Privacy Policy - Selfstorage Mayfair

This Privacy Policy explains how Selfstorage Mayfair collects, uses, stores, shares, and protects personal data relating to customers, prospective customers, visitors, and other individuals whose information is handled in connection with our self-storage services. It applies to all Selfstorage Mayfair customers in area and to anyone interacting with our services in that area.

We are committed to processing personal data fairly, lawfully, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We respect your privacy and are committed to ensuring that any personal data we hold is used only for legitimate business purposes and safeguarded appropriately.

1. Personal Data We Collect

We may collect and process the following categories of personal data, depending on how you interact with us:

  • Identity data such as your name, date of birth, and identification details used for account verification or security checks.
  • Contact data such as postal address, email address, and telephone number.
  • Account data such as customer reference numbers, booking information, storage unit details, payment status, and service preferences.
  • Financial data such as billing information, payment records, and transaction details. We do not normally store full card details where payment processors handle those securely.
  • Security and access data such as access logs, CCTV recordings, visitor records, and alarm or incident reports where applicable.
  • Correspondence data such as communications with us by phone, email, or other means, including complaints, queries, and service requests.
  • Technical data such as IP address, device information, browser type, and usage data if you interact with digital systems used by Selfstorage Mayfair.

We may also collect information from third parties where necessary, such as identity verification providers, payment processors, insurers, legal advisers, or law enforcement bodies, where permitted by law.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage customer accounts;
  • to verify identity and prevent fraud;
  • to provide self-storage services and manage access to units and facilities;
  • to process payments, fees, and refunds;
  • to communicate with customers about their accounts, services, or operational matters;
  • to maintain security, protect property, and investigate incidents;
  • to comply with legal and regulatory obligations;
  • to resolve disputes and enforce agreements;
  • to improve our services, systems, and customer experience;
  • to send service-related notices and, where permitted, relevant administrative updates.

We will only process personal data where we have a lawful basis to do so. We do not use personal data for unrelated purposes without informing you where required by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each type of processing. Depending on the activity, we may rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes opening your account, providing storage services, managing payments, and handling your access to the facility.

Legal Obligation

We may process data where required to comply with legal obligations, such as tax, accounting, fraud prevention, safety, or lawful requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided your interests and fundamental rights do not override those interests. This may include facility security, service improvement, internal administration, dispute handling, and protecting our business from misuse or fraud.

Consent

In some limited circumstances, we may rely on your consent, for example for certain optional communications or specific uses not covered by another lawful basis. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

4. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying any legal, accounting, reporting, or dispute-resolution requirements. Retention periods vary depending on the category of information and the nature of the relationship.

  • Customer account records are retained for the duration of the service relationship and for a period after closure as required by law or business necessity.
  • Financial and transaction records are retained for the time required under tax and accounting rules.
  • Security records such as access logs or CCTV footage are typically retained for a shorter period unless needed for an investigation, legal claim, or security incident.
  • Correspondence and dispute records may be retained for as long as necessary to manage the matter and defend or establish legal claims.

When personal data is no longer needed, we will delete, anonymise, or securely destroy it in accordance with our retention procedures.

5. Sharing Personal Data and Processors

We may share personal data with trusted third parties where necessary for the operation of our business, legal compliance, or service delivery. These parties may act as processors or, in some cases, independent controllers. We only share the minimum information necessary and require appropriate safeguards.

Examples of processors and service providers include:

  • IT and hosting providers who support our systems, data storage, and digital security;
  • Payment service providers who process customer payments securely;
  • Identity verification and fraud prevention providers who help confirm identity and reduce misuse;
  • Security service providers who assist with monitoring, access control, or incident response;
  • Professional advisers such as accountants, insurers, auditors, and legal advisers;
  • Public authorities including regulators, law enforcement, or courts where disclosure is required by law or necessary to protect rights and safety.

Where processors handle data on our behalf, they are bound by written agreements requiring them to act only on our instructions, keep the data secure, and comply with data protection law.

6. International Transfers

If any of our service providers store or process data outside the United Kingdom, we will ensure that appropriate safeguards are in place before the transfer takes place. These may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms. We take steps to ensure personal data remains protected to the standard required by applicable law.

7. Your Rights

Subject to legal limits and verification of identity, you have the following rights under data protection law:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we process your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability – to receive certain data in a structured, commonly used format or have it transferred to another controller where technically feasible.
  • Right to withdraw consent – where processing relies on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are concerned about how your personal data is handled.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access controls, secure systems, staff training, limited access permissions, and monitoring procedures. While no system can be completely secure, we work to maintain a high level of protection proportionate to the risks involved.

9. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a service arrangement and lawful to do so. If we become aware that we have collected information from a child without appropriate authority or lawful basis, we will take steps to delete it promptly.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. Any updates will take effect when published or otherwise communicated. We encourage you to review this policy periodically to stay informed about how your information is used.

11. Summary of Our Commitment

Selfstorage Mayfair is committed to using personal data responsibly, transparently, and securely. We collect only the information needed to provide and manage our services, rely on lawful bases for processing, retain data only as long as necessary, use trusted processors under contract, and respect your legal rights. This policy applies to all Selfstorage Mayfair customers in area and forms part of our broader commitment to privacy and compliance.

Call Now!
Call Now Get a Quote
Selfstorage Mayfair

GDPR-compliant Privacy Policy for Selfstorage Mayfair covering data collection, lawful basis, retention, processors, user rights, and security for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.