Privacy Policy - Customhouse Storage

This Privacy Policy explains how Customhouse Storage collects, uses, stores, shares, and protects personal data. It applies to all Customhouse Storage customers in area, including individuals and businesses who use our storage services, related facilities, and support channels. We are committed to handling personal information in accordance with the General Data Protection Regulation (GDPR) and other applicable privacy laws.

1. Who We Are

Customhouse Storage provides storage services to customers in area. In the course of operating our services, we act as a data controller for the personal data we collect and determine how and why it is processed. This means we are responsible for ensuring that personal data is handled lawfully, fairly, and transparently.

2. Personal Data We Collect

We collect only the personal data that is necessary for the purposes described in this policy. Depending on your relationship with us, we may collect the following categories of data:

  • Identity information such as name, title, and identification details where required for verification.
  • Contact information such as postal address, email address, and telephone number.
  • Account and contract information such as customer reference details, service preferences, and rental records.
  • Payment information such as billing details and transaction history.
  • Access and security information such as entry records, security logs, CCTV footage, and incident reports where applicable.
  • Communication records including emails, messages, notes, and complaints.
  • Technical information if you use our digital services, such as device identifiers, browser type, and usage logs.

We do not intentionally collect special category data unless it is necessary and you have provided it, or we are otherwise permitted to process it under data protection law. We request that you do not share unnecessary sensitive information with us.

3. How We Use Your Data

We use personal data for the following purposes:

  • To set up and manage customer accounts and storage agreements.
  • To provide, maintain, and improve our storage services.
  • To process payments, invoices, refunds, and account administration.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To ensure the safety and security of our premises, staff, customers, and stored items.
  • To handle enquiries, service requests, and complaints.
  • To comply with legal, regulatory, accounting, and reporting obligations.
  • To defend legal claims and manage disputes.
  • To carry out internal analysis, service planning, and operational improvements.

We will only use your personal data for the purposes for which it was collected, unless we reasonably determine that we need to use it for a compatible purpose and the law allows us to do so.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for processing your personal data. We rely on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, billing, access arrangements, and customer support.

Legal Obligation

We may process data where required to comply with legal obligations, such as tax, accounting, security, fraud prevention, and lawful requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided these interests are not overridden by your rights and freedoms. Examples include maintaining security, protecting property, improving operations, and managing business risk. Where we rely on legitimate interests, we carry out a balancing assessment.

Consent

In limited cases, we may rely on your consent. Where consent is used, it will be obtained clearly and may be withdrawn at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before consent was withdrawn.

5. Sharing Your Personal Data

We may share personal data with trusted third parties when necessary and lawful. These may include:

  • Service providers and processors who support our operations, such as payment processors, IT support providers, cloud storage providers, and document management services.
  • Security providers who assist with access control, alarm systems, and CCTV monitoring.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers.
  • Public authorities where disclosure is required by law or necessary to protect rights, safety, or security.

We require all processors and relevant third parties to handle personal data securely, use it only for specified purposes, and comply with applicable data protection obligations. We do not sell your personal data.

6. International Transfers

If personal data is transferred outside the United Kingdom or European Economic Area, we will ensure appropriate safeguards are in place. These may include adequacy decisions, standard contractual clauses, or other legally recognised transfer mechanisms designed to protect your personal information.

7. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, and to meet legal, accounting, insurance, or reporting requirements. Retention periods vary depending on the type of data and the reason we hold it.

  • Contract and account records are generally retained for the duration of the customer relationship and for a period afterwards where needed for administration, tax, or dispute resolution.
  • Payment and invoice records are kept for the period required by law and financial reporting obligations.
  • Security records such as access logs and CCTV footage are kept for a limited period unless needed for investigation or legal proceedings.
  • Correspondence and complaints may be retained for as long as necessary to resolve issues and demonstrate compliance.

When personal data is no longer required, we will securely delete, destroy, or anonymise it.

8. Data Security

We use appropriate technical and organisational measures to safeguard personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access restrictions, encryption, secure storage, staff training, logging, and monitoring. While we take data protection seriously, no system can be guaranteed to be completely secure.

9. Your Rights Under GDPR

You have rights in relation to your personal data, subject to certain legal limits. These rights include:

  • Right of access – to request confirmation of whether we process your data and obtain a copy.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit processing in certain situations.
  • Right to data portability – to request your data in a structured, commonly used, machine-readable format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to raise a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed. We encourage you to review any concern with us first so that we can address it promptly.

10. Automated Decision-Making

We do not make decisions based solely on automated processing that produce legal or similarly significant effects on you, unless we have informed you and such processing is lawful. If this position changes, we will provide the necessary information and safeguards.

11. Children’s Data

Our storage services are not directed at children, and we do not knowingly collect personal data from children for independent use of our services. If we become aware that personal data has been collected from a child without appropriate authority, we will take steps to delete it where required.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any revised version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

13. Summary of Our Commitments

Customhouse Storage is committed to processing personal data lawfully, transparently, and securely. We collect only what we need, use it for clear and legitimate purposes, retain it only as long as necessary, and share it only with trusted processors or where required by law. We also respect your rights and will respond appropriately to requests relating to your personal information.

By using our storage services, customers in area acknowledge that they have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Customhouse Storage

GDPR-compliant Privacy Policy for Customhouse Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.