Privacy Policy - Selfstorage Bow

This Privacy Policy explains how Selfstorage Bow collects, uses, shares, stores, and protects personal data in connection with the provision of self-storage services. It applies to all Selfstorage Bow customers in the area, including prospective customers, current customers, former customers, account holders, and any individuals who interact with us in relation to a storage unit, reservation, payment, or site access.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This Policy is intended to help you understand what information we collect, why we collect it, how long we keep it, who we share it with, and what rights you have.

1. Personal Data We Collect

We collect only the information necessary to manage our services, maintain security, and meet legal obligations. Depending on your relationship with Selfstorage Bow, we may collect the following categories of personal data:

  • Identity information: name, date of birth, and identification details where needed for verification.
  • Contact information: address, email address, and telephone number.
  • Account and contract information: reservation details, unit size, tenancy or rental records, start and end dates, and customer reference numbers.
  • Payment information: billing details, transaction records, payment status, and limited payment processing information.
  • Access and security information: entry logs, CCTV footage, alarm or incident records, and site access history where applicable.
  • Communications: correspondence, complaints, requests, and service-related messages.
  • Device and technical data: limited online usage data if you interact with digital services, such as IP address and browser details.

We do not intentionally collect special category data unless it is provided by you or required for a specific lawful reason. Where such information is necessary, we will only process it in line with data protection law and with appropriate safeguards.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage storage agreements;
  • to verify identity and prevent fraud;
  • to provide access to storage facilities and maintain site security;
  • to process payments, invoices, and refunds;
  • to communicate about bookings, renewals, service changes, and account matters;
  • to investigate incidents, disputes, or breaches of our terms;
  • to comply with legal, regulatory, tax, and accounting obligations;
  • to protect our property, staff, customers, and facilities;
  • to improve our services and operational efficiency;
  • to establish, exercise, or defend legal claims.

We only use personal data for clear and legitimate purposes. We do not sell personal data.

3. Lawful Basis for Processing

Under GDPR, we must have a lawful basis to process your personal data. We rely on the following bases depending on the situation:

Contract

We process your data when it is necessary to enter into or perform a contract with you, such as creating your account, managing your storage unit, taking payment, or handling renewals and service delivery.

Legal Obligation

We process personal data where required to comply with laws and regulations, including accounting rules, tax requirements, fraud prevention, and lawful responses to official requests.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided your rights do not override those interests. This includes protecting our premises, managing security, preventing misuse, handling disputes, and improving our services. We balance these interests carefully and only use data in ways that are reasonable and proportionate.

Consent

In limited cases, we may rely on your consent, for example for optional marketing communications or certain non-essential services. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Sharing Your Personal Data

We may share personal data with trusted third parties where necessary and lawful. These may include:

  • Payment processors who handle card or online payment transactions;
  • IT and software providers that support account management, secure data storage, and system maintenance;
  • Security providers including CCTV, monitoring, and access control service providers;
  • Professional advisers such as lawyers, accountants, auditors, and insurers;
  • Debt recovery or collections providers where accounts remain unpaid and lawful recovery action is needed;
  • Public authorities where disclosure is required by law or necessary to respond to lawful requests.

We require processors and other service providers to handle personal data securely, use it only for specified purposes, and comply with data protection requirements. All processors are bound by contractual obligations to protect your data and act only on our instructions where they process data on our behalf.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, contractual, security, or reporting obligations. Retention periods may vary depending on the type of data and the reason for processing.

  • Customer and contract records are kept for the duration of the storage relationship and for a reasonable period afterwards.
  • Payment and accounting records are retained for the period required by tax and financial laws.
  • Security records, such as access logs and CCTV footage, are kept only for as long as needed for security, investigation, or incident management.
  • Correspondence and complaint records are retained while necessary to resolve issues and demonstrate compliance.

When personal data is no longer required, it is securely deleted, anonymised, or destroyed.

6. Your Rights Under GDPR

You have rights in relation to your personal data. Subject to legal limits and applicable exemptions, these rights include:

  • Right of access: you can request a copy of the personal data we hold about you;
  • Right to rectification: you can ask us to correct inaccurate or incomplete data;
  • Right to erasure: you can request deletion of your data in certain circumstances;
  • Right to restrict processing: you can ask us to limit how we use your data in certain situations;
  • Right to object: you can object to processing based on legitimate interests or direct marketing;
  • Right to data portability: you can request transfer of data you provided to us, where applicable;
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can address them promptly and fairly.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against accidental loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access restrictions, secure systems, staff training, physical security controls, and data minimisation practices.

While no system is completely secure, we regularly review our safeguards and work to maintain a high standard of protection for customer information.

8. Automated Decision-Making

We do not use personal data for decisions based solely on automated processing that have legal or similarly significant effects on you, unless we inform you and a lawful basis exists. If such processing is introduced, we will provide clear information about the logic involved and your rights.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our operations, or the way we process personal data. Any revised version will apply from the date it is issued. We encourage customers to review this Policy periodically so they remain informed about how their data is handled.

10. Additional Information

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect it in line with applicable law. Such safeguards may include adequacy regulations or approved contractual protections.

We also expect customers to provide accurate information and to keep it up to date so that we can deliver services effectively and maintain proper records. If you provide information about another person, you should ensure that you have the authority to do so and that they are aware of this Privacy Policy where required.

Selfstorage Bow is committed to treating your personal data with care, respect, and transparency. We use information responsibly, retain it only as long as needed, and uphold the rights of all customers in the area.

Call Now!
Call Now Get a Quote
Selfstorage Bow

GDPR-compliant Privacy Policy for Selfstorage Bow covering data use, lawful bases, retention, processors, security, and customer rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.