Privacy Policy - Monkenhadley Storage

This Privacy Policy explains how Monkenhadley Storage collects, uses, shares, stores, and protects personal data in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Monkenhadley Storage customers in the area, including prospective customers, current customers, former customers, and individuals who interact with us in relation to storage services, account management, billing, access control, and security.

We are committed to handling personal data in a fair, lawful, and transparent way. We only collect information that is relevant and necessary for providing our services, maintaining the security of our premises, meeting legal obligations, and improving the customer experience. This policy should be read carefully so that you understand how your information is used and what rights you have.

1. Data We Collect

We may collect and process the following categories of personal data:

  • Identity information, such as your name, date of birth, and identification details where required for verification.
  • Contact information, such as postal address, email address, and telephone number.
  • Account and service information, including storage unit references, booking details, access permissions, payment records, and service preferences.
  • Financial information, such as billing details, payment status, and transaction records.
  • Security information, including CCTV images, access logs, gate entry records, alarm records, and incident reports.
  • Communications, such as correspondence, complaints, queries, and service-related messages.
  • Technical information, where applicable, such as device and usage data connected to online or digital service interactions.

We generally collect personal data directly from you when you enquire about our services, enter into a storage agreement, make payments, report an issue, or otherwise communicate with us. We may also receive data from third parties where this is necessary for verification, payment processing, fraud prevention, legal compliance, or security management.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To register and manage customer accounts and storage agreements.
  • To provide access to storage units and related services.
  • To process payments, issue invoices, and maintain financial records.
  • To verify identity and protect against unauthorised use, fraud, or misuse.
  • To monitor site security, property safety, and access control.
  • To communicate with customers about service matters, updates, and operational issues.
  • To handle complaints, disputes, and customer support requests.
  • To comply with legal, regulatory, tax, and accounting obligations.
  • To establish, exercise, or defend legal claims where necessary.
  • To improve our services, processes, and security measures.

We do not use personal data for purposes that are incompatible with the reasons for which it was collected unless we have a lawful basis to do so and have informed you where required.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for every use of personal data. Monkenhadley Storage relies on the following legal grounds:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access, taking payment, and delivering the services you have requested.

Legal obligation

We process certain information to comply with legal obligations, including tax, accounting, insurance, health and safety, security, and regulatory requirements.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms. Legitimate interests may include protecting our property, preventing crime, improving security, handling operational administration, and resolving disputes.

Consent

In limited circumstances, we may rely on your consent, for example where specific optional services require it. If we rely on consent, you may withdraw it at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public interest

These bases are unlikely to apply in routine storage operations, but where necessary we may process data to protect someone’s vital interests or to support lawful public functions.

4. Data Sharing and Processors

We may share personal data only where necessary and lawful. We do not sell personal data. We may disclose information to trusted third parties acting as processors or independent controllers when required for service delivery, legal compliance, or security.

Typical processors may include:

  • Payment service providers that handle card or electronic payments.
  • IT and cloud service providers that host systems, store records, or support email and data management.
  • Security and surveillance providers that support CCTV, alarm systems, and access control.
  • Accountancy or bookkeeping providers that assist with financial administration and compliance.
  • Maintenance and support contractors that help keep our premises and systems operating safely.
  • Professional advisers, including legal or insurance advisers, where advice or claims handling is required.

Where processors act on our behalf, they are required to process personal data only according to our instructions, to use appropriate security measures, and to keep information confidential. If data is shared with an independent controller, that party is responsible for its own compliance with data protection law.

We may also disclose personal data to public authorities, law enforcement agencies, courts, or regulators where required by law or where disclosure is necessary to protect our rights, staff, customers, property, or the wider public.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including the duration of any customer relationship, the period needed to handle queries or disputes, and the time required for legal, accounting, or reporting obligations.

Retention periods vary depending on the type of data and the reason for processing. For example, contract and billing records may need to be retained for several years to satisfy tax and accounting requirements, while security records such as access logs and CCTV footage may be kept for shorter periods unless needed for investigation or legal action.

When personal data is no longer required, we will delete, anonymise, or securely destroy it. If data must be retained because of an ongoing legal matter, regulatory requirement, or legitimate business need, we will keep it only for as long as necessary for that purpose.

6. Data Security

We take appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access restrictions, secure storage, encryption where appropriate, staff training, CCTV monitoring, and procedural safeguards.

Although we work hard to protect information, no system can be guaranteed to be completely secure. If a personal data incident occurs, we will assess the situation and take action in line with our legal obligations.

7. Your Rights

As a data subject, you have a number of rights under data protection law. These rights may be subject to conditions and exemptions.

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete information.
  • Right to erasure – in certain circumstances, you may request deletion of your personal data.
  • Right to restriction – you may ask us to limit processing in specific situations.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability – where applicable, you may request data in a portable format.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

If you wish to exercise your rights, we may need to verify your identity before responding. We aim to respond within the time limits set by law.

8. International Transfers

If personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, to preserve a level of protection consistent with UK data protection law.

9. Children’s Data

Our storage services are generally intended for adults and business users. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful service arrangement or where a parent or guardian has provided appropriate authority.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, operational needs, or our data practices. Any updates will apply from the date they are published or otherwise communicated. We encourage customers to review the policy periodically so they remain informed about how their data is handled.

11. Summary of Our Approach

Monkenhadley Storage processes personal data lawfully, fairly, and securely. We collect only what is needed, use it for clear and limited purposes, retain it for appropriate periods, and share it only with trusted processors or where legally required. We respect your rights and aim to be transparent about how your information is handled.

By using Monkenhadley Storage services, you acknowledge that your personal data may be processed in accordance with this policy.

Call Now!
Call Now Get a Quote
Monkenhadley Storage

GDPR-compliant Privacy Policy for Monkenhadley Storage covering data collection, lawful basis, retention, processors, security, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.