Privacy Policy - Dalston Storage

This Privacy Policy explains how Dalston Storage collects, uses, stores, shares, and protects personal data in connection with the services we provide. It applies to all Dalston Storage customers in the area, including prospective customers, current customers, former customers, and any individuals who interact with us in relation to storage services, enquiries, payments, access arrangements, or account administration.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. We aim to collect only the information that is necessary, use it fairly and lawfully, and keep it secure and accurate.

1. What personal data we collect

We may collect personal data directly from you, automatically from your use of our services, or from third parties where permitted by law. The types of data we may collect include:

  • Identity details: name, title, and date of birth where needed for verification.
  • Contact details: address, email address, telephone number, and preferred communication method.
  • Account and contract information: customer reference number, booking details, storage unit details, contract dates, and service preferences.
  • Payment information: billing address, payment status, transaction records, and limited payment-related details required to process fees.
  • Security and access data: entry logs, key or access code records, CCTV images where applicable, and site attendance records.
  • Communications: emails, telephone notes, complaint records, feedback, and any other correspondence.
  • Technical data: IP address, device information, browser type, and basic usage information if you interact with digital systems we use.

We do not seek to collect special category data unless it is necessary and lawful to do so, for example where you voluntarily provide information relevant to a request or complaint and we have a valid legal basis for processing it.

2. How we use personal data

We use personal data for the following purposes:

  • to set up, manage, and administer storage agreements;
  • to verify identity and prevent fraud;
  • to process payments, refunds, and account balances;
  • to provide access to storage facilities and manage security;
  • to communicate with customers about bookings, renewals, notices, and service updates;
  • to handle enquiries, complaints, and disputes;
  • to comply with legal obligations, including tax, accounting, and regulatory requirements;
  • to protect our business, customers, staff, and premises;
  • to improve our services, internal operations, and customer experience;
  • to establish, exercise, or defend legal claims.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another compatible purpose and the law allows this. If we need to use it for an unrelated purpose, we will explain the legal basis to you.

3. Lawful basis for processing

Under data protection law, we must have a lawful basis to process personal data. Dalston Storage relies on the following lawful bases, depending on the activity involved:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing accounts, taking payments, confirming bookings, providing access to storage units, and fulfilling our obligations under the storage agreement.

Legal obligation

We may process data where it is necessary to comply with legal obligations, such as accounting rules, tax requirements, responding to lawful requests from authorities, or maintaining records required by law.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include protecting property, preventing fraud, managing security, resolving disputes, improving services, and maintaining accurate business records. Where we rely on legitimate interests, we consider the impact on your privacy and apply appropriate safeguards.

Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications or where consent is required by law. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. Sharing personal data and processors

We may share personal data with trusted third parties who help us run our business. These organisations may act as processors or independent controllers depending on the service provided.

Processors may include:

  • IT and hosting providers;
  • payment service providers;
  • security and monitoring providers;
  • document storage and archiving services;
  • customer management and administration systems;
  • professional advisers such as accountants, auditors, or legal advisers where needed.

We require processors to act only on our instructions, to keep personal data secure, and to use it only for the purposes we specify. Where we share data with other independent controllers, such as public authorities or insurers, those parties are responsible for their own use of your data.

We may also disclose personal data if required by law, to enforce our agreements, to protect our rights or property, or where disclosure is necessary to prevent harm or investigate misuse of our services.

5. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting requirements. The retention period varies depending on the type of data and the reason for holding it.

  • Customer and contract records are kept for the duration of the relationship and for a further period where needed for claims, disputes, or compliance.
  • Financial records are retained in line with tax and accounting obligations.
  • Security records, such as access logs or CCTV footage, are retained only for a limited period unless needed for an investigation or legal purpose.
  • Correspondence and complaints are kept for as long as necessary to resolve the matter and maintain appropriate records.

When personal data is no longer needed, we will securely delete it, anonymise it, or destroy it in accordance with our retention procedures.

6. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access controls, secure systems, staff training, monitoring, and restricted sharing of information on a need-to-know basis.

Although we take reasonable steps to protect personal data, no system can be guaranteed to be completely secure. We continuously review our safeguards and update them where appropriate.

7. International transfers

If personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms approved under applicable data protection law.

8. Your rights

As a data subject, you have rights in relation to your personal data. These rights may include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

Some rights are subject to exceptions and conditions under data protection law. For example, we may need to retain certain information where we have a legal obligation or where data is required for legal claims.

9. Automated decision-making

We do not normally make decisions about you based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide appropriate information about the logic involved and your rights.

10. Children’s data

Our services are intended for adults and business-related storage users. We do not knowingly collect personal data from children unless it is necessary in a specific lawful context and appropriate safeguards are in place.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is issued. We encourage customers to review the policy periodically so they remain informed about how their personal data is handled.

12. General statement

Dalston Storage is committed to respecting privacy and using personal data responsibly. We will always aim to process information fairly, securely, and transparently, and only where we have a valid lawful basis to do so. This policy applies to all Dalston Storage customers in area and to others whose personal data we process in connection with our storage services.

Call Now!
Call Now Get a Quote
Dalston Storage

GDPR-compliant Privacy Policy for Dalston Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.