Privacy Policy - Canningtown Storage

This Privacy Policy explains how Canningtown Storage collects, uses, stores, shares, and protects personal data relating to all Canningtown Storage customers in the area. It applies to individuals who enquire about, purchase, or use our storage services, as well as those who communicate with us in connection with a storage account. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1. Who We Are

Canningtown Storage provides storage services to customers in the local area. For the purposes of data protection law, we act as the data controller for the personal data we collect and use in connection with our services. This means we determine the purposes and means of processing personal data. We only process personal data when we have a valid lawful basis and only to the extent necessary for the service, legal compliance, or legitimate business operations.

2. Personal Data We Collect

We collect and process personal data that is necessary to provide storage services, manage customer accounts, maintain security, and comply with legal obligations. The types of information we may collect include:

  • Identity details such as name and, where needed, proof of identity;
  • Contact details such as address, email address, and telephone number;
  • Account and service details including booking information, unit size, service dates, payment status, and account history;
  • Payment information such as billing details and transaction records;
  • Access and security records such as entry logs, CCTV images, and incident reports where applicable;
  • Communication records including emails, letters, call notes, and service requests;
  • Technical information such as device and usage data collected through our systems, if relevant.

We do not intentionally collect special category data unless it is necessary for a specific legal or operational reason and permitted by law. We ask customers to avoid including unnecessary sensitive information in communications.

3. How We Use Personal Data

We use personal data to operate our storage business effectively and responsibly. Typical uses include:

  • setting up and managing storage accounts;
  • verifying identity and preventing fraud;
  • processing payments and managing billing;
  • communicating about bookings, access, service changes, or account issues;
  • maintaining site safety, security, and access control;
  • responding to enquiries, complaints, and requests;
  • complying with tax, accounting, insurance, and other legal requirements;
  • protecting our rights, property, staff, customers, and premises.

We will only use personal data in ways that are compatible with the original purpose for which it was collected unless we are required or permitted by law to do otherwise.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for every processing activity. Canningtown Storage relies on the following lawful bases where appropriate:

Contract

We process personal data when it is necessary to enter into or perform a contract with a customer. This includes setting up a storage service, managing the account, and delivering agreed services.

Legal Obligation

We process data where necessary to meet legal and regulatory obligations, including accounting, tax, anti-fraud, and record-keeping requirements.

Legitimate Interests

We may process personal data when we have a legitimate business interest that is not overridden by the customer’s rights and freedoms. This may include site security, CCTV monitoring, fraud prevention, service improvement, and handling disputes. Where required, we carry out a balancing test to ensure that our interests do not unfairly affect individuals.

Consent

In limited cases, we may rely on consent, such as for certain optional communications or specific processing activities. When consent is used, customers have the right to withdraw it at any time.

5. Data Sharing and Processors

We may share personal data with trusted third parties only when necessary and only for legitimate business purposes. These parties may act as data processors or, in some cases, independent controllers. We ensure that all processors are bound by appropriate contractual obligations and process data only on our instructions and in compliance with data protection law.

Processors and service providers may include:

  • Payment service providers that handle secure transaction processing;
  • IT and cloud service providers that host systems, store records, or support business operations;
  • Security providers that maintain alarm systems, access controls, or CCTV-related services;
  • Professional advisers such as accountants, auditors, insurers, or legal advisers;
  • Maintenance and facilities contractors where access to premises or operational records is necessary;
  • Public authorities or law enforcement where disclosure is required by law or to protect rights and safety.

We do not sell personal data. If personal data is transferred outside the UK or EEA, we will ensure that appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, where required.

6. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, tax, and security obligations. Retention periods depend on the type of information and the reason we hold it.

In general:

  • Customer account records are retained for the duration of the service and for a further period where needed for legal claims or record-keeping;
  • Financial and transaction records are retained for the period required by tax and accounting laws;
  • Security records, including CCTV footage or access logs, are retained for a limited period unless needed for incident investigation or legal proceedings;
  • Correspondence and complaints may be retained for as long as necessary to resolve the matter and for evidence of handling decisions.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures. Retention is reviewed regularly to ensure information is not kept longer than necessary.

7. Data Security

We take appropriate technical and organisational measures to protect personal data from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include restricted access controls, secure storage, staff confidentiality obligations, encryption where appropriate, and routine monitoring of systems and physical premises. While no system can be guaranteed to be completely secure, we are committed to maintaining a level of security appropriate to the risks involved.

8. Your Rights

Under GDPR, individuals have a number of rights in relation to their personal data. Subject to legal limits and exemptions, customers may have the right to:

  • access the personal data we hold about them;
  • rectify inaccurate or incomplete information;
  • erase personal data in certain circumstances;
  • restrict the processing of their data in certain situations;
  • object to processing based on legitimate interests or direct marketing;
  • data portability where processing is based on consent or contract and carried out by automated means;
  • withdraw consent where processing relies on consent;
  • lodge a complaint with the relevant data protection supervisory authority.

To exercise these rights, customers may make a request using the appropriate channels provided by Canningtown Storage. We may need to verify identity before responding to protect privacy and prevent unauthorised disclosure. We aim to respond within the time limits required by law.

9. Automated Decision-Making

We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects, unless we are permitted to do so by law and have implemented appropriate safeguards. If this changes, we will update this policy and provide the required information.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or operational practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their personal data is handled.

11. Final Statement

This Privacy Policy applies to all Canningtown Storage customers in the area. By using our services, customers acknowledge that their personal data may be processed as described in this policy. We are committed to handling data lawfully, transparently, and fairly, and to respecting the rights of every individual whose information we hold.

Call Now!
Call Now Get a Quote
Canningtown Storage

GDPR-compliant Privacy Policy for Canningtown Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.