Privacy Policy - Bellingham Storage

Effective date: This Privacy Policy applies to all Bellingham Storage customers in the area and explains how we collect, use, store, share, and protect personal data in line with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Bellingham Storage is committed to protecting the privacy and security of personal data. This policy explains what information we collect from customers, prospective customers, visitors, contractors, and other individuals who interact with us in connection with storage services. It also explains why we use personal data, the lawful bases we rely on, how long we keep information, the third parties we may share data with, and the rights available to individuals under data protection law.

By using our services or providing us with personal data, you acknowledge that your information will be handled in accordance with this policy and applicable law.

2. Personal Data We Collect

We may collect and process different types of personal data depending on how you interact with us. This may include:

  • Identity information such as your name, date of birth, and identification details.
  • Contact information such as postal address, email address, and telephone number.
  • Account and service information such as storage unit details, access records, billing preferences, and contract information.
  • Payment information such as payment method details and transaction records, where needed for billing and fraud prevention.
  • Security and access information such as CCTV images, access logs, vehicle registration details, and entry timestamps where access controls are used.
  • Communications including enquiries, complaints, requests, and correspondence with our staff.
  • Technical data when you interact with our digital systems, such as IP address, device identifiers, or browser information, where applicable.

We normally collect personal data directly from you, but we may also receive it from third parties where necessary for business, legal, or security purposes.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To provide storage services and manage customer accounts.
  • To verify identity and prevent unauthorised access.
  • To process payments, issue invoices, and manage arrears.
  • To communicate with customers about contracts, bookings, renewals, notices, and operational matters.
  • To maintain site safety, security, and fraud prevention measures.
  • To comply with legal, regulatory, insurance, and tax obligations.
  • To handle disputes, claims, and complaints.
  • To improve our services, systems, and customer experience.

We will only use personal data for the purposes for which it was collected, unless we reasonably consider that another purpose is compatible with the original purpose and permitted by law.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. The main lawful bases we rely on are:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as setting up your storage agreement, managing access to your unit, taking payment, and providing customer support.

Legal Obligation

We may process data where necessary to comply with legal duties, including tax, accounting, anti-fraud, health and safety, and record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This includes site security, CCTV monitoring, preventing unauthorised access, improving services, and managing business operations.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary to operate our business and provide services. These third parties act as processors or, in some cases, independent controllers.

  • Payment service providers who process transactions securely.
  • IT and cloud service providers who store or support our systems, databases, and communications.
  • Security providers who assist with CCTV, alarm systems, access control, and site monitoring.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Regulators, law enforcement, or public authorities where disclosure is required by law or necessary to protect rights, property, or safety.

Where a third party acts as a processor, they are only permitted to process personal data on our instructions and must implement appropriate technical and organisational measures to protect it. We require processors to maintain confidentiality and to use data only for the services they provide to us.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, insurance, and reporting requirements. Retention periods depend on the nature of the data and the purpose of processing.

In general:

  • Customer account and contract records are kept for the duration of the relationship and for a reasonable period afterwards.
  • Payment and invoice records are retained in accordance with tax and financial obligations.
  • Security records such as access logs and CCTV footage are retained for limited periods unless needed for investigations, claims, or legal proceedings.
  • Correspondence and complaints may be retained as long as necessary to resolve issues and demonstrate compliance.

When personal data is no longer required, we will securely delete, anonymise, or destroy it.

7. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, encryption, secure storage, staff confidentiality obligations, and monitoring of systems and premises.

While no system can be guaranteed completely secure, we regularly review our safeguards and adapt them in response to operational and security risks.

8. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place, such as an adequacy regulation, standard contractual clauses, or other lawful transfer mechanisms. Any such transfer will be carried out in accordance with applicable data protection law.

9. Your Rights

Depending on the circumstances, you may have the following rights in relation to your personal data:

  • Right of access to request a copy of the personal data we hold about you.
  • Right to rectification to ask us to correct inaccurate or incomplete information.
  • Right to erasure to request deletion of your data in certain situations.
  • Right to restrict processing to limit how we use your data in certain circumstances.
  • Right to data portability to receive certain data in a structured, commonly used format.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent where processing relies on consent.

To exercise your rights, you should provide sufficient information for us to identify you and your request. We may need to verify your identity before responding. We will respond within the time limits required by law, usually within one month, unless the request is complex or numerous.

10. Automated Decision-Making

We do not normally use personal data for decisions based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide appropriate information about the logic involved and your rights.

11. Complaints

If you have concerns about how we handle personal data, you should raise them with us so we can investigate and respond. You also have the right to complain to the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is made available.

13. Summary

This Privacy Policy explains how Bellingham Storage collects and uses personal data, the lawful bases for processing, how long data is kept, who may process it on our behalf, and the rights available to individuals. It applies to all Bellingham Storage customers in area and is intended to ensure that personal data is handled lawfully, fairly, and transparently.

Call Now!
Call Now Get a Quote
Bellingham Storage

GDPR-compliant Privacy Policy for Bellingham Storage covering data collection, lawful basis, retention, processors, user rights, and applies to all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.