Privacy Policy - Newmalden Storage

This Privacy Policy explains how Newmalden Storage collects, uses, stores, shares, and protects personal data. It applies to all Newmalden Storage customers in the area, including individuals, families, and business users who use our storage services, facilities, or related support. We are committed to handling personal information in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Newmalden Storage is the data controller for the personal information described in this policy. This means we decide why and how your personal data is processed. We take privacy seriously and aim to collect only the information needed to provide and manage storage services effectively, safely, and lawfully.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity details such as your name, date of birth, and identity verification information.
  • Contact details such as postal address, email address, and telephone number.
  • Account and service information such as booking details, storage unit references, access permissions, and payment status.
  • Financial information such as billing details, payment records, and transaction history.
  • Security information such as access logs, CCTV recordings, and incident reports where relevant to site safety and crime prevention.
  • Communications including enquiries, complaints, service requests, and correspondence with our team.
  • Technical information where relevant, such as device or browser data if you interact with our digital systems.

We do not intentionally collect sensitive personal data unless it is necessary and lawful to do so. If such data is ever required, we will ensure appropriate safeguards are in place.

3. How We Collect Data

We collect personal data directly from you when you complete forms, sign agreements, make payments, submit enquiries, or communicate with us. We may also collect data from third parties where necessary, such as payment processors, identity verification providers, or legal and regulatory sources. In some cases, we may receive information from CCTV systems or access control systems for security purposes.

4. Why We Use Your Data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To verify identity and prevent fraud.
  • To process payments, invoices, and refunds.
  • To manage access to storage facilities and maintain site security.
  • To handle enquiries, complaints, and customer support requests.
  • To comply with legal, regulatory, and contractual obligations.
  • To maintain records, improve service quality, and protect legitimate business interests.

5. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing your personal data. Depending on the situation, we rely on one or more of the following:

  • Contract – where processing is necessary to enter into or perform our storage agreement with you.
  • Legal obligation – where we must retain or disclose information to comply with law, taxation, accounting, or regulatory requirements.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as site security, fraud prevention, customer administration, and service improvement, provided your rights do not override those interests.
  • Consent – where we rely on your clear permission, for example for certain optional communications or specific data uses. You may withdraw consent at any time where consent is the lawful basis.

When we process data for legitimate interests, we assess the impact on your privacy and ensure the processing is proportionate and necessary.

6. Data Sharing and Processors

We may share your personal data with trusted third parties acting as processors or independent controllers, but only where necessary and lawful. Processors process data on our behalf and under our instructions. Examples may include:

  • Payment service providers who handle card or electronic payments.
  • IT, cloud storage, and software service providers who support our systems.
  • Identity verification or fraud prevention services.
  • Security and monitoring providers, including CCTV maintenance or access-control contractors.
  • Professional advisers such as accountants, auditors, lawyers, or insurers.
  • Public authorities, law enforcement, or regulatory bodies where required by law.

We require processors to protect your data, use it only for authorised purposes, and apply appropriate security measures. We do not sell personal data.

7. International Transfers

If any processor stores or accesses data outside the UK, we will take steps to ensure an adequate level of protection. This may include the use of approved contractual safeguards or transfers to countries with recognised adequate protection under data protection law.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, or reporting obligations. Retention periods depend on the type of data and the reason for processing. For example:

  • Customer account and contract records may be retained for the duration of the service relationship and for a further period afterwards to handle disputes and comply with legal requirements.
  • Payment and invoice records may be kept for the period required by tax and accounting laws.
  • Security records such as access logs or CCTV may be kept for a limited time unless required for an investigation, claim, or legal process.

When data is no longer needed, it will be securely deleted, anonymised, or otherwise disposed of in line with our retention practices.

9. Security of Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure systems, staff training, and monitoring of relevant systems. While no system is completely risk-free, we work to maintain a high standard of protection.

10. Your Rights

Under data protection law, you have several rights regarding your personal data. These may include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit processing in certain situations.
  • Right to data portability – to request transfer of data you provided to us in a structured format, where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner's Office if you believe your data protection rights have been breached. We encourage you to raise concerns with us first so we can try to resolve them promptly.

How Rights Are Exercised

We may need to verify your identity before responding to a rights request. This is to protect your data from unauthorised disclosure. We will respond within the time limits required by law unless an extension is permitted due to complexity or volume of requests.

11. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is provided by an adult customer in connection with lawful use of our services. Where children’s data is involved, we will process it only where legally permitted and necessary.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. Any updated version will apply from the date it is issued. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

13. Summary of Our Commitment

Newmalden Storage is committed to protecting your privacy, using personal data fairly and transparently, and collecting only what is necessary to operate our storage services. We will always process your information on a lawful basis, retain it only as long as needed, work with trusted processors, and respect your rights under data protection law.

Call Now!
Call Now Get a Quote
Newmalden Storage

GDPR-compliant Privacy Policy for Newmalden Storage covering data collection, lawful basis, retention, processors, and customer rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.