Privacy Policy - Heston Storage

Heston Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, share, store, and protect personal information when you use our storage services, visit our premises, communicate with us, or otherwise interact with us. This policy applies to all Heston Storage customers in area, including current, former, and prospective customers, as well as individuals acting on behalf of business accounts.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We aim to be transparent about our practices and to ensure that your information is handled lawfully, fairly, and securely.

1. Personal Data We Collect

We collect only the information necessary to provide storage services, manage accounts, maintain security, and meet legal obligations. Depending on your interaction with us, we may collect the following categories of personal data:

  • Identity details such as your name, date of birth, and proof of identity or address where required.
  • Contact details such as postal address, email address, and telephone number.
  • Account and contract details such as rental history, unit allocation, payment status, invoices, and communications relating to your storage agreement.
  • Payment information such as billing records, transaction references, and limited payment card details processed through secure payment systems.
  • Security information such as CCTV footage, access logs, vehicle registration details, key or access card records, and records of site entry and exit.
  • Correspondence including emails, letters, call notes, complaints, claims, and other communications with our staff.
  • Technical information where applicable, such as basic device or usage data if you interact with digital services linked to our operations.

We generally do not seek to collect special category data. However, such information may be provided incidentally by you in correspondence or claims. Where this happens, we will only process it where lawful and necessary.

2. How We Use Your Personal Data

We use personal data to operate our storage business and to support the security and administration of our services. Typical purposes include:

  • setting up and managing your storage agreement;
  • verifying identity where required;
  • processing payments and managing arrears;
  • communicating about your account, access, or service matters;
  • providing customer support and handling complaints;
  • operating site security systems and protecting customers, staff, and property;
  • preventing fraud, misuse, and unlawful activity;
  • meeting accounting, tax, insurance, and regulatory obligations;
  • establishing, exercising, or defending legal claims.

We only use your data for the purposes set out in this policy or for closely related purposes that would reasonably be expected in the context of storage services.

3. Lawful Basis for Processing

We process personal data only when we have a valid lawful basis under data protection law. The lawful bases we rely on are as follows:

Contract

We process personal data where it is necessary to enter into or perform our storage agreement with you. This includes managing your booking, providing access to a unit, processing payments, and administering your account.

Legal obligation

We may process data to comply with legal and regulatory requirements, including accounting, tax, fraud prevention, health and safety, and responding to lawful requests from public authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This includes site security, CCTV monitoring, protecting property, preventing crime, managing business operations, improving services, and handling disputes.

Consent

In limited circumstances, we may rely on your consent, for example if you choose to receive certain optional communications or where consent is the most appropriate basis for a specific activity. Where we rely on consent, you may withdraw it at any time.

Vital interests

In rare cases, we may process personal data to protect someone’s vital interests, such as in an emergency involving safety or serious harm.

4. How We Share Personal Data

We do not sell your personal data. We may share information only where necessary and appropriate for the purposes described in this policy. Recipients may include:

  • Payment service providers who process secure transactions on our behalf.
  • IT and software providers who support our business systems, document storage, access control, or communications tools.
  • Security providers who assist with CCTV, alarm monitoring, or site protection.
  • Professional advisers such as accountants, auditors, insurers, lawyers, and claims handlers.
  • Regulators, law enforcement, or public authorities where disclosure is required or permitted by law.
  • Debt recovery or enforcement partners where necessary for unpaid accounts or contract enforcement.

All processors and service providers are required to handle personal data securely, use it only for specified purposes, and comply with applicable data protection obligations.

5. Processors

Where we use third-party processors, they act on our instructions and may only process personal data in line with our documented requirements. We take steps to ensure that processors provide sufficient guarantees regarding security, confidentiality, and data protection compliance. Categories of processors may include cloud hosting services, payment processors, document management providers, customer support platforms, CCTV and access control providers, and maintenance contractors with limited access to systems.

We remain responsible for ensuring that any processor engaged by Heston Storage handles personal data appropriately and only to the extent necessary for the services they provide.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, and contractual obligations. Retention periods may vary depending on the type of data and the reason for processing.

  • Customer account and contract records are generally retained for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records are retained in line with legal obligations and accounting requirements.
  • Security records, including CCTV footage and access logs, are retained only for a limited period unless needed for an incident, investigation, or legal claim.
  • Correspondence and complaint records are retained for as long as needed to resolve the matter and for subsequent record-keeping where appropriate.

When personal data is no longer required, we will securely delete, anonymise, or dispose of it in accordance with our retention procedures.

7. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect it. These may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms. We assess transfer arrangements to help ensure that your data remains protected to a standard consistent with UK data protection law.

8. Security of Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, staff training, secure storage, access controls, encryption where appropriate, and monitoring of site security systems. While no system can be guaranteed to be completely secure, we regularly review our safeguards and improve them where needed.

9. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access to request a copy of the personal data we hold about you.
  • Right to rectification to correct inaccurate or incomplete information.
  • Right to erasure in certain circumstances, such as where data is no longer needed or consent is withdrawn.
  • Right to restriction to limit how we use your data in certain situations.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability to receive certain information in a structured, commonly used format where applicable.
  • Right to withdraw consent where processing is based on consent.

You also have the right to raise concerns about how your data is handled. We encourage you to contact us first so we can try to resolve any issues promptly and fairly.

10. Automated Decision-Making

We do not generally use automated decision-making that produces legal or similarly significant effects about you. If this changes, we will provide clear information about the logic involved, the significance of the processing, and the rights available to you.

11. Children’s Data

Our services are intended for adults and business customers. We do not knowingly collect personal data from children in connection with our storage services, except where it is incidentally provided in correspondence or where necessary for legal or emergency reasons.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our operational practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their information is used.

13. Summary of Our Commitment

Heston Storage will process personal data lawfully, fairly, and transparently; collect only what is needed; keep it secure; retain it for no longer than necessary; and respect your rights under data protection law. This policy applies to all Heston Storage customers in area and is designed to ensure your personal information is handled with care and accountability.

Call Now!
Call Now Get a Quote
Heston Storage

GDPR-compliant Privacy Policy for Heston Storage covering data collection, lawful basis, retention, processors, user rights, and scope for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.