Privacy Policy - Crossness Storage

This Privacy Policy explains how Crossness Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, website users, and other individuals whose information we process in connection with the storage services we provide. It applies to all Crossness Storage customers in the area and to any person who interacts with us in relation to our services.

We are committed to handling personal data in a fair, transparent, and lawful manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what personal data we process, why we process it, and what rights you have.

1. Personal Data We Collect

We collect only the data that is necessary for the purposes described in this policy. Depending on how you interact with us, we may collect the following categories of information:

  • Identity information, such as your name, date of birth, and title.
  • Contact information, such as postal address, email address, and telephone number.
  • Account and customer information, such as storage unit details, customer reference numbers, service preferences, and transaction history.
  • Payment information, such as billing details and records of payments made or due. Payment card details may be processed securely by our payment providers and not retained by us where unnecessary.
  • Verification information, including documents or details used to confirm identity, address, or eligibility where required.
  • Security information, such as CCTV footage, access logs, vehicle registration details, and incident reports where these are used to protect our premises, staff, customers, and property.
  • Communication records, including emails, messages, call notes, complaints, feedback, and service requests.
  • Technical data, such as IP address, browser type, and device information where you use our digital services.

We generally collect personal data directly from you when you enquire about, sign up for, or use our services. We may also receive data from third parties where this is necessary for fraud prevention, payment processing, legal compliance, or service administration.

2. How We Use Personal Data

We use personal data only where we have a valid legal basis under data protection law. The main purposes for which we process personal data include:

  • providing and managing storage services;
  • setting up and administering customer accounts;
  • processing payments, refunds, invoices, and account balances;
  • communicating with customers about their accounts, bookings, or service changes;
  • verifying identity and preventing fraud;
  • maintaining the security of our premises, units, staff, and customers;
  • handling complaints, disputes, and customer support enquiries;
  • meeting legal, tax, insurance, and regulatory obligations;
  • protecting our legal rights, including in connection with debt recovery or claims;
  • improving our services, internal operations, and security measures.

We do not use personal data for purposes that are incompatible with those described here unless we have notified you or are otherwise permitted by law.

3. Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis to process personal data. Depending on the purpose, we rely on one or more of the following bases:

Performance of a Contract

We process personal data when it is necessary to enter into or perform our contract with you. This includes managing your account, providing access to storage space, taking payment, and delivering customer support related to your service.

Legal Obligation

We may process personal data to comply with legal obligations, such as tax, accounting, fraud prevention, health and safety, and regulatory requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. Examples include protecting property, monitoring security, preventing misuse of services, improving operations, and responding to disputes or claims.

Consent

In limited situations, we may rely on your consent, for example for certain optional marketing activities or specific uses of information. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests and Public Interest

Although uncommon in our normal operations, we may process data where necessary to protect someone’s vital interests or where required for tasks carried out in the public interest or under official authority.

4. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, reporting, and security requirements. Retention periods vary depending on the type of information and the reason it is held.

As a general rule:

  • customer account and contract records are retained for the duration of the customer relationship and for a reasonable period afterwards;
  • financial and transaction records are retained for the period required by tax and accounting law;
  • security records, including CCTV and access logs, are retained for a limited period unless needed for an investigation, legal claim, or insurance matter;
  • complaints, correspondence, and dispute records are retained for as long as necessary to resolve the issue and protect our legal position;
  • verification records are retained only for as long as required by law or operational necessity.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify an individual.

5. Processors and Sharing of Data

We may share personal data with trusted third-party service providers, known as processors, who act on our behalf and under our instructions. These providers only process data where necessary and must protect it in accordance with applicable data protection laws.

Examples of processors or third parties may include:

  • payment processors who handle card or online payments;
  • IT and cloud service providers who support systems, data storage, security, and communications;
  • accounting and bookkeeping providers who assist with financial administration;
  • security service providers who support monitoring, alarm systems, or site protection;
  • professional advisers such as lawyers, insurers, auditors, and consultants;
  • regulators, courts, law enforcement, or government bodies where disclosure is required by law or necessary to protect legal rights.

We do not sell personal data. Where personal data is shared with processors, we ensure appropriate contractual safeguards are in place. If personal data is transferred outside the UK, we will use lawful transfer mechanisms and appropriate protections as required by law.

6. Data Security

We take the security of personal data seriously and implement technical and organisational measures designed to protect it from unauthorised access, alteration, disclosure, loss, or destruction. These measures may include access controls, secure storage, staff confidentiality obligations, monitoring systems, encryption where appropriate, and regular review of security procedures.

While no system can be guaranteed completely secure, we work to reduce risks and respond appropriately to suspected or actual data breaches. Where required by law, we will notify relevant authorities and affected individuals.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to exemptions or limitations depending on the circumstances.

  • Right of access - you can ask for a copy of the personal data we hold about you.
  • Right to rectification - you can ask us to correct inaccurate or incomplete information.
  • Right to erasure - you can ask us to delete your personal data in certain circumstances.
  • Right to restriction - you can ask us to limit how we use your personal data in certain situations.
  • Right to object - you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability - you can ask for certain information to be provided in a structured, commonly used format.
  • Right to withdraw consent - where we rely on consent, you can withdraw it at any time.
  • Right to complain - you can raise concerns with the relevant data protection authority if you believe your rights have been infringed.

If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits required by law and will explain if we are unable to take the action requested.

8. Children’s Data

Our services are not intended for children acting on their own behalf. We do not knowingly collect personal data from children unless it is necessary in connection with a service arrangement and is provided lawfully by an authorised adult or guardian.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated to customers. We encourage you to review this policy periodically so that you remain informed about how we process personal data.

10. Summary of Our Commitments

We aim to collect only necessary personal data, use it fairly, keep it secure, and retain it only for as long as needed. Crossness Storage processes information in line with the principles of lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and accountability.

By using our services, you acknowledge that your personal data may be processed as described in this policy.

Call Now!
Call Now Get a Quote
Crossness Storage

GDPR-compliant privacy policy for Crossness Storage covering data collection, lawful basis, retention, processors, security, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.