Privacy Policy - Gideapark Storage

This Privacy Policy explains how Gideapark Storage collects, uses, stores, shares, and protects personal data in connection with storage services provided to customers in the area. It applies to all Gideapark Storage customers in area, including individuals, households, and business customers who use or enquire about our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK GDPR and the Data Protection Act 2018, where applicable.

1. Who We Are

Gideapark Storage acts as a data controller for the personal data it collects and processes in relation to storage services, customer accounts, billing, access management, security, and communications. In some cases, we may also act as a joint controller or processor depending on the service arrangement. We take our responsibilities seriously and apply appropriate technical and organisational measures to protect personal data.

2. Personal Data We Collect

We collect only the data that is necessary for clear and specific purposes. The categories of information we may collect include:

  • Identity information: name, title, date of birth, and similar identifiers.
  • Contact information: address, email address, and telephone number.
  • Account and contract information: storage unit details, booking records, payment status, and service preferences.
  • Payment information: billing details and transaction records. We do not intentionally store full card details where a payment provider processes them securely.
  • Access and security information: entry logs, CCTV images where used, device or access credentials, and incident reports.
  • Correspondence: enquiries, complaints, claims, and customer support communications.
  • Technical information: limited device or system data collected when you interact with our digital systems, if any.

We do not seek to collect more information than necessary. Where we need special category data or other sensitive information, we will only process it when legally permitted and when it is relevant to a lawful purpose.

3. How We Use Personal Data

We use personal data to provide and manage our storage services, including:

  • creating and administering customer accounts;
  • verifying identity and eligibility;
  • managing bookings, renewals, access, and move-in or move-out processes;
  • processing payments, refunds, and account administration;
  • communicating about service matters, security issues, and contractual changes;
  • maintaining site safety and preventing theft, fraud, or misuse;
  • responding to enquiries, complaints, legal claims, and support requests;
  • meeting legal, tax, accounting, and regulatory obligations.

We may also use aggregated or de-identified information for internal reporting, service improvement, and operational analysis. Where data is anonymised effectively, it is no longer personal data under data protection law.

4. Lawful Basis for Processing

We process personal data only where we have a lawful basis under applicable data protection law. Depending on the activity, our lawful bases may include:

  • Contract: processing is necessary to enter into or perform our storage agreement with you.
  • Legal obligation: processing is required to comply with laws relating to tax, accounting, safety, recordkeeping, or lawful requests from authorities.
  • Legitimate interests: processing is necessary for our legitimate business interests, such as site security, fraud prevention, service management, and customer support, provided those interests are not overridden by your rights and freedoms.
  • Consent: used where required, for example certain marketing communications or optional processing activities. Where consent is relied upon, you may withdraw it at any time.

Where we rely on legitimate interests, we carry out an assessment to ensure the processing is necessary and proportionate. We do not use personal data in ways that are incompatible with the original purpose without a valid lawful basis.

5. Data Sharing and Processors

We may share personal data with carefully selected third parties who assist us in operating our business. These organisations act as processors when they process data on our behalf and under our instructions. Examples may include:

  • payment service providers;
  • IT hosting and software providers;
  • security service providers and alarm monitoring services;
  • CCTV and access control system providers;
  • professional advisers such as accountants, auditors, or legal advisers;
  • delivery, maintenance, or facilities contractors where access to data is required for service delivery.

We require processors to implement appropriate security measures and to process personal data only for the purposes we specify. We may also disclose personal data where required by law, court order, or regulatory request, or where necessary to protect our rights, customers, staff, property, or the public.

Strongly protected contractual and technical safeguards are used when we appoint processors. Where international data transfers are needed, we will ensure an appropriate legal mechanism is in place.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Retention periods depend on the type of record and the reason it is held. In general:

  • customer account and contract records are retained for the duration of the relationship and for a period after it ends;
  • financial and tax records are retained for the period required by law;
  • security records such as access logs or CCTV footage are retained for a limited period unless needed for an incident, claim, or legal matter;
  • customer enquiries and complaints are retained for as long as needed to resolve the matter and maintain internal records.

When retention periods expire, data is deleted, destroyed, or anonymised securely. In some situations, we may retain records for longer where necessary to establish, exercise, or defend legal claims.

7. Security of Personal Data

We use appropriate safeguards to protect personal data against unauthorised access, loss, alteration, or disclosure. These safeguards may include access controls, encryption where suitable, secure storage, staff training, and restricted permissions. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risks involved.

8. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time.

These rights are not absolute and may be subject to legal exceptions. We will respond to valid requests in accordance with applicable law and may need to verify your identity before acting on a request.

Exercising Your Rights

If you wish to exercise any of your rights, please provide enough information for us to identify you and understand your request. We may ask for additional details if needed to protect your privacy and ensure that we do not disclose data to the wrong person. We aim to respond without undue delay and within the time limits set by law.

9. Marketing Communications

Where permitted, we may send service-related or promotional communications. If we rely on consent, you can opt out at any time. If we rely on legitimate interests for limited business-to-business communication, you may still object where applicable. We will always respect your preferences in line with legal requirements.

10. Children’s Data

Our storage services are not directed at children, and we do not knowingly collect personal data from children except where it is incidental to a lawful customer relationship or where a parent or guardian provides information on their behalf. If we become aware that we have collected data inappropriately, we will take reasonable steps to delete it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, practice, or our services. When changes are made, the updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

12. Complaints

If you have concerns about how your personal data is handled, you may raise them with us and we will review the matter carefully. You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed. We encourage customers to contact us first so we can try to resolve concerns promptly and fairly.

In summary, Gideapark Storage processes personal data lawfully, transparently, and with respect for individual rights. We use only the information necessary to deliver secure storage services, rely on appropriate lawful bases, keep data only as long as needed, and work with processors under strict safeguards.

Call Now!
Call Now Get a Quote
Gideapark Storage

Gideapark Storage Privacy Policy covering data collection, lawful basis, retention, processors, user rights, security, and complaint handling for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.