telephone number.
  • Account and service information such as rental preferences, unit size, access arrangements, booking details, and payment records.
  • Transaction information including invoices, payment confirmations, and billing history.
  • Access and security information such as entry logs, CCTV recordings, and incident reports where applicable.
  • Communication records including emails, messages, complaints, and customer service notes.
  • Technical information where you use any digital systems associated with our service, such as device identifiers or basic usage logs.

We generally do not seek to collect special category data. If such information is provided to us inadvertently, we will only process it where a lawful basis exists and where it is necessary for a legitimate and specific purpose.

3. How We Use Your Data

We process personal data for the following purposes:

  • To provide storage services and manage your account.
  • To verify identity and carry out security checks where needed.
  • To process payments, issue invoices, and manage outstanding balances.
  • To communicate with you about your booking, access, or service matters.
  • To maintain safety, monitor site access, and investigate incidents or misuse.
  • To comply with legal and regulatory obligations.
  • To manage complaints, disputes, and claims.
  • To improve our service, internal processes, and customer experience.

We only use your personal data where it is necessary and proportionate to the purpose for which it was collected. We do not sell personal data.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for every processing activity. Lewisham Storage relies on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access to a unit, handling payments, and delivering agreed services.

Legal obligation

We may process personal data where required to comply with legal obligations, such as tax, accounting, health and safety, fraud prevention, or responding to lawful requests from authorities.

Legitimate interests

We may process certain data where it is necessary for our legitimate interests or those of a third party, provided those interests do not override your rights and freedoms. Examples include site security, CCTV monitoring, service improvement, debt recovery, and prevention of misuse or fraud.

Consent

Where we rely on your consent, we will make this clear at the time of collection. You may withdraw consent at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

5. Sharing Your Personal Data

We may share personal data with trusted third parties who support our operations. These third parties act as processors or, in some cases, independent controllers. We only share data where necessary and always with appropriate safeguards.

Examples of processors may include:

  • Payment service providers who handle card or bank transactions.
  • IT and software providers who support booking, record-keeping, or security systems.
  • Cloud storage and data hosting providers.
  • Security contractors or monitoring services where site safety requires it.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.

We may also disclose personal data to law enforcement, regulators, courts, or other public bodies where required by law or where necessary to establish, exercise, or defend legal rights.

Where a processor is used, they are bound by a written agreement requiring them to act only on our instructions, keep data secure, and comply with data protection law.

6. Data Retention

We keep personal data only for as long as it is needed for the purpose for which it was collected, or as required by law. Retention periods vary depending on the type of information and the reason we hold it.

  • Customer account and contract records are typically retained for the duration of the relationship and for a period afterwards to deal with claims or legal obligations.
  • Payment and accounting records are kept for the period required by tax and financial laws.
  • Security records, such as access logs or CCTV footage, are normally retained for a short period unless required longer for investigation, insurance, or legal reasons.
  • Correspondence and complaints may be kept for as long as necessary to resolve issues and maintain accurate records.

When data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.

7. Security of Your Data

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, secure systems, staff training, and careful management of third-party providers.

While no system can be guaranteed to be completely secure, we regularly review our safeguards and take reasonable steps to reduce risks and respond to security incidents promptly.

8. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to legal exceptions and limitations.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete data.
  • Right to erasure – in certain circumstances, you can request deletion of your data.
  • Right to restrict processing – you can ask us to limit how your data is used in some cases.
  • Right to data portability – where applicable, you can request your data in a structured, commonly used format.
  • Right to object – you can object to processing based on legitimate interests, including direct marketing where applicable.
  • Right to withdraw consent – where processing is based on consent, you can withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

9. Children’s Data

Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is required in limited circumstances and with appropriate authority or consent. If we become aware that we have collected data from a child without proper justification, we will take steps to delete it.

10. International Transfers

If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any significant changes will be communicated in a suitable manner. We encourage customers to review the policy periodically to stay informed about how we handle personal data.

12. Summary of Key Points

Lewisham Storage processes personal data to deliver storage services, manage accounts, ensure security, and meet legal obligations. We rely on lawful bases including contract, legal obligation, legitimate interests, and consent where appropriate. We only share data with trusted processors and retain it only as long as necessary. Customers in the Lewisham area have rights over their data, including access, correction, deletion, restriction, objection, and portability.

This policy applies to all Lewisham Storage customers in area.

Call Now!
Call Now Get a Quote
Lewisham Storage

GDPR-compliant Privacy Policy for Lewisham Storage covering data collection, lawful basis, retention, processors, rights, and applicability to all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.