Privacy Policy - Stgiles Storage

Effective Date: This Privacy Policy applies to all Stgiles Storage customers in the area and explains how we collect, use, store, share, and protect personal data in connection with our storage services.

At Stgiles Storage, we are committed to handling personal data responsibly, transparently, and in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy sets out the categories of personal data we collect, the lawful bases we rely on, how long we keep information, the third parties that may process data on our behalf, and the rights available to individuals.

1. Scope of This Policy

This Privacy Policy applies to all Stgiles Storage customers in area, including prospective customers, current customers, account holders, authorised users, and individuals whose data is provided to us in connection with storage services, account administration, billing, access control, or support requests.

By using our services, entering into an agreement with us, or providing personal data to us, you acknowledge that your information will be processed as described in this policy.

2. Data We Collect

We collect only the personal data that is necessary to operate our services, manage customer relationships, and meet legal obligations. The information we may collect includes:

  • Identity data such as name, title, date of birth, and identification details where required.
  • Contact data such as postal address, billing address, email address, and telephone number.
  • Account and contract data such as customer reference numbers, service preferences, storage unit details, contract dates, and payment history.
  • Financial data such as payment card details or bank payment information, where necessary for processing payments.
  • Security and access data such as entry records, gate access logs, CCTV footage, incident reports, and key or code records where access control is used.
  • Communications data such as correspondence, enquiries, complaints, and records of customer support interactions.
  • Usage and device data if you interact with any digital systems we operate, including technical logs and system diagnostics.

We generally do not seek to collect special category data unless it is necessary for a specific legal or operational purpose, such as where a legal claim requires it or where you choose to provide it in communication with us.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage customer accounts and storage agreements.
  • To provide storage services and related support.
  • To verify identity and protect against fraud or misuse.
  • To process payments, send invoices, and manage arrears.
  • To maintain security, monitor premises, and prevent unlawful activity.
  • To communicate service information, updates, notices, and operational changes.
  • To comply with legal obligations, regulatory requirements, and court orders.
  • To defend our legal rights or resolve disputes.

We will only use personal data in ways that are compatible with the original purpose for which it was collected, unless we have a lawful basis for doing otherwise.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Stgiles Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as managing your storage account, billing, access permissions, and service delivery.

Legal Obligation

We process certain information because we are required to do so by law, including tax, accounting, safety, fraud prevention, and record-keeping obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests may include securing our premises, managing operations, preventing misuse, improving services, and handling internal administration.

Consent

In limited situations, we may rely on your consent, for example where consent is required for optional communications or specific processing activities. Where we rely on consent, you have the right to withdraw it at any time.

Vital Interests

In rare cases, we may process information to protect someone’s vital interests, such as in an emergency involving health or safety.

5. Sharing and Processors

We may share personal data with trusted third parties who act as processors on our behalf or, in some cases, as separate controllers. These parties are required to handle information securely and only in accordance with our instructions or applicable law.

Examples of processors and service providers may include:

  • IT and cloud service providers that host or support our systems.
  • Payment processors that handle card or banking transactions.
  • Security and monitoring providers including CCTV maintenance and access control support.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Delivery and logistics providers where needed to support service operations.
  • Debt recovery or credit control providers where accounts are in arrears and lawful action is necessary.

We may also disclose personal data to public authorities, regulators, law enforcement, or courts where required by law or where disclosure is necessary to protect our rights, property, customers, or others.

Where processors are used, we ensure appropriate contractual safeguards are in place, including data processing terms designed to protect confidentiality, security, and lawful handling of personal data.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purpose for which it was collected, and to meet legal, regulatory, accounting, or reporting requirements. Retention periods may vary depending on the type of data and the reason it is held.

  • Customer account and contract records are generally retained for the duration of the agreement and for a reasonable period afterwards to address disputes, administration, and legal claims.
  • Financial and tax records are retained for the period required by law.
  • Security records and access logs are retained only as long as necessary for safety, security, or incident investigation purposes.
  • Correspondence and complaints are retained for as long as needed to resolve issues and maintain a record of service interactions.

When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention procedures.

7. Your Rights Under UK GDPR

You have a number of rights in relation to your personal data. These rights may be subject to certain conditions and exemptions, but we will always consider your request carefully.

Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

Right to Rectification

You may ask us to correct inaccurate or incomplete personal data.

Right to Erasure

In some circumstances, you may request deletion of your personal data, for example where it is no longer needed or where consent is withdrawn and no other lawful basis applies.

Right to Restrict Processing

You may request that we limit how we use your data in certain situations, such as while accuracy or lawful basis is being reviewed.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you may request your data in a structured, commonly used, machine-readable format.

Right to Object

You may object to processing based on legitimate interests. We will stop processing unless we have compelling legitimate grounds or need to continue for legal claims.

Rights in Relation to Automated Decision-Making

We do not ordinarily use solely automated decision-making that produces legal or similarly significant effects. If this changes, we will provide appropriate information and safeguards.

You also have the right to withdraw consent where we rely on consent, and the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data has been mishandled.

8. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, system monitoring, and restricted permissions. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risks involved.

9. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place and that the transfer complies with applicable data protection law. Such safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated to customers.

11. Summary of Our Commitment

Stgiles Storage is committed to treating customer data with care, fairness, and transparency. We collect only what is needed, use it for clear and lawful purposes, keep it only for as long as necessary, and share it only with trusted processors or where the law requires it. Customers in area can expect their rights to be respected and their personal data to be handled in line with UK GDPR requirements.

By using Stgiles Storage services, you acknowledge that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Stgiles Storage

GDPR-compliant Privacy Policy for Stgiles Storage covering data use, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.