Privacy Policy - Eastham Storage

This Privacy Policy explains how Eastham Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, visitors, and other individuals whose data we process in connection with our storage services. It applies to all Eastham Storage customers in the area and to any person who interacts with us in relation to our services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any other applicable privacy laws.

1. Who We Are

Eastham Storage provides storage-related services for individuals and businesses. In the course of providing these services, we may act as a data controller for personal data we collect and determine how and why it is used. This means we are responsible for deciding the purposes and means of processing personal data in relation to our operations, customer administration, security, billing, and communication.

2. Personal Data We Collect

We only collect personal data that is relevant and necessary for our legitimate business and legal purposes. Depending on your relationship with us, the categories of information we may collect include:

  • Identity information such as your name, title, and date of birth where needed for verification.
  • Contact details such as address, email address, and telephone number.
  • Account and service information including storage unit details, booking records, payment status, and service history.
  • Payment information such as billing details and transaction records. Payment card details, where used, are handled securely through appropriate payment providers.
  • Identification and verification data where required to confirm identity, prevent fraud, or comply with legal obligations.
  • Security data such as CCTV recordings, access logs, incident reports, and vehicle details where collected for site security and protection of property.
  • Communication data including correspondence, enquiries, complaints, and service-related messages.

We may also process limited technical data if you use digital systems connected to our services, such as device or browser information, where necessary for security, service administration, or system performance. We do not intentionally collect special category data unless you provide it voluntarily or it is required by law in a specific situation.

3. How We Use Personal Data

We use personal data only for clear and lawful purposes. These purposes include:

  • providing storage services and managing customer accounts;
  • processing bookings, payments, renewals, and cancellations;
  • verifying identity and preventing fraud or misuse;
  • maintaining site safety, security, and operational integrity;
  • communicating about service updates, invoices, reminders, and contractual matters;
  • handling enquiries, complaints, and dispute resolution;
  • meeting legal, regulatory, tax, accounting, and insurance obligations;
  • protecting the rights, property, and safety of Eastham Storage, our customers, staff, and visitors.

We do not sell personal data. We use data only in ways that are necessary, proportionate, and consistent with the purposes for which it was collected.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing personal data. Depending on the situation, we rely on one or more of the following bases:

  • Contract – processing is necessary to enter into or perform a contract with you, such as providing storage services, managing billing, or maintaining your account.
  • Legal obligation – processing is necessary to comply with legal requirements, including tax, accounting, fraud prevention, health and safety, and record-keeping obligations.
  • Legitimate interests – processing is necessary for our legitimate business interests, provided your interests and fundamental rights do not override those interests. Examples include site security, customer administration, service improvement, and preventing misuse.
  • Consent – in limited circumstances, we may rely on your consent, for example for optional communications or specific uses where required by law. Where consent is used, you may withdraw it at any time.

Where we process special category data, we will only do so when a valid condition under data protection law applies and additional safeguards are in place.

5. Sharing and Processors

We may share personal data with trusted third parties that assist us in delivering services. These third parties act either as processors on our behalf or as independent controllers in their own right, depending on the service provided. When we use processors, we ensure they are subject to appropriate contractual safeguards and process data only on our instructions.

Examples of processors and service providers may include:

  • payment service providers for secure transaction handling;
  • IT and cloud service providers for data storage, communication, and system support;
  • security service providers for CCTV, alarm monitoring, or access control support;
  • professional advisers such as accountants, insurers, auditors, and legal advisers;
  • debt recovery or enforcement providers where lawful and necessary;
  • maintenance and operational contractors where access to limited personal data is required.

We may also disclose personal data to public authorities, regulators, law enforcement, courts, or other parties where required by law or where necessary to protect our legitimate interests, property, or the safety of others.

6. International Transfers

If any personal data is transferred outside the United Kingdom, we will ensure that appropriate legal safeguards are in place. This may include adequacy regulations, standard contractual clauses, or other mechanisms permitted by law to protect your information to an equivalent standard.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, reporting, and operational requirements. Retention periods vary depending on the type of data and the context in which it is used.

  • Customer account and contract records are retained for the duration of the relationship and for a further period where needed for legal or administrative reasons.
  • Financial and transaction records are usually retained for periods required by tax and accounting law.
  • Security records, including CCTV and access logs, are kept only for a limited period unless needed for an investigation, legal claim, or regulatory matter.
  • Communications and complaints are retained as long as necessary to resolve issues and maintain appropriate records.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

8. Data Security

We use reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, staff confidentiality obligations, secure storage, logging, and other security procedures appropriate to the nature of the data and the risks involved.

While we take security seriously, no system can be guaranteed as completely secure. We therefore encourage customers to take care when sharing information and to notify us if they believe their data may have been compromised.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exemptions, depending on the circumstances.

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of personal data in certain circumstances.
  • Right to restrict processing – to ask us to limit the way we use your data in some situations.
  • Right to data portability – to receive certain information in a structured, commonly used format and, where technically feasible, have it transferred to another organisation.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

10. Children’s Data

Our services are not intended for children acting on their own behalf. We do not knowingly collect personal data from children unless it is necessary and lawful in connection with a customer arrangement or other legitimate purpose. Where we become aware that such data has been collected inappropriately, we will take steps to delete or correct it as required.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our data handling practices. Any revised version will apply from the date it is made available. We encourage you to review this policy periodically so that you remain informed about how your personal data is used.

12. Summary of Our Commitment

Eastham Storage is committed to protecting your privacy and using personal data responsibly. We collect only what we need, use it for legitimate and lawful purposes, retain it for no longer than necessary, and share it only with trusted processors or where required by law. We aim to be transparent, fair, and secure in every part of our processing activities.

By using our services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy and applicable law.

Call Now!
Call Now Get a Quote
Eastham Storage

GDPR-compliant Privacy Policy for Eastham Storage covering data collection, lawful basis, retention, processors, rights, and area-wide application.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.