Privacy Policy - Churchend Storage

This Privacy Policy explains how Churchend Storage collects, uses, stores, shares, and protects personal data. It applies to all Churchend Storage customers in the area, including individuals and businesses who enquire about, book, use, or otherwise interact with our storage services. We are committed to handling personal information in a fair, transparent, and secure manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to all customers in the area who use Churchend Storage services, as well as prospective customers, authorised account holders, and individuals whose information is provided to us in connection with a storage agreement. It also applies where we process data relating to suppliers, contractors, and other service users where relevant to the operation of our storage business.

2. Personal data we collect

We only collect personal data that is necessary for operating our services, meeting our legal obligations, and managing our relationship with you. Depending on your interaction with us, we may collect the following categories of data:

  • Identity details such as your name, title, and date of birth where required for identification purposes.
  • Contact information such as postal address, email address, and telephone number.
  • Account and contract information such as storage unit details, rental dates, payment status, and customer account references.
  • Payment and transaction data including billing records, payment confirmations, and limited financial details needed to process transactions.
  • Access and security information such as entry logs, CCTV records, alarm records, and incident reports where applicable.
  • Communication records including emails, written correspondence, complaint records, and service-related notes.
  • Verification information where necessary to confirm identity, prevent fraud, or comply with legal requirements.

We do not intentionally collect special category personal data unless you choose to disclose it to us in communication or it is required in an exceptional circumstance, such as to support a legal or safeguarding issue. If that happens, we will only process it where a lawful basis applies and additional protections are in place.

3. How we use personal data

We use personal data for the following purposes:

  • to register and manage customer accounts;
  • to provide storage services and administer access to units;
  • to take payments, issue invoices, and maintain financial records;
  • to verify identity and prevent unauthorised use or fraud;
  • to communicate with you about your account, service changes, and operational matters;
  • to manage site safety, security, and incident response;
  • to comply with legal, regulatory, tax, accounting, and insurance obligations;
  • to handle disputes, claims, or complaints;
  • to maintain business records and improve our services.

We only process personal data for purposes that are relevant, necessary, and proportionate.

4. Lawful basis for processing

Under UK GDPR, we must have a lawful basis to process your personal data. Depending on the activity, we rely on one or more of the following:

  • Contract – where processing is necessary to enter into or perform a storage agreement, manage your account, provide access, or handle billing.
  • Legal obligation – where processing is required to comply with laws relating to taxation, accounting, health and safety, fraud prevention, or other regulatory duties.
  • Legitimate interests – where we need to protect our business, customers, staff, premises, and assets, provided our interests do not override your rights and freedoms. This may include security monitoring, record keeping, and service administration.
  • Consent – where we ask for your clear permission, such as for certain optional communications or where consent is required by law.

If we rely on consent, you may withdraw it at any time. This will not affect the lawfulness of processing carried out before withdrawal.

5. Sharing your data and processors

We may share personal data with carefully selected third parties that support our business. These organisations act as processors or, in some cases, independent controllers. We only share data when necessary and under appropriate contractual safeguards.

Processors may include:

  • Payment service providers who help process card or electronic payments;
  • IT and cloud service providers who host systems, store data, or support secure communications;
  • Security providers who support CCTV, alarm, and access control systems;
  • Accountancy and audit providers who assist with financial administration and compliance;
  • Maintenance and operational contractors who need limited access for site upkeep or repairs;
  • Legal, insurance, and debt recovery advisers where necessary to protect our interests or manage claims;
  • Public authorities where disclosure is required by law or is necessary for legal proceedings, crime prevention, or public safety.

All processors are required to handle personal data securely, process it only on our instructions, and implement appropriate technical and organisational measures. We do not sell your personal data.

6. Data retention

We keep personal data only for as long as necessary for the purpose for which it was collected, unless a longer retention period is required by law or needed to establish, exercise, or defend legal claims. Retention periods depend on the type of data and the relevant legal or operational requirement.

  • Contract and account records are generally kept for the duration of the customer relationship and for a reasonable period after it ends.
  • Financial and tax records are kept in line with statutory accounting and tax obligations.
  • Security records such as CCTV or access logs are retained only for as long as needed for safety, investigation, or monitoring purposes.
  • Correspondence and complaint records are kept for as long as necessary to resolve the issue and maintain an accurate business record.

When data is no longer required, it is securely deleted, anonymised, or destroyed.

7. Data security

We use appropriate security measures designed to protect personal data from loss, unauthorised access, misuse, alteration, or disclosure. These may include access controls, password protection, encryption, restricted permissions, secure storage, and staff training. Although no system can be guaranteed to be completely secure, we take reasonable and proportionate steps to protect your information.

8. Your rights

Subject to legal conditions and exemptions, you have the following rights under data protection law:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the UK Information Commissioner's Office if you believe your data protection rights have not been respected. We encourage you to raise concerns with us first so that we can try to resolve them promptly.

9. Children’s data

Churchend Storage services are not intended for children, and we do not knowingly collect personal data from children except where it is incidental to a lawful contract or required in a specific situation. If we become aware that we have collected such data without a valid basis, we will take appropriate steps to delete it.

10. International transfers

Where personal data is transferred outside the UK, we will ensure suitable safeguards are in place to protect it, such as adequacy regulations or approved contractual protections. Any transfer will be carried out in compliance with applicable data protection law.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it takes effect. We encourage customers to review the policy periodically so they remain informed about how their data is used.

12. Summary of our approach

Churchend Storage only collects data that is necessary, uses it for clear and legitimate purposes, keeps it no longer than needed, and shares it only with trusted processors or where required by law. We aim to treat every customer in the area with fairness, transparency, and respect for privacy.

Call Now!
Call Now Get a Quote
Churchend Storage

GDPR-compliant Privacy Policy for Churchend Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.