Privacy Policy - Nunhead Storage

This Privacy Policy explains how Nunhead Storage collects, uses, stores, shares, and protects personal data relating to its customers, prospective customers, suppliers, and visitors to its services. It applies to all Nunhead Storage customers in the area, including individuals and businesses using storage services, related administration, billing, and support functions. We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Information We Collect

We collect only the information necessary to provide and manage our services effectively. The types of personal data we may collect include:

  • Identity information such as your name, title, and date of birth where required.
  • Contact information such as postal address, email address, and telephone number.
  • Account and service information such as booking details, storage unit numbers, service preferences, and communication records.
  • Payment information such as billing details, payment status, and transaction records.
  • Verification information where needed to confirm identity, prevent fraud, or comply with legal obligations.
  • Correspondence data including messages, enquiries, complaints, and support requests.
  • Technical data that may be collected when you interact with digital systems used to manage services, such as device and usage information.

We do not intentionally collect special category data unless it is provided voluntarily and there is a lawful reason to process it. If such information is disclosed to us, we will handle it with additional care and only where necessary.

2. How We Use Personal Data

Nunhead Storage uses personal data for specific and limited purposes. These include:

  • Setting up and managing storage accounts.
  • Verifying identity and eligibility for services.
  • Processing payments, invoicing, and account administration.
  • Providing customer support and responding to enquiries.
  • Managing access, security, and operational safety.
  • Maintaining records required for tax, accounting, and legal compliance.
  • Preventing fraud, misuse, or unlawful activity.
  • Improving service delivery, internal processes, and customer experience.

We will only use your personal data for the purposes for which it was collected, unless we reasonably determine that another compatible purpose applies or the law permits otherwise.

3. Lawful Basis for Processing

We process personal data only where a lawful basis under UK GDPR applies. Depending on the activity, the lawful basis may be one or more of the following:

Contract

Processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract. This includes managing bookings, administering accounts, providing storage services, and handling billing.

Legal obligation

We may process personal data where necessary to comply with a legal obligation, such as accounting, taxation, fraud prevention, health and safety, or responding to lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided that those interests are not overridden by your rights and freedoms. Examples include protecting property, preventing misuse, maintaining records, and improving business operations.

Consent

Where required by law, we will rely on your consent. If we ask for consent, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before consent was withdrawn.

4. Sharing and Processors

We may share personal data with trusted third parties only when necessary and under appropriate safeguards. These third parties act as data processors or, in some cases, independent controllers. Processors may include:

  • Payment service providers that handle card or online transactions.
  • IT and cloud service providers that support data storage, communications, and system maintenance.
  • Accounting and bookkeeping providers that help with financial administration.
  • Security and monitoring providers that support site protection and incident response.
  • Professional advisers such as lawyers, auditors, or insurers where necessary.
  • Public authorities, regulators, or law enforcement agencies where legally required.

All processors are required to protect personal data, use it only for authorised purposes, and follow written contractual instructions. We assess third-party arrangements to ensure appropriate technical and organisational measures are in place.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods depend on the nature of the data and the reason for processing.

  • Customer and contract records are kept for the duration of the relationship and for a period after it ends where needed for administrative or legal purposes.
  • Financial records are retained for the period required by tax and accounting laws.
  • Support and correspondence records are kept for as long as needed to resolve issues and maintain service history.
  • Security and access records are retained only for as long as necessary for safety, audit, and incident management.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, and supplier oversight. While no system can be guaranteed completely secure, we work to reduce risk and respond promptly to incidents.

7. Your Rights

Under data protection law, you have several rights in relation to your personal data. Subject to legal conditions and exemptions, you may have the right to:

  • Access your personal data and obtain a copy of it.
  • Rectification of inaccurate or incomplete information.
  • Erasure of personal data in certain circumstances.
  • Restriction of processing in certain situations.
  • Object to processing based on legitimate interests or direct marketing.
  • Data portability for information you provided to us where applicable.
  • Withdraw consent where processing is based on consent.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can attempt to resolve them promptly and fairly.

8. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children except where it is necessary and lawful, for example in limited family or emergency-related administrative situations. If we become aware that we have collected data unlawfully, we will take steps to delete it where appropriate.

9. International Transfers

If any processor or service provider stores or accesses personal data outside the UK, we will ensure that suitable safeguards are in place. These safeguards may include adequacy regulations, contractual protections, or other lawful transfer mechanisms required by data protection law.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, operations, or service arrangements. Any updated version will apply from the date it is issued. We encourage customers to review the policy periodically so they remain informed about how we handle personal data.

11. Summary of Our Commitments

  • We collect only data needed to provide and manage storage services.
  • We process personal data on lawful bases including contract, legal obligation, legitimate interests, and consent where required.
  • We retain data only as long as necessary and dispose of it securely.
  • We share data only with trusted processors and authorised parties under safeguards.
  • We respect your data protection rights and handle requests in line with the law.

Nunhead Storage values privacy and data protection as core responsibilities. This policy is designed to ensure that all customers in the area can understand how their personal information is handled and what rights they have under applicable data protection law.

Call Now!
Call Now Get a Quote
Nunhead Storage

GDPR-compliant privacy policy for Nunhead Storage covering collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.