Privacy Policy - Cudham Storage

This Privacy Policy explains how Cudham Storage collects, uses, stores, shares, and protects personal data relating to its customers. It applies to all Cudham Storage customers in the area, including current, former, and prospective customers, as well as individuals who communicate with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Personal Data We Collect

We collect only the personal data necessary to provide storage services, manage customer accounts, meet our legal obligations, and operate our business securely and efficiently. Depending on how you interact with us, we may collect the following categories of data:

Information you provide directly

  • Full name
  • Address and billing address
  • Email address
  • Telephone number
  • Payment details and payment history
  • Identification documents where required for verification or security purposes
  • Account details and booking information
  • Correspondence and any information included in enquiries, complaints, or requests

Information collected automatically

  • Access records and security logs
  • Vehicle registration details where used for site access control
  • Device and browser data when you interact with digital systems we use
  • CCTV footage captured at or near our premises for security and crime prevention

Information from third parties

In some cases, we may receive personal data from third parties such as payment providers, identity verification services, insurers, legal representatives, contractors, or public authorities where this is necessary and lawful.

2. How We Use Your Personal Data

We use personal data for the following purposes:

  • To provide and manage storage services
  • To set up and administer accounts
  • To process payments and manage invoices
  • To verify identity where needed
  • To maintain security, monitor access, and prevent fraud or misuse
  • To communicate with customers about bookings, account matters, service updates, or operational issues
  • To handle complaints, disputes, and customer support enquiries
  • To comply with legal, tax, insurance, and regulatory obligations
  • To protect our rights, property, customers, and staff
  • To improve our services, systems, and site operations

We do not use personal data for purposes that are incompatible with those described in this Policy unless permitted or required by law.

3. Lawful Basis for Processing

We only process personal data where we have a lawful basis under the UK GDPR. The lawful bases we rely on may include the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as setting up storage services, managing access, taking payment, and administering your account.

Legal obligation

We may process personal data where necessary to comply with legal and regulatory requirements, including tax records, accounting obligations, fraud prevention, and responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include site security, preventing misuse, managing business operations, improving services, and protecting against claims.

Consent

Where required, we will rely on your consent. If we ask for consent, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public task

These lawful bases are unlikely to apply in most storage-related processing, but we will rely on them if necessary in exceptional circumstances.

4. Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, but only where necessary and lawful. Processors process personal data on our behalf and under our instructions.

Examples of processors and service providers may include:

  • IT and hosting providers
  • Payment processing services
  • Accounting and bookkeeping providers
  • Security and CCTV monitoring providers
  • Identity verification or fraud prevention providers
  • Maintenance, facilities, and access-control contractors
  • Professional advisers such as lawyers, insurers, and auditors

We require processors to protect personal data using appropriate technical and organisational measures and to process data only for authorised purposes. We may also disclose personal data to law enforcement agencies, regulators, courts, or other public bodies where required by law or where necessary to establish, exercise, or defend legal claims.

5. International Transfers

Where personal data is transferred outside the UK, we will take appropriate steps to ensure that it remains protected in accordance with applicable data protection laws. This may include using approved contractual safeguards or transferring data only to countries deemed to provide an adequate level of protection.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, security, insurance, and reporting requirements.

Retention periods may vary depending on the type of data and the reason for processing. In general:

  • Customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards
  • Payment and invoicing records are retained for tax and accounting purposes in line with legal requirements
  • Security logs and CCTV footage are kept for a limited period unless they are needed for an investigation, claim, or legal process
  • Correspondence and complaints are retained for as long as needed to resolve the matter and for record-keeping purposes

When personal data is no longer required, we will delete, anonymise, or securely destroy it.

7. Data Security

We use appropriate organisational and technical measures to protect personal data against accidental loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff training, restricted permissions, and monitoring of relevant systems and facilities. While no system can be guaranteed to be completely secure, we work to reduce risks and respond appropriately to any suspected incident.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions and exemptions, depending on the circumstances. Your rights may include:

  • Right of access: to request a copy of the personal data we hold about you
  • Right to rectification: to request correction of inaccurate or incomplete data
  • Right to erasure: to request deletion of your data in certain circumstances
  • Right to restriction: to request that we limit the way we use your data in certain situations
  • Right to object: to object to processing based on legitimate interests or direct marketing
  • Right to data portability: to receive certain data in a structured, commonly used format
  • Right to withdraw consent: where processing is based on consent, to withdraw it at any time

If you wish to exercise any of these rights, we will assess your request and respond in accordance with applicable law. You may also have the right to complain to the Information Commissioner’s Office if you believe your data protection rights have been infringed.

9. Children’s Data

Cudham Storage services are intended for adults. We do not knowingly collect personal data from children for storage service purposes. If we become aware that we have collected such data without appropriate authority, we will take steps to delete it where required.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or operational practices. Any revised version will apply from the date it is published or otherwise made available. We encourage customers to review this Policy periodically to stay informed about how we handle personal data.

By using Cudham Storage services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy.

Call Now!
Call Now Get a Quote
Cudham Storage

GDPR-compliant Privacy Policy for Cudham Storage covering data collection, lawful basis, retention, processors, and customer rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.