Privacy Policy - Brimsdown Storage

This Privacy Policy explains how Brimsdown Storage collects, uses, stores, shares, and protects personal data when providing storage-related services. It applies to all Brimsdown Storage customers in the area, including current, prospective, and former customers, as well as individuals who communicate with us in connection with storage enquiries, contracts, access arrangements, payments, and account administration.

1. Who We Are

Brimsdown Storage acts as a data controller for the personal data processed in the ordinary course of providing storage services. This means we determine the purposes and means of processing personal data related to our business operations, customer accounts, service delivery, compliance, and security. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK GDPR and the Data Protection Act 2018.

2. Personal Data We Collect

We only collect personal data that is relevant and necessary for the provision of our services, compliance obligations, and operational needs. The types of information we may collect include:

  • Identity details such as your name, title, and date of birth where required for verification.
  • Contact information such as address, email address, and telephone number.
  • Account and contract information such as storage unit details, booking records, payment status, and service preferences.
  • Financial information such as billing records, payment confirmations, and limited transaction data necessary for processing payments.
  • Access and security information such as entry logs, identity checks, and records relating to the use of secure facilities.
  • Correspondence including emails, written communications, complaints, queries, and customer service notes.
  • Technical data in limited circumstances, such as device or session information if collected through digital systems used for account administration or security.
  • Compliance-related information where required to meet legal, regulatory, fraud prevention, insurance, or security obligations.

We do not intentionally collect special category data unless it is necessary for a specific lawful purpose or is voluntarily provided and relevant to the service. If such data is ever processed, it is handled with additional care and only where a lawful basis permits it.

3. How We Use Your Data

We use personal data for clearly defined purposes connected to our services and business operations. These purposes may include:

  • setting up and managing storage accounts;
  • verifying identity and eligibility;
  • administering contracts and service arrangements;
  • processing payments, invoices, and refunds where applicable;
  • managing access to storage premises and maintaining site security;
  • responding to enquiries, complaints, and requests;
  • communicating service updates and account notices;
  • maintaining accurate business, tax, and audit records;
  • protecting against fraud, theft, misuse, and unauthorised access;
  • complying with legal and regulatory obligations; and
  • improving the quality, safety, and efficiency of our services.

We process personal data only to the extent needed for these purposes and avoid using it for incompatible purposes unless we have a lawful basis to do so.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. Depending on the circumstances, Brimsdown Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access, delivering services, and handling payments.

Legal Obligation

We may process data to comply with laws and regulations, including tax, accounting, security, fraud prevention, and record-keeping requirements.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests and where your rights and freedoms do not override those interests. This may include maintaining site security, preventing misuse, improving services, and managing internal administration. When we rely on legitimate interests, we consider the impact on individuals and apply appropriate safeguards.

Consent

Where required by law, we will ask for your consent before processing personal data for specific optional purposes. If consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Data Sharing and Processors

We do not sell personal data. However, we may share information with trusted third parties who act as processors or independent controllers, depending on the service involved. These third parties are only given access to the data necessary for their role and are required to protect it appropriately.

Examples of processors and service providers may include:

  • IT and cloud service providers who support secure record storage, account systems, or communication tools;
  • payment service providers who handle financial transactions securely;
  • security contractors or monitoring providers assisting with site protection;
  • accounting, audit, and administrative service providers supporting business compliance;
  • professional advisers such as lawyers, insurers, and consultants where necessary;
  • public authorities, courts, or law enforcement where disclosure is legally required.

Where processors handle personal data on our behalf, they are bound by written agreements requiring them to process information only on our instructions, maintain confidentiality, and use appropriate technical and organisational security measures. If any data is transferred outside the UK, we ensure that suitable safeguards are in place, such as approved contractual protections or adequacy arrangements.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, and reporting obligations. The retention period depends on the nature of the data and the reason for processing it.

  • Customer and contract records are retained for the duration of the service relationship and for a reasonable period afterwards to handle disputes, claims, or administrative matters.
  • Financial and tax records are kept for the period required by law.
  • Security records such as access logs or incident records may be retained for a limited period necessary to maintain safety and investigate incidents.
  • Correspondence and complaints are retained for as long as needed to resolve the matter and for record-keeping purposes.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. Retention is reviewed periodically to ensure that data is not kept for longer than necessary.

7. Your Rights

As a data subject, you have rights in relation to your personal data. These rights may be subject to conditions and exemptions under applicable law, but we will always consider requests carefully and respond appropriately.

  • Right of access - you may request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification - you may ask us to correct inaccurate or incomplete personal data.
  • Right to erasure - in certain circumstances, you may request deletion of your personal data.
  • Right to restriction - you may ask us to limit how we use your data in certain situations.
  • Right to object - you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability - where processing is based on consent or contract and carried out by automated means, you may request transfer of your data in a usable format.
  • Right to withdraw consent - where processing depends on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner's Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so that we can attempt to resolve the issue promptly and fairly.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure systems, restricted permissions, and regular review of security practices. While no method of transmission or storage can be guaranteed completely secure, we work to reduce risks and respond quickly to any suspected security incident.

9. Children and Vulnerable Individuals

Our services are generally intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary for a lawful and legitimate reason connected to our services, such as emergency or legal contact information. Where vulnerable individuals are involved, we take care to process information sensitively and only as needed.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business operations, or data handling practices. When we do so, we will revise the policy to ensure it remains accurate and clear. We encourage customers to review it periodically so they remain informed about how their personal data is processed.

11. Summary of Our Commitment

Brimsdown Storage is committed to respecting privacy, handling personal data responsibly, and meeting GDPR standards. We collect only what is necessary, use data for lawful and clearly stated purposes, retain it for appropriate periods, and work with trusted processors under strict safeguards. We also recognise and support your rights over your personal data. Our aim is to provide secure and reliable storage services while protecting the privacy of every customer in the area.

Call Now!
Call Now Get a Quote
Brimsdown Storage

GDPR-compliant Privacy Policy for Brimsdown Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.