Privacy Policy - Coventgarden Storage

Coventgarden Storage is committed to protecting the privacy and personal data of our customers, prospective customers, website users, and other individuals whose information we process. This Privacy Policy explains how we collect, use, share, store, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to all Coventgarden Storage customers in the area, as well as anyone who interacts with us in connection with storage services, account management, payments, enquiries, or related business activities.

1. Who We Are

For the purposes of data protection law, Coventgarden Storage acts as the data controller for the personal data we collect and process for our own business purposes. This means we determine how and why your personal data is used.

We take our responsibilities seriously and aim to ensure that any personal data entrusted to us is handled lawfully, fairly, and transparently.

2. Personal Data We Collect

We may collect and process different categories of personal data depending on how you interact with us and what services you use. The data we collect may include:

  • Identity information such as your name, title, and date of birth where necessary.
  • Contact details such as your address, email address, and telephone number.
  • Account information including customer reference numbers, tenancy details, and storage unit records.
  • Payment information such as billing details, payment history, and transaction records.
  • Communication records including correspondence, enquiries, complaints, and notes from interactions with our team.
  • Identification documents where required for verification, anti-fraud, or legal compliance purposes.
  • Technical data such as IP addresses, device information, and limited usage data if you engage with digital services.
  • CCTV and access records where our premises use security systems to protect customers, staff, and property.

We generally do not seek to collect special category data. If such data is provided to us by accident or becomes necessary for a specific lawful purpose, we will process it only where permitted by law and with appropriate safeguards.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage agreements.
  • To verify identity and prevent fraud.
  • To process payments, invoices, and account administration.
  • To communicate with you about your storage service, enquiries, or issues.
  • To maintain site security and protect property, customers, and staff.
  • To meet legal, regulatory, accounting, and tax obligations.
  • To improve our services, records, and operational efficiency.
  • To deal with disputes, claims, or enforcement matters.

We will only use your personal data for purposes that are compatible with the reasons it was originally collected, unless we have a lawful basis to do otherwise.

4. Lawful Basis for Processing

We process personal data only when we have a valid lawful basis under data protection law. Depending on the circumstances, our lawful bases may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, arranging payments, and providing agreed services.

Legal Obligation

We may process data where required to comply with legal obligations, including tax, accounting, fraud prevention, and other statutory requirements.

Legitimate Interests

We may rely on legitimate interests where processing is necessary for our business operations and where those interests are not overridden by your rights and freedoms. Examples include protecting premises, improving services, managing business records, and defending legal claims.

Consent

In limited situations, we may rely on your consent, for example where optional marketing or certain types of data use require it. Where consent is used, you may withdraw it at any time.

5. Sharing and Processors

We may share personal data with carefully selected third parties who act as processors on our behalf or, in some cases, as independent controllers. These organisations are only allowed to use your data for specified purposes and must protect it appropriately.

Examples of processors and third parties may include:

  • IT and cloud service providers that support our systems, data storage, and communications.
  • Payment service providers that handle card transactions and payment processing.
  • Professional advisers such as accountants, auditors, lawyers, and insurers.
  • Security providers operating CCTV, alarms, access control, or monitoring services.
  • Maintenance and facilities contractors who require limited access to fulfil their work.
  • Public authorities or law enforcement where disclosure is required by law or necessary to protect rights, safety, or property.

We require appropriate contractual protections with processors and aim to ensure that any data sharing is limited, proportionate, and lawful.

6. International Transfers

If any of our service providers process personal data outside the UK, we will take steps to ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements.

Retention periods vary depending on the type of record and the reason it is held. In general:

  • Customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security records, such as CCTV or access logs, are retained for a limited period unless needed for investigation or legal purposes.
  • Correspondence and complaint records are retained as long as necessary to resolve issues and maintain business records.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention practices.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to data portability – to request transfer of certain data to you or another organisation.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing relies on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal exceptions or conditions. We may need to verify your identity before responding to a request.

9. Security of Your Data

We implement appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, monitoring procedures, and contractual protections with third-party processors.

While we take reasonable steps to safeguard information, no system can be guaranteed to be completely secure.

10. Marketing Communications

We may contact you with service-related communications necessary for the management of your account or storage agreement. Where permitted, we may also send marketing communications. You may opt out of marketing messages at any time, and we will respect your preferences where required by law.

11. Children

Our services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in connection with a lawful business or contractual purpose. If we become aware that we have collected information from a child without appropriate authority, we will take steps to remove it where required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated.

We encourage customers to review this policy periodically to understand how we protect personal data.

13. How to Exercise Your Rights

If you wish to exercise any of your rights, raise a privacy concern, or request further information about this policy, you may contact us using the channels we provide in our customer communications or records. We will respond in accordance with applicable data protection law.

Where you are not satisfied with our response, you may also have the right to complain to the relevant data protection authority.

Last reviewed: This Privacy Policy is intended to provide a clear and transparent overview of how Coventgarden Storage handles personal data for all customers in the area.

Call Now!
Call Now Get a Quote
Coventgarden Storage

GDPR-compliant Privacy Policy for Coventgarden Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.