Privacy Policy - Acton Storage

Acton Storage is committed to protecting the privacy and personal data of all customers in the area who use our storage services. This Privacy Policy explains how we collect, use, share, retain, and protect personal information, and it describes the rights available to individuals under the UK GDPR and the Data Protection Act 2018.

This policy applies to all Acton Storage customers in the area, including prospective customers, current customers, former customers, and individuals who communicate with us about our services. By using our services, entering into a storage agreement, or interacting with us in relation to storage services, you acknowledge the practices described in this policy.

1. Personal Data We Collect

We only collect personal data that is relevant, necessary, and limited to the purposes described in this policy. Depending on your relationship with us, we may collect the following categories of information:

  • Identity information such as your name, title, date of birth, and proof of identity where required.
  • Contact information such as address, email address, telephone number, and billing details.
  • Account and contract information such as storage unit references, agreement details, start and end dates, and payment status.
  • Financial information such as payment records, transaction confirmations, and limited payment card data processed through secure payment providers.
  • Security information such as CCTV images, access logs, gate entry records, and incident reports where security systems are used.
  • Communication data such as emails, call notes, complaints, inquiries, and service requests.
  • Technical information such as device and usage data collected when you interact with our digital systems, if applicable.

We do not intentionally collect special category data unless it is provided to us in exceptional circumstances, for example in a complaint or legal claim. If such data is received, it will be handled with additional care and only where a lawful basis applies.

2. How We Use Your Data

We use personal data for lawful and specific purposes connected to our storage services. These purposes include:

  • setting up and managing customer accounts;
  • entering into and performing storage agreements;
  • verifying identity and preventing fraud;
  • processing payments, refunds, and account balances;
  • providing customer support and handling inquiries;
  • maintaining site safety, security, and operational management;
  • responding to complaints, disputes, and insurance or damage claims;
  • meeting legal, regulatory, tax, and accounting obligations;
  • protecting our property, staff, customers, and other users;
  • improving our services, systems, and customer experience.

We will only use your data in a way that is compatible with the purposes for which it was collected, unless we reasonably believe another lawful basis applies and the new use is permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. We rely on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage account, collecting payments, providing access to your unit, and delivering customer support linked to the agreement.

Legal Obligation

We may process and retain information to comply with legal obligations, including tax, accounting, safety, anti-fraud, and record-keeping requirements. We may also disclose data where required by law or a lawful request from a public authority.

Legitimate Interests

We process certain data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. These interests may include protecting our premises, preventing misuse of services, managing risk, improving operations, and defending legal claims. When we rely on this basis, we assess whether the processing is proportionate and whether safeguards are required.

Consent

In limited situations, we may ask for your consent, for example where it is needed for optional communications or specific processing not covered by another lawful basis. Where consent is used, you may withdraw it at any time, and this will not affect the lawfulness of processing carried out before withdrawal.

4. Sharing Personal Data and Processors

We do not sell personal data. However, we may share information with third parties when necessary for the operation of our business or when required by law. These third parties may act as processors or independent controllers depending on the circumstances.

Typical processor categories include:

  • Payment service providers who handle secure payment processing;
  • IT and hosting providers who support storage systems, databases, email, and data security;
  • Security and surveillance providers who maintain access control, alarm systems, and CCTV services;
  • Professional advisers such as accountants, legal advisers, and insurers;
  • Maintenance and support contractors who help operate or repair our facilities and equipment;
  • Identity verification or fraud prevention providers where checks are necessary.

Where processors handle personal data on our behalf, they are contractually required to act only on our instructions, maintain confidentiality, implement appropriate security measures, and comply with data protection law. We carry out reasonable due diligence before appointing processors and review their obligations where appropriate.

We may also disclose personal data to law enforcement, regulators, courts, or other public bodies when necessary to comply with the law, enforce agreements, protect rights, or investigate suspected unlawful activity.

5. International Transfers

If any of our service providers process data outside the UK, we will take steps to ensure appropriate safeguards are in place. This may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms permitted under applicable data protection law. We will only transfer data where required protections are available.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, operational, and dispute-resolution requirements. Retention periods may vary depending on the type of data and the reason it is held.

In general:

  • Customer account and contract records are kept for the duration of the agreement and for a reasonable period afterward.
  • Payment and accounting records are retained for the period required by tax and financial regulations.
  • Security records such as CCTV or access logs are kept only as long as needed for safety, investigation, and incident management.
  • Complaints and correspondence are retained for as long as necessary to resolve the matter and defend potential claims.

When data is no longer needed, we will securely delete, anonymise, or archive it in a manner consistent with our legal and operational obligations. Retention is always reviewed against necessity, proportionality, and legal requirements.

7. Your Data Protection Rights

Depending on the legal basis for processing and the circumstances of the request, you may have the following rights under data protection law:

  • Right of access - to obtain confirmation of whether we process your personal data and receive a copy of it.
  • Right to rectification - to request correction of inaccurate or incomplete information.
  • Right to erasure - to request deletion of your data in certain circumstances.
  • Right to restriction - to ask us to limit processing in specific situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to receive certain information in a structured, commonly used format where applicable.
  • Right to withdraw consent - where processing relies on consent.
  • Right to lodge a complaint - with the relevant supervisory authority if you believe your rights have been infringed.

We may need to verify your identity before responding to a rights request. We will respond within the time limits required by law and will explain any refusal or limitation where applicable.

8. Security of Your Information

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, restricted permissions, secure storage, staff training, and regular review of security practices. While no system can be guaranteed to be completely secure, we take our responsibilities seriously and continually review our safeguards.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, regulatory, operational, or security changes. The latest version will apply to your use of our services from the time it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

10. Final Statement

This Privacy Policy is designed to ensure that Acton Storage handles personal data fairly, transparently, and lawfully. We are committed to respecting your privacy and using information only where necessary for service delivery, security, compliance, and legitimate business purposes. If you are a customer in the area, this policy applies to your relationship with Acton Storage and forms part of our approach to responsible data protection.

Call Now!
Call Now Get a Quote
Acton Storage

GDPR-compliant Privacy Policy for Acton Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.