Privacy Policy – Friernbarnet Storage

This Privacy Policy explains how Friernbarnet Storage collects, uses, stores, shares, and protects personal data relating to its customers. It applies to all Friernbarnet Storage customers in the area, including individuals, households, and businesses that use our storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to all customers who enquire about, contract for, access, or otherwise use Friernbarnet Storage services in the area. It also applies where we process personal data about prospective customers, account holders, authorised users, and individuals acting on behalf of business customers.

By using our services, you acknowledge that your personal data may be processed as described in this policy.

2. Data we collect

We collect only the personal data necessary to provide and manage our storage services, maintain security, meet legal obligations, and improve our operations. The types of data we may collect include:

  • Identity data such as your name, date of birth, and identification details where needed for verification;
  • Contact data such as billing address, correspondence address, email address, and telephone number;
  • Account data such as booking details, unit allocations, access permissions, payment status, and customer records;
  • Financial data such as payment card details or bank details processed for billing and refunds, where applicable;
  • Security data such as CCTV images, access logs, key or code records, incident reports, and entry records;
  • Communications data such as messages, calls, complaints, queries, and any information you voluntarily provide to us;
  • Technical data such as IP address, browser type, and device information if you interact with digital systems;
  • Special category data only where you choose to provide it and where it is necessary for a lawful purpose, although we do not routinely seek this information.

We do not intentionally collect more information than is required for the purposes described below.

3. How we collect personal data

We may collect personal data directly from you when you complete a booking, enter into a storage agreement, contact us, make payments, or provide information for identity verification. We may also collect data automatically through security systems, access controls, and monitoring systems used to protect our premises, customers, and property. In some cases, we may receive personal data from third parties such as payment providers, identity verification services, insurers, legal representatives, or property managers, where appropriate and lawful.

4. Why we use personal data

We use personal data for the following purposes:

  • to set up and administer storage accounts;
  • to verify identity and prevent fraud;
  • to provide access to storage units and manage site security;
  • to process payments, refunds, and invoices;
  • to respond to enquiries, complaints, and service requests;
  • to maintain records of agreements, transactions, and incidents;
  • to comply with legal, regulatory, and tax obligations;
  • to protect the rights, safety, and property of customers, staff, contractors, and visitors;
  • to manage disputes, recover debts, and establish or defend legal claims;
  • to improve our services, site operations, and security measures.

We will only process your personal data for specific, legitimate purposes and will not use it in ways that are incompatible with those purposes.

5. Lawful basis for processing

We rely on one or more of the following lawful bases under the UK GDPR:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, providing access to storage units, taking payments, and administering your account.

Legal obligation

We process personal data where necessary to comply with legal obligations, including tax, accounting, health and safety, fraud prevention, and record-keeping requirements.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include site security, CCTV monitoring, preventing theft, investigating incidents, managing arrears, and improving services.

Consent

In limited situations, we may rely on your consent, such as for certain optional communications or where lawfully required. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

6. Sharing personal data and processors

We may share personal data with trusted third parties where necessary and lawful. These third parties may act as processors or independent controllers depending on the circumstances.

Examples of processors and service providers may include:

  • payment processing providers;
  • IT hosting, cloud storage, and software providers;
  • identity verification and fraud prevention services;
  • security and CCTV system providers;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • maintenance, repair, and facilities management contractors;
  • debt recovery or collection agencies where permitted by law.

Where we use processors, they are required to process personal data only on our instructions, to keep it secure, and to comply with applicable data protection law. We do not sell your personal data.

We may also disclose personal data where required by law, court order, regulatory request, or to protect the vital interests of any person, prevent crime, or establish, exercise, or defend legal claims.

7. International transfers

If any personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place so that the data remains protected to a standard essentially equivalent to UK data protection law. Such safeguards may include adequacy regulations, standard contractual clauses, or other legally approved mechanisms.

8. Data retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, tax, insurance, and reporting requirements. The retention period depends on the type of data and the purpose for which it is processed.

  • Customer account and contract records are kept for the duration of the agreement and for a reasonable period afterward;
  • Payment and financial records are retained as required by applicable tax and accounting rules;
  • Security records, including access logs and CCTV footage, are kept only for as long as needed for security and incident management purposes;
  • Correspondence and complaint records may be retained for as long as necessary to handle the matter and for legal defence purposes;
  • Where data is no longer required, it is securely deleted or anonymised.

Retention periods may vary depending on legal obligations, the nature of the service, and the need to resolve disputes or enforce rights.

9. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include restricted access, access control systems, monitoring, secure storage, staff confidentiality obligations, and supplier due diligence. While no system can be guaranteed completely secure, we work to maintain a level of security appropriate to the risk.

10. Your rights under data protection law

Subject to certain legal conditions and exemptions, you have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restrict processing – to ask us to limit how we use your data in certain cases;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent – where processing is based on consent, to withdraw it at any time;
  • Right to complain – to raise concerns with the relevant data protection authority if you believe your rights have been infringed.

We will respond to rights requests in accordance with applicable law and may need to verify your identity before acting on your request.

11. Automated decision-making

We do not use fully automated decision-making that produces legal or similarly significant effects on customers. If this changes, we will provide appropriate information and safeguards as required by law.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our services, or our data handling practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their personal data is used.

13. Summary of our approach

Friernbarnet Storage is committed to processing personal data responsibly, securely, and transparently. We collect only what is needed, use it for clear and lawful purposes, retain it only as long as necessary, and apply suitable safeguards when sharing it with processors or other parties. This policy is intended to ensure that all Friernbarnet Storage customers in the area understand how their personal data is handled and what rights they have under data protection law.

Call Now!
Call Now Get a Quote
Friernbarnet Storage

GDPR-compliant Privacy Policy for Friernbarnet Storage covering data use, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.