Privacy Policy - Brentford Storage

This Privacy Policy explains how Brentford Storage collects, uses, stores, shares, and protects personal data. It applies to all Brentford Storage customers in the area, including prospective customers, current customers, former customers, and individuals who interact with us on behalf of a business, household, or organisation. This policy is intended to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Brentford Storage provides storage services to customers in the local area. In providing those services, we act as a data controller for personal data we decide to collect and process. This means we determine the purposes and means of processing your personal data and are responsible for ensuring that your data is handled lawfully, fairly, and transparently.

2. Personal data we collect

We collect only the data we need to operate our services, meet legal obligations, and manage our relationship with you. The information we may collect includes:

  • Identity information such as your name and title.
  • Contact information such as address and email address.
  • Account and transaction details such as booking records, payment status, invoice information, and storage unit details.
  • Verification information where needed to confirm identity, prevent fraud, or meet legal and security requirements.
  • Communications such as messages, complaints, service requests, and notes relating to your account.
  • Technical and usage data such as IP address, browser type, device information, and basic usage logs when you interact with our digital systems.
  • CCTV and access records where lawful and appropriate for security, safety, and crime prevention.

We may also receive personal data from third parties where necessary, for example from payment providers, referral partners, insurance providers, or where another person makes a booking on your behalf. In each case, we only use that data as permitted by law and for a clear purpose.

3. How we use your data

We use personal data for the following purposes:

  • to set up and manage customer accounts;
  • to provide storage services and maintain access arrangements;
  • to process payments, refunds, invoices, and account balances;
  • to communicate about service matters, policy updates, and operational notices;
  • to verify identity and prevent fraud or misuse;
  • to ensure safety, security, and site management;
  • to comply with tax, accounting, legal, and regulatory obligations;
  • to handle disputes, claims, complaints, and enforcement matters;
  • to improve service delivery, systems, and customer experience;
  • to defend legal claims and exercise our rights.

We will not use your personal data for purposes that are incompatible with the reasons we collected it, unless we have a lawful basis to do so and you are informed where required.

4. Lawful basis for processing

Under data protection law, we must have a lawful basis for each type of processing. Brentford Storage relies on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage agreement, taking payment, managing access, and providing customer support connected to the service.

Legal obligation

We may process personal data to comply with legal obligations, such as accounting, tax, audit, security, safeguarding, and other regulatory requirements.

Legitimate interests

We process some data because it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, fraud prevention, business administration, service improvement, and record keeping. When relying on this basis, we carry out appropriate balancing assessments.

Consent

In limited situations, we may rely on your consent, for example where the law requires it for certain communications or optional services. Where consent is used, you may withdraw it at any time, without affecting processing already carried out before withdrawal.

5. Data sharing and processors

We may share personal data with trusted third parties that act as processors or independent controllers, depending on the situation. We only share what is necessary and only for lawful purposes.

Processors are service providers that process data on our behalf under written contracts. These may include:

  • IT and hosting providers;
  • customer management and accounting systems;
  • payment processing services;
  • security and CCTV support providers;
  • email and communication platforms;
  • document storage and archiving services;
  • professional advisers who act under confidentiality obligations.

Where required, we ensure processors are bound by appropriate data processing agreements and are required to keep data secure, use it only for our instructions, and assist with data protection compliance.

We may also disclose personal data to independent controllers where necessary, such as law enforcement bodies, insurers, legal advisers, courts, regulators, or other authorities when required by law or where it is necessary to protect our rights, customers, staff, property, or the public.

6. International transfers

If any of our processors or service providers store or access data outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other approved transfer mechanisms designed to protect your data to a standard equivalent to UK law.

7. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, security, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

  • Contract and account records are generally kept for the duration of the customer relationship and for a period afterwards to handle disputes, claims, and audit requirements.
  • Financial records are typically retained for the periods required by tax and accounting law.
  • Security records such as CCTV footage or access logs are kept only as long as needed for safety, incident investigation, or crime prevention.
  • Correspondence and support records are retained for a reasonable period to manage ongoing issues and maintain service history.

When data is no longer required, we will securely delete it, anonymise it, or destroy it in a safe and appropriate manner.

8. Security of your data

We use appropriate technical and organisational measures to protect personal data against accidental loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff training, encryption where appropriate, secure storage, and regular review of our security practices.

While we take data security seriously, no system can be guaranteed to be completely secure. We therefore encourage customers to take reasonable steps to protect their own information, especially account details and correspondence.

9. Your rights

Subject to legal limitations, you have the following rights in relation to your personal data:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to have inaccurate or incomplete data corrected.
  • Right to erasure - to request deletion of data in certain circumstances.
  • Right to restrict processing - to ask us to limit how we use your data in certain situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to receive certain data in a structured, commonly used, machine-readable format where technically feasible.
  • Right to withdraw consent - where processing is based on consent.
  • Right to complain - to raise concerns with the UK Information Commissioner’s Office if you believe your rights have been infringed.

We may need to verify your identity before responding to a rights request. This helps protect your privacy and prevents unauthorised disclosure.

10. Children’s data

Our storage services are not directed at children, and we do not knowingly collect personal data from children unless it is necessary in connection with a lawful customer relationship and appropriate safeguards are in place. If we become aware that we have collected data unlawfully, we will take steps to delete it where required.

11. Automated decision-making

We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects, unless such processing is lawful, necessary, and subject to appropriate safeguards. If this changes, we will inform affected individuals and explain their rights.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. The latest version will apply from the date it is issued. We encourage customers to review the policy periodically so they remain informed about how their information is handled.

By using Brentford Storage services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and applicable data protection law.

Call Now!
Call Now Get a Quote
Brentford Storage

GDPR-compliant Privacy Policy for Brentford Storage covering collection, lawful basis, retention, processors, rights, and local customer scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.