Privacy Policy - Richmonduponthames Storage

This Privacy Policy explains how Richmonduponthames Storage collects, uses, stores, shares, and protects personal data when providing storage-related services. It applies to all Richmonduponthames Storage customers in the area, including individuals, business customers, and any person who interacts with us in relation to a storage agreement, enquiry, payment, site access, account management, or support request. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who we are

Richmonduponthames Storage acts as the data controller for the personal data we collect and use in connection with our storage services. This means we decide why and how your personal data is processed. In some situations, we may also use service providers who process data on our behalf as data processors.

2. Personal data we collect

We only collect personal data that is necessary for providing and managing our services. The categories of data we may collect include:

  • Identity information such as your name, title, date of birth, and identification details where required.
  • Contact information such as billing address, email address, and telephone number.
  • Account and contract information such as storage unit details, tenancy dates, booking records, correspondence, and service preferences.
  • Payment information such as payment status, transaction records, and limited payment processing details. We do not usually store full card details where a secure payment provider is used.
  • Usage information such as access logs, site entry records, service interactions, and support requests.
  • Security information such as CCTV footage, visitor logs, and incident reports where applicable.
  • Technical information such as device or system information when you use our online services, if any, including IP-related data and browser details.

We may also receive personal data from third parties where necessary, for example from payment providers, credit reference agencies, insurers, referral sources, or persons acting on your behalf.

3. How we use personal data

We use personal data for the following purposes:

  • to set up, manage, and perform storage agreements;
  • to verify identity and prevent fraud, misuse, or unauthorised access;
  • to process payments, issue invoices, and manage account balances;
  • to provide customer support and respond to enquiries;
  • to maintain site security, protect property, and investigate incidents;
  • to comply with legal, regulatory, accounting, and tax obligations;
  • to enforce our terms, recover debts, or resolve disputes;
  • to improve our services, systems, and customer experience;
  • to send operational communications relating to your storage service.

We will only use personal data for the purposes for which it was collected unless we reasonably consider that we need to use it for another compatible purpose.

4. Lawful basis for processing

We process personal data only where we have a valid lawful basis under data protection law. Depending on the context, our lawful bases include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as managing a storage unit, handling payments, or providing account services.

Legal obligation

We process data where necessary to comply with legal duties, including tax, accounting, fraud prevention, health and safety, and lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms. This may include site security, service improvement, operational administration, debt recovery, and the prevention of misuse or unauthorised access.

Consent

Where we rely on consent, we will make this clear at the time of collection. You may withdraw consent at any time, although this will not affect processing already carried out lawfully before withdrawal.

5. Data sharing and processors

We may share personal data with trusted third parties where necessary and lawful. These may include:

  • Payment processors who handle card or electronic payments securely;
  • IT and cloud service providers who support our systems, storage, email, and data management;
  • Security providers who assist with CCTV, alarms, site monitoring, or incident response;
  • Professional advisers such as accountants, auditors, insurers, lawyers, and debt recovery specialists;
  • Regulators, law enforcement, and public authorities where disclosure is required by law or needed to protect rights, property, or safety.

Where a third party processes personal data on our behalf, they act as a processor. Processors are only allowed to use data in line with our instructions and must implement appropriate security measures. We do not sell personal data.

6. International transfers

If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as an adequacy decision or approved contractual protections, to maintain a level of protection equivalent to UK data protection law.

7. Data retention

We retain personal data only for as long as necessary for the purposes described in this policy and to meet legal or operational requirements. Retention periods vary depending on the type of data and why it is held. In general:

  • Contract and account records are retained for the duration of the service and for a period afterwards to deal with claims, tax, and accounting obligations;
  • Payment records are kept for the period required by financial and tax laws;
  • Security records such as CCTV footage are kept for a limited period unless needed for an investigation or legal matter;
  • Enquiry and correspondence records are kept for as long as necessary to manage your request and maintain a record of communications.

When personal data is no longer needed, we will delete it or anonymise it securely.

8. Data security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure systems, backups, and monitored physical security. Although no system can be guaranteed to be completely secure, we take reasonable steps to reduce risk.

9. Your rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restriction – to ask us to limit how we use your data in certain cases;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent – where processing is based on consent;
  • Right to complain – to raise concerns with the UK Information Commissioner’s Office if you believe your rights have been infringed.

Some rights are subject to conditions and exceptions under applicable law. We may need to verify your identity before responding to a request.

10. Automated decision-making

We do not carry out solely automated decision-making that produces legal or similarly significant effects without appropriate safeguards. If this changes, we will inform you and explain your rights.

11. Children

Our services are generally intended for adults and business users. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful storage arrangement and appropriate safeguards are in place.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process data. Any revised version will apply from the date it is made available. We encourage customers to review it periodically to stay informed about how their information is handled.

13. Summary of our commitments

In summary, Richmonduponthames Storage collects only the personal data needed to provide secure and reliable storage services, uses it under clear lawful bases, keeps it only as long as necessary, shares it only with appropriate processors and other authorised recipients, and respects the rights of every customer in the area. Our goal is to process personal data in a way that is transparent, responsible, and fully aligned with GDPR principles.

Call Now!
Call Now Get a Quote
Richmonduponthames Storage

GDPR-compliant Privacy Policy for Richmonduponthames Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.