Privacy Policy - Selfstorage Marylebone

This Privacy Policy explains how Selfstorage Marylebone collects, uses, stores, shares, and protects personal data in connection with its storage services and related customer support. It applies to all Selfstorage Marylebone customers in the area, including prospective customers, current customers, former customers, visitors to our premises, and individuals who interact with us on behalf of a business account. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who we are

Selfstorage Marylebone is the data controller for the personal data described in this policy. This means we decide how and why personal data is processed in connection with our services. We take privacy seriously and aim to ensure that personal information is used only for clearly defined business purposes and retained only for as long as necessary.

2. Personal data we collect

We may collect and process different categories of personal data depending on your relationship with us and the services you use. The information we collect may include:

  • Identity data such as your name, date of birth, and title.
  • Contact data such as address, email address, and telephone number.
  • Account and contract data such as storage unit details, booking information, rental dates, payment status, and correspondence related to your agreement.
  • Payment data such as billing details and transaction records.
  • Access and security data such as key, access code, entry logs, and CCTV footage where applicable.
  • Communications data such as messages, complaints, service requests, and records of phone or written interactions.
  • Technical data where relevant, such as device or browser information if you use digital services or online forms.

We generally do not seek to collect special category data, such as health information or political opinions. If such information is provided voluntarily and is necessary for a specific lawful purpose, it will be handled with additional care and only where permitted by law.

3. How we collect your data

We collect personal data directly from you when you complete a booking, sign a rental agreement, make a payment, contact us, or otherwise use our services. We may also receive data from third parties where it is necessary for the performance of a contract, fraud prevention, identity verification, debt recovery, or legal compliance. In some circumstances, data may be collected automatically through access control systems, security systems, or similar operational tools used to protect people, property, and stored items.

4. Purposes of processing

We use personal data only where there is a valid reason to do so. The main purposes for which we process your data include:

  • setting up and managing your storage account;
  • issuing contracts, invoices, receipts, and account statements;
  • processing payments and managing overdue balances;
  • verifying identity and preventing misuse or fraud;
  • ensuring site safety, security, and access control;
  • communicating with you about your storage unit or service request;
  • meeting legal, regulatory, tax, accounting, and insurance obligations;
  • handling disputes, complaints, or claims;
  • improving our services and maintaining accurate records.

We do not sell personal data. Any processing carried out is limited to the needs of service delivery, lawful administration, security, and compliance.

5. Lawful basis for processing

Under data protection law, we must have a lawful basis for each processing activity. We rely on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement with you. This includes managing your account, providing access to your unit, issuing invoices, and responding to requests linked to the contract.

Legal obligation

We process personal data where necessary to comply with laws and regulations, including tax obligations, accounting requirements, fraud prevention duties, and any lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting the security of our premises, preventing unauthorised access, managing business records, and improving operational efficiency.

Consent

In limited situations, we may rely on your consent, for example where consent is required for a specific optional communication or additional service. You may withdraw consent at any time where processing is based on consent, without affecting the lawfulness of processing carried out before withdrawal.

6. Data sharing and processors

We may share personal data with trusted third-party service providers that act as processors on our behalf. These processors are only permitted to use the data in accordance with our instructions and are required to protect it appropriately. Such processors may include:

  • payment service providers and banking intermediaries;
  • IT and software support providers;
  • cloud storage and data hosting providers;
  • security and CCTV system providers;
  • professional advisers such as accountants, auditors, or legal advisers;
  • debt recovery or collections providers where necessary;
  • insurance providers or claim handlers in connection with incidents or disputes.

We may also disclose personal data to public authorities, regulators, law enforcement agencies, or courts where required by law or where disclosure is necessary to protect our rights, our customers, or the safety of others.

All processors are selected carefully and are expected to maintain appropriate technical and organisational security measures. Where data is transferred outside the UK, we will ensure that suitable safeguards are in place.

7. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, and reporting requirements. Retention periods depend on the type of information and the reason for processing. For example, contractual records may be retained for the duration of the agreement and for a reasonable period afterwards to deal with queries, disputes, or legal claims. Payment and accounting records may be retained for the period required by tax and financial legislation. Security records may be retained for a shorter period unless an incident requires longer retention.

When personal data is no longer required, we will delete, anonymise, or securely destroy it. We apply retention controls designed to ensure data is not kept indefinitely.

8. Security of your data

We use appropriate organisational and technical measures to protect personal data against accidental loss, unauthorised access, disclosure, alteration, or destruction. These measures may include access restrictions, secure storage, staff confidentiality obligations, monitoring controls, and regular review of security procedures. While no system can be guaranteed to be completely secure, we take reasonable steps to minimise risks and protect the information entrusted to us.

9. Your rights

Under data protection law, you have a number of rights in relation to your personal data. These rights are subject to certain conditions and exemptions. They include:

  • The right of access to request a copy of the personal data we hold about you;
  • The right to rectification to correct inaccurate or incomplete information;
  • The right to erasure in certain circumstances, also known as the right to be forgotten;
  • The right to restriction to limit how we use your data in specific situations;
  • The right to object to processing based on legitimate interests or direct marketing;
  • The right to data portability where processing is based on consent or contract and carried out by automated means;
  • The right to withdraw consent where consent is the lawful basis for processing;
  • The right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

If you exercise your rights, we may need to verify your identity before responding. We will aim to respond within the time limits required by law.

10. Cookies and similar technologies

If we use digital tools that involve cookies or similar technologies, these will be used only where necessary for functionality, security, analytics, or user experience improvements. Where consent is required, it will be obtained in advance. You can manage cookie settings through your browser or device controls, subject to the limitations of the relevant service.

11. Children’s data

Our services are not directed to children as a primary audience. We do not knowingly collect personal data from children unless it is necessary in a lawful business or legal context, such as where a parent, guardian, or authorised representative interacts with us. If we become aware that data has been collected inappropriately, we will take steps to delete it or handle it lawfully.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our internal practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to remain informed about how we process personal data.

13. Summary of our commitment

Selfstorage Marylebone is committed to protecting your privacy, respecting your rights, and using personal data responsibly. We process information only for legitimate and lawful purposes, retain it only for as long as needed, and work with processors that are contractually bound to safeguard data. If you are a customer in the Marylebone area, this policy applies to you and explains how your information is handled throughout your relationship with us.

Call Now!
Call Now Get a Quote
Selfstorage Marylebone

GDPR-compliant privacy policy for Selfstorage Marylebone covering data collection, lawful basis, retention, processors, user rights, and local customer scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.