Privacy Policy - Finsbury Storage

Finsbury Storage is committed to protecting the privacy and personal data of its customers, prospective customers, website visitors, contractors, and anyone else whose information we process in connection with our storage services. This Privacy Policy explains how we collect, use, store, share, and protect personal data in line with the UK General Data Protection Regulation and the Data Protection Act 2018.

This policy applies to all Finsbury Storage customers in the area, including individuals and businesses using our storage services, related administration, billing, access control, security, and customer support processes. By using our services, you acknowledge that your personal data may be processed as described in this policy.

1. Data We Collect

We collect only the data that is necessary for lawful and legitimate business purposes. The categories of personal data we may collect include:

  • Identity data, such as your name, title, and date of birth where needed.
  • Contact data, such as address, email address, and telephone number.
  • Account and contract data, including booking details, storage unit information, agreement terms, payment status, and correspondence relating to your account.
  • Financial data, including payment card details, billing records, and transaction history where necessary for payment processing.
  • Security and access data, such as CCTV footage, entry logs, alarm records, key fob or access code records, and visitor records.
  • Communications data, including emails, phone calls, support messages, and complaints.
  • Technical data, such as IP address, device information, browser type, and basic usage data if you interact with our digital services.

We do not intentionally collect special category data unless you voluntarily provide it and it is necessary for a specific lawful purpose. We ask that you avoid sharing sensitive information unless it is relevant to your service.

2. How We Use Your Personal Data

We use personal data to operate our services effectively and securely. This may include:

  • setting up and managing your storage account;
  • verifying your identity and preventing fraud;
  • processing payments, issuing invoices, and managing account balances;
  • maintaining access control, site safety, and security;
  • responding to enquiries, complaints, and service requests;
  • meeting legal, regulatory, and insurance obligations;
  • maintaining business records and internal administration;
  • improving our services, processes, and customer experience;
  • enforcing contractual rights and resolving disputes.

We only use your data for the purposes for which it was collected, unless we reasonably determine that we need to use it for another compatible purpose.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the activity, we rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, billing, customer support, and service delivery.

Legal obligation

We may process personal data where we are required to comply with legal or regulatory obligations, including accounting requirements, tax rules, fraud prevention, and lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided that those interests are not overridden by your rights and freedoms. Examples include site security, preventing misuse, improving our services, and managing business records.

Consent

In limited situations, we may rely on your consent, for example for optional communications or other non-essential processing. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. Retention of Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods may vary depending on the type of information and the reason we hold it.

  • Contract and account records are typically retained for the duration of the customer relationship and for a period after closure to deal with disputes, audits, or legal claims.
  • Payment and financial records are retained in line with tax and accounting obligations.
  • Security records, such as CCTV and access logs, are kept for limited periods unless needed for an investigation, incident response, or legal matter.
  • Correspondence may be retained for as long as necessary to manage the issue discussed and to maintain accurate records.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

5. Data Sharing and Processors

We may share personal data with trusted third parties where necessary to operate our business and provide services. These third parties may act as processors on our behalf or, in some cases, as independent controllers. We require all processors to handle personal data in accordance with data protection law and to use appropriate security measures.

Examples of processors may include:

  • payment service providers that process card or bank payments;
  • IT and cloud storage providers that host or support our systems;
  • security monitoring and CCTV service providers;
  • accounting, audit, and administrative service providers;
  • professional advisers, such as legal or insurance advisers, where necessary;
  • maintenance and access-control contractors where required for site operation.

We may also disclose personal data where required by law, court order, or a lawful request from a public authority. We do not sell your personal data.

6. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms. We take steps to ensure that any international transfer is secure and lawful.

7. Data Security

We use reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, encryption where appropriate, staff training, and restricted access to personal information.

Although we take security seriously, no system can be guaranteed to be completely secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will respond in accordance with applicable law.

8. Your Rights

Depending on the legal basis for processing and the circumstances of the request, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to data portability – to request that certain data be provided in a structured, commonly used format.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your data has not been handled lawfully. We encourage you to raise concerns with us first so we can try to resolve the issue promptly and fairly.

9. Automated Decision-Making

We do not normally rely on fully automated decision-making that produces legal or similarly significant effects. If this changes in the future, we will update this policy and provide additional information about the logic involved and your rights.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational needs. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review this policy periodically to stay informed about how we protect your personal data.

11. Our Commitment

At Finsbury Storage, we believe privacy should be clear, fair, and respectful. We process personal data only when necessary, limit access to those who need it, and aim to keep your information accurate and secure. If you are a customer in the area, this policy explains how we manage your data throughout the relationship and beyond, in a way that is consistent with GDPR principles of lawfulness, fairness, transparency, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

By using Finsbury Storage services, you confirm that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Finsbury Storage

GDPR-compliant Privacy Policy for Finsbury Storage covering data collection, lawful bases, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.