Privacy Policy - Bedfordpark Storage

Bedfordpark Storage is committed to protecting the privacy and personal data of all customers, prospective customers, visitors, and other individuals whose information we process. This Privacy Policy explains how we collect, use, store, share, and protect personal data in a manner that is consistent with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

This policy applies to all Bedfordpark Storage customers in the area, including individuals and businesses using our storage services, making enquiries, entering into agreements, or otherwise interacting with us. Please read this policy carefully to understand our practices regarding your personal data and how we handle it.

1. Data We Collect

We collect and process personal data that is necessary to provide storage services, manage accounts, meet legal obligations, and operate our business effectively. The categories of data we may collect include:

  • Identity data such as your name, date of birth, and identification details where required.
  • Contact data such as address, email address, and telephone number.
  • Account and contract data such as booking details, storage unit information, payment status, and service history.
  • Financial data such as billing details, payment records, and transaction information.
  • Security data such as CCTV footage, access logs, key or access code records, and incident reports.
  • Communication data such as emails, messages, complaint details, and records of correspondence.
  • Technical data such as basic device or usage information collected when you interact with our digital systems, if applicable.

We do not intentionally collect special category personal data unless you choose to provide such information in the context of a query, complaint, or legal matter. If we ever process special category data, we will do so only where a lawful basis and additional condition under data protection law applies.

2. How We Use Your Data

We use personal data for the following purposes:

  • To register and manage your storage account.
  • To verify identity and prevent fraud or unauthorised access.
  • To process payments, issue invoices, and maintain financial records.
  • To provide customer service and respond to enquiries or complaints.
  • To monitor and protect the security of our premises, staff, customers, and property.
  • To comply with legal and regulatory obligations.
  • To enforce agreements, recover debts, or defend legal claims.
  • To improve our services, systems, and operational procedures.

We only use personal data where it is necessary and proportionate for the intended purpose. We do not use your data for purposes that are incompatible with the reason it was collected unless we have a lawful basis to do so.

3. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis to process personal data. Depending on the activity, Bedfordpark Storage relies on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement with you. This includes managing your booking, providing access to your unit, and handling payments.

Legal Obligation

We process data when required to comply with laws and regulations, including tax, accounting, fraud prevention, and health and safety obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided these interests are not overridden by your rights and freedoms. Examples include securing our premises, preventing misuse, managing disputes, and improving service quality. When relying on legitimate interests, we consider the balance between our interests and your privacy rights.

Consent

In limited situations, we may rely on your consent, for example where you choose to receive certain optional communications or where consent is otherwise required by law. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties who act as data processors or, in some cases, independent controllers. Any sharing is limited to what is necessary and appropriate for the purpose.

Processors may include:

  • Payment service providers who process card or electronic payments.
  • IT and software providers who support our record-keeping, security systems, and business operations.
  • Security and monitoring providers who assist with CCTV, access control, and site protection.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Debt recovery or collection services where necessary to recover overdue sums.
  • Public authorities, regulators, or law enforcement where disclosure is required by law or necessary to protect rights and safety.

Where processors act on our behalf, they are contractually required to handle personal data securely, use it only according to our instructions, and comply with data protection law. We do not sell personal data.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, insurance, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

  • Account and contract records are retained for the duration of the agreement and for a period afterward to manage disputes, claims, or legal obligations.
  • Financial records are retained for the period required by tax and accounting law.
  • Security records, including CCTV footage, are retained for a limited period unless needed for an investigation, claim, or legal process.
  • Correspondence and complaints are kept for as long as necessary to address the matter and maintain appropriate business records.

When data is no longer needed, we will securely delete, destroy, or anonymise it. Retention is assessed case by case to ensure data is not kept longer than necessary.

6. Data Security

We take appropriate technical and organisational measures to protect personal data against accidental loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, and regular review of procedures.

While we work hard to protect your data, no system can be guaranteed completely secure. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will act in accordance with data protection law, which may include notifying the relevant authority and affected individuals where required.

7. Your Rights

Depending on the circumstances, you have rights under data protection law in relation to your personal data. These rights may include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to request that processing be limited in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability – to request certain data in a portable format, where legally applicable.
  • Right to withdraw consent – where processing relies on consent.

We may need to verify your identity before responding to your request. Some rights may not apply in all cases, and exemptions may exist under data protection law. We will explain any refusal or limitation where relevant.

8. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it, such as approved contractual protections or other lawful transfer mechanisms required by data protection law.

9. Children’s Data

Our services are not directed at children, and we do not knowingly collect personal data from children except where it is necessary and lawful in the context of a storage arrangement or related administrative matter.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

11. How We Apply This Policy

This Privacy Policy applies to all Bedfordpark Storage customers in the area and to any person whose personal data we process in connection with our storage services. By using our services, making an enquiry, or engaging with Bedfordpark Storage, you acknowledge that your personal data will be handled in accordance with this policy and applicable data protection law.

We are committed to processing personal data lawfully, fairly, transparently, and securely. If we update our practices, we will continue to do so in a way that respects your privacy and complies with legal requirements.

Call Now!
Call Now Get a Quote
Bedfordpark Storage

GDPR-compliant Privacy Policy for Bedfordpark Storage covering data collection, lawful basis, retention, processors, user rights, and area-wide applicability.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.