Privacy Policy - Balham Storage

Effective date: This Privacy Policy applies to all Balham Storage customers in the area and explains how personal data is collected, used, shared, stored, and protected when you use our storage services.

At Balham Storage, we are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to customers, prospective customers, account holders, authorised users, and any individuals whose information is provided to us in connection with a storage agreement or enquiry.

1. Information We Collect

We collect only the personal data necessary to provide and manage our storage services, operate our business, and meet legal and security obligations. The categories of information we may collect include:

  • Identity details: name, title, date of birth, and identification information provided for verification purposes.
  • Contact details: address, telephone number, and email address.
  • Account and contract information: storage unit details, agreement dates, payment status, records of services provided, and billing information.
  • Payment information: bank details, card-related information, and transaction records, where needed to process payments and refunds.
  • Security information: access logs, CCTV footage, incident reports, and records of authorised access to the premises.
  • Communication records: emails, messages, telephone notes, complaints, and service requests.
  • Technical information: device and usage data collected through our systems where necessary for security, fraud prevention, and system management.

We do not intentionally collect special category personal data unless you choose to provide it in a communication or it is required by law or for an insurance or legal claim. If such information is provided, we will handle it with additional care and only where a lawful basis exists.

2. How We Use Personal Data

We use personal data to deliver storage services and run our operations efficiently and securely. This includes:

  • setting up and managing customer accounts;
  • verifying identity and preventing fraud;
  • processing payments and issuing invoices;
  • providing access to storage facilities and managing site security;
  • responding to enquiries, complaints, and support requests;
  • maintaining records of agreements, service use, and incidents;
  • complying with legal, tax, accounting, and regulatory requirements;
  • protecting the rights, property, and safety of our customers, staff, and visitors.

We only use personal data for the purposes for which it was collected, unless we reasonably determine that we need to use it for a compatible purpose or another lawful basis applies.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the purpose, Balham Storage may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage unit, taking payment, providing access, and communicating about your account.

Legal Obligation

We process personal data where required to comply with legal obligations, such as accounting, tax, fraud prevention, health and safety requirements, or responding to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include protecting our premises, preventing theft or misuse, maintaining business records, and improving our services. Where we rely on legitimate interests, we consider the impact on individuals and apply appropriate safeguards.

Consent

In limited circumstances, we may rely on your consent, for example for certain marketing communications or optional uses of data. Where consent is used, you can withdraw it at any time without affecting the lawfulness of processing before withdrawal.

4. Retention of Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting obligations. Retention periods vary depending on the nature of the information and the reason for holding it.

  • Customer account and contract records: retained for the duration of the agreement and for a reasonable period afterwards to manage disputes, claims, or statutory obligations.
  • Payment and invoicing records: retained in line with tax and accounting requirements.
  • Security records and access logs: retained for a limited period unless needed longer for investigation, legal claims, or safeguarding.
  • Complaints and correspondence: retained for as long as needed to resolve the matter and for record-keeping.

When personal data is no longer required, it is securely deleted, anonymised, or destroyed using appropriate safeguards. Where legal or insurance obligations require longer retention, we will keep the data only for that extended period and then dispose of it securely.

5. Processors and Third Parties

We may share personal data with trusted processors and service providers who act on our behalf and only under our instructions. These may include:

  • IT and software providers that support account management, record storage, and security systems;
  • payment service providers that process transactions and reduce fraud;
  • security and monitoring providers that assist with site safety, access control, and CCTV systems;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • maintenance and operational contractors who require limited access to perform services safely;
  • public authorities where disclosure is required by law or necessary to protect rights, safety, or property.

All processors are required to protect personal data, process it only for specified purposes, and implement appropriate technical and organisational measures. Where personal data is transferred outside the UK, we ensure suitable safeguards are in place in accordance with data protection law.

6. Data Security

We take data security seriously and use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, password protection, encryption, staff training, restricted system permissions, and secure storage of paper records.

While no system is completely secure, we work to maintain a level of security appropriate to the risks associated with the personal data we process. If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will follow applicable legal requirements, including notifying relevant authorities and affected individuals where necessary.

7. Your Rights

Under data protection law, you have a number of rights regarding your personal data. Subject to legal limits and exemptions, these may include:

  • The right of access: to request a copy of the personal data we hold about you.
  • The right to rectification: to request correction of inaccurate or incomplete information.
  • The right to erasure: to request deletion of your personal data in certain circumstances.
  • The right to restrict processing: to ask us to limit how we use your data in certain situations.
  • The right to object: to object to processing based on legitimate interests or direct marketing.
  • The right to data portability: to receive certain personal data in a structured, commonly used format where applicable.
  • The right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been infringed. We encourage you to raise any concerns with us first so we can address them promptly.

8. Children's Data

Our storage services are not directed at children. We do not knowingly collect personal data from children unless it is provided incidentally in connection with an adult customer account or required for lawful business purposes. If we become aware that we have collected data from a child without an appropriate lawful basis, we will take steps to delete it or handle it in accordance with the law.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updates will take effect when the revised policy is made available. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

10. Summary of Our Commitments

Balham Storage will only process personal data where there is a valid lawful basis, will retain it only for as long as necessary, will use trusted processors under proper safeguards, and will respect the rights of all individuals whose data we hold. We aim to keep personal data secure, accurate, and used only for legitimate business and legal purposes.

In short: we collect the information needed to provide storage services, protect our premises, comply with the law, and support our customers fairly and transparently. This policy applies to all Balham Storage customers in the area.

Call Now!
Call Now Get a Quote
Balham Storage

GDPR-compliant Privacy Policy for Balham Storage covering data collection, lawful basis, retention, processors, user rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.