Privacy Policy - Creekmouth Storage

Creekmouth Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in line with the UK GDPR and the Data Protection Act 2018. It applies to all Creekmouth Storage customers in the area, including prospective customers, current customers, account holders, authorised users, and individuals who communicate with us about storage services.

We aim to be clear and transparent about our data practices. This policy sets out the types of information we collect, the lawful bases we rely on, how long we keep information, the third parties who may process data on our behalf, and the rights available to individuals under data protection law.

1. Data We Collect

We collect only the personal data needed to provide and manage our storage services, maintain security, and meet legal obligations. The information we may collect includes:

  • Identity information such as your name, date of birth, and proof of identity where required.
  • Contact information such as your address, email address, and telephone number.
  • Account information such as customer reference numbers, booking details, payment status, and service records.
  • Payment information such as bank account details or card-related information processed through secure payment systems.
  • Security information such as CCTV footage, access logs, gate records, and incident reports.
  • Communication records including emails, written correspondence, call notes, complaints, and queries.
  • Vehicle or access information where needed for site access, deliveries, or security management.

We may also collect special category data only where strictly necessary and where allowed by law, for example if it is relevant to a specific complaint, complaint handling process, or legal claim. We do not seek to collect unnecessary sensitive information.

2. How We Use Personal Data

We use personal data to operate our storage business effectively and safely. This may include:

  • setting up and managing customer accounts;
  • providing access to storage units and related services;
  • processing payments and managing invoices;
  • communicating about bookings, account changes, and service issues;
  • maintaining site safety and security;
  • monitoring for fraud, theft, misuse, or unauthorised access;
  • handling complaints, claims, and disputes;
  • complying with legal and regulatory requirements;
  • improving our services, systems, and customer experience.

We only use personal data for the purposes for which it was collected, unless we reasonably determine that we need to use it for a compatible related purpose or another lawful purpose permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing personal data. Creekmouth Storage may rely on one or more of the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, taking payment, providing access, and delivering agreed services.

Legal Obligation

We may process data where necessary to comply with legal obligations, such as tax, accounting, fraud prevention, health and safety, and regulatory requirements.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests and where those interests are not overridden by your rights and freedoms. This may include security monitoring, site protection, record keeping, service improvement, and managing customer communications. When relying on legitimate interests, we carry out a balancing assessment to ensure fairness.

Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications or specific uses of information. Where consent is used, you may withdraw it at any time.

Vital Interests and Public Interest

These bases are unlikely to apply in ordinary storage operations, but may be used in exceptional circumstances if necessary to protect someone’s life or respond to a public interest requirement under applicable law.

4. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, reporting, security, and dispute resolution requirements. Retention periods vary depending on the type of record and the reason for holding it.

  • Customer account records are generally retained for the duration of the contract and for a reasonable period afterwards.
  • Payment and invoicing records are retained for the period required by tax and accounting laws.
  • Security records such as CCTV footage or access logs are retained for a limited period unless needed for an investigation or legal claim.
  • Complaint and dispute records may be retained longer where necessary to defend legal rights or meet regulatory obligations.

When personal data is no longer required, it will be securely deleted, anonymised, or otherwise disposed of in a safe manner.

5. Processors and Sharing of Data

We may share personal data with trusted third parties that act as data processors or independent controllers, but only where necessary and only with appropriate safeguards in place. These may include:

  • IT and cloud service providers who support our systems, storage, and communications;
  • payment processors who securely handle financial transactions;
  • security providers involved in monitoring, CCTV, alarm systems, or site protection;
  • professional advisers such as accountants, auditors, insurers, or legal advisers;
  • regulators, law enforcement, or public authorities where required by law or necessary to protect rights and safety.

Processors are only allowed to use personal data in accordance with our instructions and must implement appropriate technical and organisational security measures. We do not sell personal data.

6. International Transfers

If any service provider stores or accesses data outside the United Kingdom, we will take steps to ensure that appropriate protections are in place. These protections may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. Measures may include access controls, secure storage, encryption where appropriate, staff confidentiality obligations, and regular review of security procedures. While no system can be completely secure, we work to reduce risk and respond appropriately if an incident occurs.

8. User Rights

Individuals have a number of rights under UK data protection law. Subject to legal limits and verification of identity, you may have the right to:

  • access your personal data and receive a copy of it;
  • rectify inaccurate or incomplete information;
  • erase personal data in certain circumstances;
  • restrict how we use your data in certain cases;
  • object to processing based on legitimate interests or direct marketing;
  • data portability for data you have provided, where applicable;
  • withdraw consent where processing is based on consent;
  • lodge a complaint with the relevant data protection authority if you believe your rights have been breached.

We may need to verify your identity before responding to a rights request. In some cases, legal obligations or the rights of others may limit what we can do, but we will always explain our decision clearly.

9. Children’s Data

Creekmouth Storage services are intended for adults. We do not knowingly collect personal data from children unless it is required in connection with a lawful contract, legal obligation, or emergency situation. If we become aware that we have collected data from a child without a lawful basis, we will take appropriate steps to remove it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or our business operations. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review the policy periodically so they remain informed about how their data is used.

By using Creekmouth Storage services, you acknowledge that your personal data will be handled in accordance with this Privacy Policy. We are committed to processing personal information fairly, lawfully, and transparently, while maintaining the security and integrity of the services we provide in the area.

Call Now!
Call Now Get a Quote
Creekmouth Storage

GDPR-compliant Privacy Policy for Creekmouth Storage covering data collection, lawful bases, retention, processors, security, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.