Privacy Policy - Stratford Storage

This Privacy Policy explains how Stratford Storage collects, uses, stores, shares, and protects personal data relating to all Stratford Storage customers in the area. It applies to individuals who enquire about, use, or otherwise interact with our storage services, whether as account holders, authorised users, or prospective customers. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection law, including the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Stratford Storage provides storage services to individuals and businesses in the area. For the purposes of data protection law, Stratford Storage is the data controller in relation to the personal data described in this Privacy Policy. This means we determine how and why personal data is processed.

2. Personal Data We Collect

We may collect and process the following types of personal data:

  • Identity data: name, title, date of birth, and identification details where required.
  • Contact data: address, email address, telephone number, and billing address.
  • Account and service data: storage unit details, booking information, access records, account status, and service preferences.
  • Payment data: payment method details, transaction records, and billing history. Card details may be processed by payment processors rather than stored by us.
  • Security and access data: access logs, CCTV images where applicable, and information relating to site entry or use of secure systems.
  • Communications data: enquiries, complaints, feedback, and other correspondence with us.
  • Technical data: limited device and usage information collected when you interact with our digital systems, such as IP address or browser type, where necessary for security or functionality.

We do not intentionally collect special category data unless it is provided by you and is necessary for a specific lawful purpose, such as where you disclose information relevant to an issue we must address. Where such data is processed, we will do so only when permitted by law and with appropriate safeguards.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to register and manage customer accounts;
  • to provide and administer storage services;
  • to verify identity and prevent fraud;
  • to process payments and recover outstanding amounts;
  • to manage site access, security, and safety;
  • to respond to enquiries, requests, and complaints;
  • to maintain records and comply with legal and regulatory obligations;
  • to improve our services, systems, and customer experience;
  • to defend legal claims and protect our legitimate business interests.

We only process personal data where we have a valid legal reason to do so.

4. Lawful Basis for Processing

Under the UK GDPR, we rely on one or more of the following lawful bases:

a) Performance of a Contract

We process personal data where it is necessary to enter into or perform our storage agreement with you. This includes setting up your account, allocating storage space, managing access, and processing payments.

b) Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as tax, accounting, insurance, health and safety, anti-fraud, or record-keeping requirements.

c) Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include safeguarding our premises, preventing misuse of services, managing disputes, and improving operational efficiency. Where we rely on legitimate interests, we consider the impact on your privacy and implement appropriate protections.

d) Consent

In limited situations, we may rely on your consent, for example where it is required for optional marketing communications or certain non-essential processing. Where we rely on consent, you may withdraw it at any time.

Important: We do not depend on consent where another lawful basis is more appropriate or legally required.

5. Retention of Personal Data

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Retention periods vary depending on the type of data and the purpose of processing.

  • Customer account and contract records: kept for the duration of the relationship and for a period after it ends to deal with disputes, claims, and audits.
  • Financial records: kept for the period required by tax and accounting laws.
  • Security records: retained only for as long as necessary for safety, incident handling, or legal purposes.
  • Correspondence and complaint records: retained for as long as needed to address the matter and maintain internal records.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention practices.

6. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary for the purposes described in this Policy. These third parties act either as processors or, in some cases, as independent controllers.

Processors may include:

  • IT and cloud service providers: who host or support our systems, records, and security infrastructure.
  • Payment processors: who handle card and electronic payment transactions.
  • Accounting and bookkeeping providers: who support financial administration and compliance.
  • Security providers: who help monitor, maintain, or service access control and CCTV systems.
  • Customer communications providers: who assist with email, messaging, or administrative notifications.

We require processors to process personal data only on our instructions, keep it secure, and comply with data protection obligations. We do not sell personal data.

We may also disclose personal data where required by law, by a court order, to law enforcement, or to protect the rights, property, or safety of Stratford Storage, our customers, staff, or others.

7. International Transfers

If any of our processors store or access personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent transfer mechanisms, to protect your data.

8. Data Security

We take appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include restricted access controls, encryption where appropriate, secure storage, staff confidentiality duties, and regular review of our security practices.

While we strive to protect personal data, no system can be guaranteed as completely secure. If a personal data breach occurs and presents a risk to your rights and freedoms, we will handle it in line with applicable legal requirements.

9. Your Rights

Depending on the circumstances and applicable law, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to request limitation of processing in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to request that certain information be provided in a structured, commonly used format.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

Please note that these rights are not absolute and may be subject to legal exceptions or limitations. We may need to verify your identity before responding to a request.

10. Marketing Preferences

If we send marketing communications, we will only do so in line with applicable law. You may opt out of marketing at any time where applicable. We will continue to send essential service-related messages that are necessary for account administration, security, or legal compliance.

11. Children

Our storage services are not intended for children, and we do not knowingly collect personal data from children unless it is necessary in connection with a lawful service arrangement and permitted by law.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated, as appropriate.

13. Your Responsibility to Keep Information Accurate

We ask that you provide accurate and up-to-date personal data and notify us where details change. Keeping your information current helps us provide services safely, lawfully, and efficiently. Where you provide information about another person, you should ensure you have the right to share it with us and that they understand how their data will be used.

14. Summary of Key Principles

In summary, Stratford Storage processes personal data only where there is a valid lawful basis, uses it for clear and limited purposes, keeps it only as long as necessary, and shares it only with appropriate processors or where required by law. We aim to keep personal data secure, accurate, and handled with respect for individual rights.

By using Stratford Storage services in the area, you acknowledge that your personal data will be processed in accordance with this Privacy Policy.

Call Now!
Call Now Get a Quote
Stratford Storage

GDPR-compliant Privacy Policy for Stratford Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.