Privacy Policy - Maidavale Storage

This Privacy Policy explains how Maidavale Storage collects, uses, stores, shares, and protects personal data relating to our customers and prospective customers. It applies to all Maidavale Storage customers in the area, as well as individuals who enquire about our services, visit our premises, or otherwise interact with us in connection with storage services. We are committed to handling personal data lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Introduction

When you use Maidavale Storage, we may need to process personal information about you. This policy sets out what we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have in relation to your data. We aim to collect only the information that is necessary for providing secure and effective storage services, managing accounts, meeting legal obligations, and protecting our business and customers.

We respect your privacy and take data protection seriously. We also expect any third parties who handle data on our behalf to do the same.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity information: name, title, date of birth, and identification documents where required for verification or security purposes.
  • Contact details: postal address, email address, and telephone number.
  • Account information: customer reference numbers, storage unit details, payment status, booking information, and service preferences.
  • Payment information: billing details, transaction records, and limited financial information needed to process payments and refunds.
  • Access and security records: entry logs, CCTV footage, alarm records, incident reports, and other information needed to maintain site safety and security.
  • Communication records: enquiries, complaints, feedback, notices, and correspondence relating to your account or our services.
  • Technical information: limited device or system data collected when you interact with our digital services, such as IP address or browser details, where applicable.

We do not intentionally collect special category data unless you choose to provide it or it is required in exceptional circumstances, for example where an incident report contains health-related information. Where such data is processed, we do so only when a lawful basis applies and additional safeguards are in place.

3. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage your storage account;
  • to verify identity and prevent fraud;
  • to provide access to storage units and related services;
  • to process payments, deposits, invoices, and refunds;
  • to communicate with you about bookings, account changes, reminders, and service updates;
  • to protect property, staff, customers, and site infrastructure;
  • to investigate complaints, disputes, incidents, or suspected misuse;
  • to comply with legal, regulatory, tax, accounting, and insurance obligations;
  • to maintain business records and improve our operations.

We only use your data for purposes that are compatible with the original reason it was collected.

4. Lawful Basis for Processing

We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the context, our lawful bases may include the following:

Contract

We process data when it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, handling payments, and providing access to services you have requested.

Legal Obligation

We may need to process and retain certain data to comply with legal and regulatory requirements, including accounting rules, tax laws, dispute handling, and lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include site security, fraud prevention, operational management, internal record keeping, and service improvement. We always consider whether the processing is necessary and proportionate.

Consent

In limited circumstances, we may rely on your consent, for example for optional communications or where it is the most appropriate basis for a particular type of processing. Where we rely on consent, you may withdraw it at any time.

Vital Interests and Public Interest

In rare situations, we may process personal data to protect someone’s vital interests or where necessary for a task carried out in the public interest. These situations are exceptional and only arise where appropriate.

5. Data Sharing and Processors

We may share personal data with carefully selected service providers and other third parties who act as processors on our behalf. These parties process data only according to our instructions and are required to keep it secure and confidential.

Examples of processors may include:

  • payment processing providers;
  • accounting and bookkeeping services;
  • IT support and cloud storage providers;
  • security and CCTV monitoring service providers;
  • email, document management, and customer administration systems;
  • maintenance or facilities contractors where access to limited data is necessary.

We may also disclose personal data to independent controllers where required by law or where necessary to protect our rights or property, such as law enforcement agencies, insurers, legal advisers, courts, and regulatory bodies.

Whenever we transfer data outside our direct control, we take steps to ensure appropriate safeguards are in place, including data processing terms and, where relevant, international transfer protections.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including meeting legal, accounting, insurance, and reporting obligations. Retention periods vary depending on the type of data and the reason for processing.

  • Customer account and contract records are generally kept for the duration of the relationship and for a reasonable period afterwards for administrative and legal purposes.
  • Payment and accounting records are kept in line with tax and financial record requirements.
  • Security logs and access records are retained for a period appropriate to site security, investigation needs, and operational requirements.
  • Correspondence and complaint records are retained for as long as needed to resolve issues and demonstrate compliance.

When data is no longer needed, we securely delete, anonymise, or archive it in accordance with our retention procedures.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, system monitoring, and restricted access to records. While no system can be guaranteed completely secure, we take reasonable steps to safeguard the information we hold.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to legal limitations, these include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: in certain circumstances, you may request deletion of your data.
  • Right to restriction: you may ask us to limit how we use your data in some situations.
  • Right to data portability: where applicable, you may request your data in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable law. We may need to verify your identity before acting on a request. Some rights are subject to exceptions, particularly where we must retain data for legal reasons or where disclosure would affect the rights of others.

9. Complaints and Concerns

If you have concerns about how we handle personal data, we encourage you to raise them with us so we can address the issue promptly. You also have the right to lodge a complaint with the UK Information Commissioner’s Office (ICO) if you believe your data protection rights have been breached.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updates will apply from the date they are published. We encourage customers to review this policy periodically so they remain informed about how their personal data is used.

By using Maidavale Storage services, you acknowledge that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Maidavale Storage

Privacy policy for Maidavale Storage covering data collection, lawful basis, retention, processors, rights, security, and complaints for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.