Privacy Policy - Newington Storage

Effective date: This Privacy Policy applies to all Newington Storage customers in the area and explains how we collect, use, disclose, store, and protect personal data in connection with our storage services.

Newington Storage is committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection laws, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help customers understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights individuals have in relation to their personal data.

1. Data We Collect

We collect only the information necessary to provide our storage services, manage accounts, maintain security, and meet legal obligations. The types of personal data we may collect include:

  • Identity data: name, date of birth, and identification details where needed for account opening, security, or compliance checks.
  • Contact data: address, email address, and telephone number.
  • Account and contract data: storage unit details, booking records, payment status, contract terms, and service preferences.
  • Financial data: limited billing and payment information, such as payment method references and transaction records.
  • Security and access data: entry logs, CCTV footage, alarm records, and site access information.
  • Communications data: correspondence relating to enquiries, complaints, notices, or account administration.
  • Technical data: IP address, device information, browser type, and usage data where collected through digital systems used to manage our services.

We may also collect information from third parties when necessary, such as identity verification providers, payment processors, fraud prevention services, or law enforcement authorities where required by law.

2. How We Use Personal Data

We use personal data only for legitimate business purposes connected to our services. These may include:

  • setting up and managing customer accounts;
  • verifying identity and preventing fraud;
  • providing access to storage facilities;
  • processing payments and managing billing;
  • communicating account updates, notices, or service-related information;
  • maintaining security, including CCTV monitoring and incident management;
  • resolving disputes, handling complaints, and enforcing agreements;
  • complying with legal, tax, accounting, and regulatory obligations;
  • improving our operations, systems, and customer service;
  • protecting the rights, property, and safety of Newington Storage, our customers, staff, and visitors.

We do not use personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and, where required, we notify the individual.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Newington Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform our storage agreement with you. This includes setting up your account, managing access, handling payments, and providing the services you request.

Legal obligation

We process personal data where necessary to comply with legal requirements, such as tax, accounting, fraud prevention, health and safety, or requests from courts and public authorities.

Legitimate interests

We may process personal data where it is reasonably necessary for our legitimate interests, provided your rights and freedoms do not override those interests. This may include site security, business administration, preventing misuse, improving services, and protecting against loss or damage. When relying on this basis, we assess the impact on individuals and take steps to minimise privacy risks.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or non-essential uses. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

  • Customer and contract records: retained for the duration of the storage agreement and for a reasonable period afterward to handle disputes, claims, and administrative matters.
  • Payment and billing records: retained in line with tax and accounting obligations.
  • Security records and CCTV footage: retained for a limited period unless needed for an investigation, insurance matter, or legal claim.
  • Correspondence and complaint records: retained as needed to resolve issues and demonstrate compliance.

When personal data is no longer required, it is securely deleted, anonymised, or destroyed. We review retention periods regularly to ensure data is not kept longer than necessary.

5. Processors and Data Sharing

We may share personal data with trusted third-party processors who act on our instructions and are contractually required to protect your data. These processors may include:

  • payment service providers;
  • identity verification and fraud prevention providers;
  • IT system and software support providers;
  • cloud hosting and data storage providers;
  • security monitoring and CCTV service providers;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • regulators, courts, law enforcement agencies, or other public authorities where required by law.

We only disclose personal data where necessary and always aim to limit access to the minimum required for the task. If data is transferred outside the UK or European Economic Area, we ensure appropriate safeguards are in place, such as approved contractual protections or adequacy mechanisms.

6. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, encryption, monitoring, and regular security reviews.

Although no system can be guaranteed completely secure, we work to maintain a level of security appropriate to the risks presented by the data we process. Where a personal data breach occurs and it is required by law, we will notify the relevant authority and affected individuals without undue delay.

7. Your Rights

Under data protection law, individuals have a number of rights in relation to their personal data. Subject to legal conditions and exceptions, you may have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete data;
  • erase your data in certain circumstances;
  • restrict how we process your data;
  • object to processing based on legitimate interests or direct marketing;
  • data portability for information you provided to us in a structured, commonly used format;
  • withdraw consent where processing relies on consent;
  • complain to the relevant data protection authority if you believe your rights have been infringed.

We may need to verify your identity before responding to a rights request. We will respond within the timescales required by law and may refuse or limit a request where an exemption applies.

8. Special Notes on CCTV and Site Access

Because storage facilities may require monitoring for security and safety, we may use CCTV, access control systems, and visitor records. This processing is carried out to protect people and property, investigate incidents, deter unauthorised access, and support lawful claims or enquiries. Signage may be used where necessary to inform individuals of such monitoring.

Access logs and security records are handled carefully and restricted to authorised personnel only. These records are not used for unrelated purposes unless required by law or to address a security or operational issue.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. Any updated version will apply from the date it is published or otherwise communicated. Customers are encouraged to review this policy periodically so they remain informed about how their personal data is handled.

10. Summary of Our Commitment

Newington Storage respects the privacy of every customer in the area and aims to process personal data responsibly, securely, and only when necessary. We collect limited information, use it for clear and lawful purposes, keep it only as long as needed, and share it only with processors or authorities when appropriate. We also recognise and support the rights of individuals over their own data.

By using Newington Storage services, customers can expect their personal data to be handled in line with applicable privacy laws and with due care.

Call Now!
Call Now Get a Quote
Newington Storage

GDPR-compliant Privacy Policy for all Newington Storage customers in the area, covering data collection, lawful basis, retention, processors, security, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.