Privacy Policy - Mottingham Storage

Effective date: This Privacy Policy applies to all Mottingham Storage customers in the Mottingham area and to anyone who uses, enquires about, or interacts with our storage services.

At Mottingham Storage, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK GDPR and the Data Protection Act 2018. It also explains your rights in relation to your personal data and how we support those rights.

1. Who we are

Mottingham Storage provides self-storage and related services to individuals and businesses in the local area. For the purposes of data protection law, Mottingham Storage acts as the data controller for the personal data we collect and process in connection with our services.

This means we determine why and how your personal information is used. We take this responsibility seriously and process personal data only when we have a lawful basis to do so, and only for specified and legitimate purposes.

2. Personal data we collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, date of birth, or title.
  • Contact details such as address, email address, and telephone number.
  • Account and service information including storage unit details, booking records, payment status, and contract information.
  • Payment data such as transaction records, payment method details, and billing information. We do not intentionally store full card information where payment processing is handled securely by a payment provider.
  • Verification information such as identification documents or proof of address where required for identity checks, fraud prevention, or legal compliance.
  • Communication records including emails, messages, complaints, and service-related correspondence.
  • Site and security information such as CCTV footage, access logs, entry records, and incident reports where applicable.
  • Technical information if you interact with our digital systems, such as device identifiers, log data, and usage information.

We generally collect personal data directly from you when you make an enquiry, sign a storage agreement, make a payment, use our facilities, or contact us. In some cases, we may also receive information from third parties, such as payment processors, identity verification providers, insurers, debt recovery services, or public authorities.

3. Why we use your data and our lawful basis

We only process your personal data where a lawful basis under UK GDPR applies. Depending on the context, we rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform our contract with you. This includes managing your storage account, processing bookings, providing access to a unit, collecting payments, responding to service requests, and handling account administration.

Legal obligation

We may process your data to comply with legal and regulatory obligations, including tax and accounting requirements, fraud prevention, identity verification rules, and responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include:

  • protecting our facilities and customers;
  • preventing theft, vandalism, misuse, and fraud;
  • managing and improving our services;
  • handling disputes and enforcing agreements;
  • keeping records of operational activity.

Consent

In some situations, we may rely on your consent, for example for certain optional communications or non-essential processing. Where we rely on consent, you may withdraw it at any time. This will not affect the lawfulness of processing carried out before withdrawal.

4. How we use your personal data

We use personal data for the following purposes:

  • to provide storage services and manage your relationship with us;
  • to verify identity and prevent unauthorised access;
  • to take payments, issue invoices, and manage outstanding balances;
  • to communicate with you about your account, agreements, or facility matters;
  • to maintain security, monitor access, and investigate incidents;
  • to comply with legal and regulatory obligations;
  • to resolve complaints, disputes, and claims;
  • to improve our operations, systems, and customer service;
  • to protect our rights, property, staff, customers, and visitors.

We do not use your personal data for purposes that are incompatible with the reasons it was collected.

5. Sharing your data and processors

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These third parties may act as processors or independent controllers, depending on the service provided.

Processors are organisations that process personal data on our instructions and under contract. We require processors to keep data secure, use it only for the agreed purpose, and comply with data protection law.

Examples of processors and service providers may include:

  • payment processing providers;
  • IT and cloud storage service providers;
  • security and CCTV monitoring providers;
  • identity verification and fraud prevention providers;
  • accounting, audit, and record-keeping services;
  • maintenance and facility management providers;
  • professional advisers such as legal or insurance advisers.

We may also disclose personal data to law enforcement, courts, regulators, insurers, debt recovery services, or other third parties where required or permitted by law. Where a third party acts as an independent controller, that organisation is responsible for its own privacy practices.

6. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, security, and reporting requirements.

Retention periods vary depending on the type of information and the reason it is held. In general:

  • contract and account records may be retained for the duration of your agreement and for a period afterward to deal with claims or disputes;
  • financial and tax records are typically retained for the period required by law;
  • security records such as access logs or CCTV footage are kept only as long as needed for safety, investigation, or incident management;
  • enquiry records may be retained for a limited period where no contract is entered into.

When personal data is no longer needed, we will securely delete, anonymise, or destroy it.

7. Security of your data

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include restricted access controls, secure systems, staff training, monitoring, and physical security procedures.

While no system can be guaranteed to be completely secure, we take reasonable steps to protect the data we hold and to reduce the risk of a personal data breach.

8. Your rights

Under data protection law, you have the following rights in relation to your personal data, subject to certain conditions and exemptions:

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – you can ask us to delete your data in certain circumstances.
  • Right to restriction – you can ask us to limit how we use your data in certain situations.
  • Right to data portability – you can ask for certain data to be provided in a structured, commonly used format.
  • Right to object – you can object to processing based on legitimate interests, and to direct marketing where applicable.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your data has been mishandled. We encourage you to raise concerns with us first so we can address them promptly.

9. Children’s data

Our storage services are generally intended for adults and business users. We do not knowingly collect personal data from children except where it is necessary and lawful, and usually only in limited circumstances connected to a customer relationship.

10. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or the services we provide. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

Summary of our commitment: Mottingham Storage processes personal data fairly, lawfully, and transparently, with respect for your rights and with safeguards designed to protect the information entrusted to us.

Call Now!
Call Now Get a Quote
Mottingham Storage

GDPR-compliant Privacy Policy for Mottingham Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.