Privacy Policy - Towerhill Storage

Effective Date: This Privacy Policy applies to all Towerhill Storage customers in area and explains how we collect, use, store, share, and protect personal data in connection with our storage services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018. This policy describes the types of information we collect, the legal grounds we rely on, how long we keep information, the third parties that may process it on our behalf, and the rights available to individuals.

1. Scope of this Privacy Policy

This policy applies to personal data we process when you:

  • Apply for, rent, or use a storage unit or related service;
  • Communicate with us by email, phone, post, or in person;
  • Enter into a contract with us as a customer, account holder, guarantor, or authorised contact;
  • Visit our premises where CCTV or access control systems are in use;
  • Interact with our billing, security, or administrative systems.

Where personal data is processed jointly or shared between service providers, we ensure appropriate arrangements are in place to protect your rights.

2. Personal Data We Collect

We collect and process only the personal data necessary to provide storage services, manage our relationship with you, and meet legal obligations. The categories of data may include:

Information you provide directly

  • Identity details such as your name, date of birth, and account reference;
  • Contact details including your address, email address, and telephone number;
  • Contract and account information such as rental terms, payment status, and service history;
  • Verification information where needed to confirm identity or prevent fraud;
  • Correspondence and records of communication with us;
  • Payment-related information such as transaction references and billing records.

Information collected automatically

  • Access records including entry and exit logs from gates or security systems;
  • CCTV images where premises surveillance is operating for safety and security;
  • Device or technical data if you interact with digital systems we use to manage services.

Information from third parties

We may receive information from payment providers, identity verification services, debt recovery providers, insurers, legal advisers, or public authorities where appropriate and lawful.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage agreements;
  • To verify identity and prevent fraud;
  • To take payment, issue invoices, and manage arrears;
  • To provide access to storage facilities and maintain security;
  • To respond to enquiries, complaints, and requests;
  • To comply with legal and regulatory obligations;
  • To enforce our terms, resolve disputes, and protect our rights or property;
  • To improve our services, systems, and operational processes.

We do not use personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Depending on the context, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as administering your storage agreement, collecting payment, and providing access to services.

Legal obligation

We process data where required to comply with legal duties, including accounting, tax, fraud prevention, security, and responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This may include maintaining site security, preventing loss, managing customer relationships, and defending legal claims.

Consent

In limited cases, we may rely on your consent, for example where it is required for optional communications or certain types of non-essential processing. Where consent is used, you may withdraw it at any time.

5. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers. Where a processor is used, we require them to process data only on our instructions, keep it secure, and comply with applicable data protection law.

Categories of processors may include:

  • IT and cloud service providers for data hosting, system maintenance, and secure storage;
  • Payment processors for card or bank payment handling;
  • Identity verification services to help prevent fraud and confirm customer identity;
  • Security providers for CCTV monitoring, access control, and alarm support;
  • Professional advisers such as accountants, auditors, insurers, and legal advisers;
  • Debt recovery and credit control providers where accounts are in arrears and action is necessary;
  • Delivery or maintenance contractors where access is needed to perform services on site.

We may also disclose personal data to law enforcement, regulators, courts, or other public bodies where required by law or where disclosure is necessary to protect our legal rights.

We do not sell personal data.

6. International Transfers

If any of our processors or service providers store or access data outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent protections recognised under applicable law.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods depend on the type of information and the reason we hold it.

  • Contract and account records: retained for the duration of the agreement and for a period after it ends to handle disputes, enforce rights, or meet legal obligations;
  • Financial and tax records: retained for the period required by tax and accounting law;
  • Security records, including CCTV and access logs: retained for a limited period unless needed for investigation, legal claims, or safety incidents;
  • Enquiry and correspondence records: retained for as long as necessary to manage the matter and maintain service records.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or disclosure. These measures may include access controls, encryption, secure storage, staff training, and restricted permissions. While no system can be guaranteed to be completely secure, we take data protection seriously and continually review our safeguards.

9. Your Rights

Depending on the circumstances and applicable law, you may have the following rights in relation to your personal data:

  • Right of access to obtain a copy of the personal data we hold about you;
  • Right to rectification to correct inaccurate or incomplete information;
  • Right to erasure to request deletion of your data in certain cases;
  • Right to restriction to limit how we use your data in specific situations;
  • Right to object to processing based on legitimate interests or direct marketing;
  • Right to data portability for certain information you provided to us, where processing is based on consent or contract and carried out by automated means;
  • Right to withdraw consent where we rely on consent for processing;
  • Right to complain to the Information Commissioner’s Office if you believe your data has been misused.

We may need to verify your identity before responding to a rights request. Some rights may not apply in all cases, and legal exceptions may mean we can retain or continue processing certain information.

10. Automated Decision-Making

We do not make decisions about you that have legal or similarly significant effects solely by automated means unless permitted by law and with suitable safeguards in place. If this changes, we will provide clear information about the logic involved and your rights.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from its effective date.

By using Towerhill Storage services, you acknowledge that your personal data will be processed as described in this Privacy Policy. We encourage you to review this notice periodically to stay informed about how we protect your information.

Call Now!
Call Now Get a Quote
Towerhill Storage

GDPR-compliant Privacy Policy for Towerhill Storage covering data collection, lawful basis, retention, processors, security, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.