Privacy Policy - Neweltham Storage

This Privacy Policy explains how Neweltham Storage collects, uses, stores, shares, and protects personal data. It applies to all Neweltham Storage customers in the area, including prospective customers, current customers, former customers, and individuals who enquire about our storage services. We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK GDPR and the Data Protection Act 2018.

Please read this policy carefully so you understand what information we collect, why we use it, how long we keep it, and what rights you have in relation to your personal data.

1. Who We Are

Neweltham Storage provides storage services to individuals and businesses in the local area. For the purposes of data protection law, Neweltham Storage acts as the data controller for personal data collected in connection with our services. This means we determine the purposes and means of processing personal data.

This policy applies to all customers in the area who use, request, or are otherwise connected with our storage services.

2. Personal Data We Collect

We may collect and process different categories of personal data depending on your relationship with us. This can include:

  • Identity details such as your name, title, date of birth, and identification documents where required for verification.
  • Contact details such as address, email address, phone number, and billing address.
  • Account and service details such as storage unit references, booking information, access records, payment history, and correspondence.
  • Financial information such as payment card details, bank account details, and transaction records, where necessary for payment processing.
  • Technical data such as IP address, device information, browser type, and access logs if you use any online systems connected to our services.
  • Security information such as CCTV images, visitor logs, gate access records, and incident reports for safety and security purposes.
  • Communication records including emails, letters, complaints, inquiries, and notes from phone or in-person discussions.

We do not intentionally collect special category data unless it is provided by you or required in a specific situation and we have a lawful basis to process it. Where possible, we ask that you do not share unnecessary sensitive information with us.

3. How We Use Your Personal Data

We use personal data for the following purposes:

  • To set up and manage customer accounts and storage agreements.
  • To verify identity and prevent fraud or misuse.
  • To provide storage services, manage access, and maintain site security.
  • To process payments, invoices, deposits, and refunds.
  • To communicate with you about your account, service changes, reminders, or notices.
  • To deal with complaints, disputes, and customer support requests.
  • To comply with legal, regulatory, tax, and insurance obligations.
  • To monitor and improve our services, systems, and security controls.

We only use personal data where we have a valid reason to do so. We never sell personal data and we do not use it in ways that are incompatible with the purposes described in this policy.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the situation, Neweltham Storage relies on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes creating accounts, managing your storage unit, taking payments, and providing customer support connected with our services.

Legal Obligation

We process data where necessary to comply with legal obligations, such as record-keeping, tax requirements, accounting rules, health and safety duties, or responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests and where those interests are not overridden by your rights. This includes protecting our premises, preventing fraud, monitoring access, managing disputes, and improving our services. When we rely on this basis, we carry out a balancing assessment to ensure your privacy is respected.

Consent

In limited cases, we may rely on your consent, for example where it is required for a specific optional service or communication. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Sharing Your Data and Processors

We may share personal data with trusted third parties who help us operate our business. These third parties act as processors when they process data on our behalf and under our instructions. We require processors to keep data secure and to use it only for the agreed purpose.

Examples of processors or service providers may include:

  • Payment processors that handle card or bank transactions.
  • IT and cloud service providers that host systems, email, or data storage.
  • Security contractors that assist with site protection, access control, or CCTV systems.
  • Accounting or administrative service providers that support billing and record-keeping.
  • Professional advisers such as insurers, lawyers, or auditors where necessary.

We may also disclose personal data where required by law, for example to law enforcement, regulators, courts, or public authorities. If we ever transfer data outside the UK, we will ensure appropriate safeguards are in place to protect it.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, tax, and reporting requirements. The exact retention period depends on the type of data and the reason we hold it.

  • Customer account and contract data is typically retained for the duration of the service relationship and for a period after it ends to handle disputes or legal obligations.
  • Financial records are retained for the period required by tax and accounting law.
  • Security records such as access logs or CCTV may be kept for a limited period unless needed longer for an investigation, incident, or legal claim.
  • General correspondence is kept only as long as needed to respond to your inquiry or maintain service records.

When data is no longer needed, we will securely delete it, anonymise it, or destroy it in a safe manner.

7. Data Security

We take appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure systems, staff training, data minimisation, and physical security procedures.

However, no system is completely secure. If a personal data breach occurs and we are legally required to notify you or a regulator, we will do so promptly.

8. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may apply depending on the circumstances:

  • Right of access to obtain a copy of the personal data we hold about you.
  • Right to rectification to correct inaccurate or incomplete information.
  • Right to erasure to request deletion of your data in certain situations.
  • Right to restriction to limit how we use your data in certain cases.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability to receive certain data in a structured, commonly used format.
  • Right to withdraw consent where processing is based on consent.

You also have the right to raise a concern with the UK Information Commissioner’s Office if you believe your data has been handled improperly. We encourage you to contact us first so we can try to resolve any issue quickly and fairly.

9. Children’s Data

Our services are not intended for children under 18 unless required in connection with a lawful customer relationship. We do not knowingly collect children’s personal data without appropriate authority and lawful basis.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is issued. We encourage customers to review this policy periodically so they remain informed about how their data is used.

11. Summary of Key Points

In summary, Neweltham Storage collects only the personal data needed to provide and manage storage services, meet legal obligations, and keep our site secure. We use lawful bases such as contract, legal obligation, legitimate interests, and, where appropriate, consent. We share data only with trusted processors or where required by law, retain it only for as long as necessary, and respect your rights under GDPR.

This policy is intended to apply to all Neweltham Storage customers in the area.

Call Now!
Call Now Get a Quote
Neweltham Storage

GDPR-compliant Privacy Policy for Neweltham Storage covering data use, lawful basis, retention, processors, security, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.