Privacy Policy - Colyers Storage

Effective date: This Privacy Policy applies to all Colyers Storage customers in area and explains how we collect, use, share, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Introduction

Colyers Storage is committed to protecting your privacy and handling your personal information in a lawful, fair, and transparent manner. This Privacy Policy explains what information we collect from customers, suppliers, visitors, and other individuals who interact with our services, why we collect it, the legal basis on which we process it, how long we keep it, who may process it on our behalf, and the rights available to you.

By using our storage services, entering into an agreement with us, visiting our premises, or otherwise interacting with us, you acknowledge the practices described in this Privacy Policy. We only collect and process personal data that is relevant, necessary, and proportionate to the purposes described below.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, title, date of birth, and any identifiers needed to verify your identity.
  • Contact details such as address, email address, phone number, and billing or correspondence details.
  • Account and contract information including storage unit details, rental history, payment records, correspondence, and service preferences.
  • Financial information such as payment card details, bank account information, invoicing data, and transaction records where required for payment processing.
  • Security information such as CCTV recordings, access logs, vehicle registration details, key fob records, and incident reports.
  • Usage information including dates and times of visits, use of facilities, and interactions with our staff or systems.
  • Communications including emails, written complaints, service requests, feedback, and any other messages you send to us.
  • Technical information where applicable, such as IP address, device information, and cookies or similar technologies used on our systems if you interact with our digital services.

We generally collect personal data directly from you when you complete forms, sign agreements, make payments, contact us, or use our facilities. In some cases, we may also receive data from third parties such as payment providers, identity verification services, debt recovery providers, insurers, legal advisers, or public authorities where permitted by law.

3. How We Use Your Data

We use personal data for the following purposes:

  • to provide storage services and manage your account;
  • to verify identity and prevent unauthorised access or misuse of our premises and services;
  • to process payments, issue invoices, and manage financial transactions;
  • to communicate with you about your agreement, payments, service updates, or customer support matters;
  • to maintain security, monitor site access, and protect our customers, staff, and property;
  • to deal with complaints, disputes, insurance claims, legal claims, or enforcement actions;
  • to comply with legal, regulatory, tax, accounting, and record-keeping obligations;
  • to improve our services, systems, and operational efficiency;
  • to prevent fraud, unlawful activity, and breaches of contract;
  • to defend, establish, or exercise legal rights.

We only process your personal data where we have a valid lawful basis. We do not use your personal data for purposes that are incompatible with the reasons described in this policy without informing you where required by law.

4. Lawful Basis for Processing

Under the UK GDPR, we rely on one or more of the following lawful bases when processing personal data:

  • Contract: processing is necessary to enter into or perform our storage agreement with you, including account management, billing, and service delivery.
  • Legal obligation: processing is necessary to comply with laws and regulations, such as tax, accounting, health and safety, fraud prevention, and lawful requests from authorities.
  • Legitimate interests: processing is necessary for our legitimate business interests, including protecting our property, ensuring security, improving services, preventing fraud, and managing disputes, provided these interests do not override your rights and freedoms.
  • Consent: where required by law, we may rely on your consent for specific activities. If we do, you may withdraw consent at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

In limited circumstances, we may also process personal data where it is necessary to protect vital interests or to perform a task carried out in the public interest, although these bases are not typically central to our services.

5. Sharing and Processors

We may share personal data with trusted third parties where necessary and appropriate for the purposes described in this Policy. These third parties may act as data processors or, in some cases, as independent data controllers.

Typical processors and service providers may include:

  • payment processors and merchant service providers;
  • IT hosting, cloud storage, and software providers;
  • customer management and communications systems providers;
  • security, monitoring, and CCTV service providers;
  • accountants, auditors, and professional advisers;
  • debt recovery, legal, and insurance advisers where needed;
  • identity verification and fraud prevention service providers.

We require processors to act only on our instructions, to keep personal data secure, and to process it in compliance with applicable data protection laws. Where a third party acts as an independent controller, that organisation will be responsible for its own privacy practices.

We may also disclose personal data if required to do so by law, court order, regulatory requirement, or to protect the rights, property, or safety of Colyers Storage, our customers, staff, or others. If our business is reorganised, sold, or transferred, personal data may be disclosed to relevant parties as part of that transaction, subject to appropriate safeguards.

6. International Transfers

Where personal data is transferred outside the United Kingdom or the European Economic Area, we will take appropriate steps to ensure that it is protected to a standard that is consistent with applicable law. This may include using approved contractual safeguards or relying on adequacy decisions where available.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, tax, insurance, and operational requirements. The retention period depends on the type of data and the purpose of processing.

In general:

  • contract and account records are retained for the duration of the customer relationship and for a reasonable period afterwards;
  • payment and invoicing records are retained for the periods required by tax and accounting law;
  • security records, including CCTV and access logs, are retained for a limited period unless needed for an investigation or legal claim;
  • correspondence and complaint records are retained as long as necessary to manage the matter and for evidential purposes;
  • records linked to litigation, disputes, or regulatory matters may be kept until the issue is fully resolved and any relevant limitation periods have expired.

When personal data is no longer required, we will delete, destroy, or anonymise it securely.

8. Your Rights

Subject to certain legal conditions and exemptions, you have the following rights under data protection law:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to ask us to delete your personal data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used, machine-readable format, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are unhappy with how your personal data has been handled. We encourage you to raise any concerns with us first so that we can try to resolve them promptly and fairly.

How We Handle Rights Requests

We may need to verify your identity before responding to a rights request. We will respond within the time limits required by law and may extend the response period where requests are complex or numerous. Some rights may not apply in every situation, and we may be entitled to refuse or limit a request where permitted by law.

9. Security of Your Data

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff training, monitoring, and procedures for handling incidents. While we aim to protect your data, no system can be guaranteed to be completely secure.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our internal practices. Any updated version will apply from the date it is made available. We encourage you to review this policy periodically so that you remain informed about how we handle personal data.

11. Summary of Our Commitment

Colyers Storage is committed to collecting only the personal data we need, using it for clear and lawful purposes, keeping it no longer than necessary, and protecting it with suitable safeguards. We apply this policy to all Colyers Storage customers in area, and we expect our processors and service providers to uphold the same standards of confidentiality, security, and lawful processing.

We do not sell your personal data. We use it to deliver our storage services responsibly, meet our legal duties, and protect the legitimate interests of our customers and business.

Call Now!
Call Now Get a Quote
Colyers Storage

GDPR-compliant Privacy Policy for Colyers Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.