Privacy Policy - Foresthill Storage

Privacy Policy - Foresthill Storage

This Privacy Policy explains how Foresthill Storage collects, uses, stores, shares, and protects personal data. It applies to all Foresthill Storage customers in area, including prospective customers, current customers, former customers, and any individuals who interact with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the General Data Protection Regulation (GDPR) and other applicable data protection laws.

Please read this policy carefully to understand how your information is processed.

1. Who We Are

Foresthill Storage provides storage services and related administrative support. For the purposes of data protection law, Foresthill Storage acts as the data controller for the personal data described in this Privacy Policy. This means we decide how and why your personal data is processed.

We are responsible for ensuring that your personal data is collected and used only when we have a valid legal basis and only for legitimate business purposes connected to our services.

2. Personal Data We Collect

We may collect and process different types of personal data depending on your relationship with us and the services you use. The categories of data we may collect include:

  • Identity data, such as your name, title, date of birth, and identification details where required for verification.
  • Contact data, such as your address, email address, and telephone number.
  • Contract data, such as account details, storage unit details, service preferences, agreement dates, and payment terms.
  • Financial data, such as payment method information, billing records, transaction records, and outstanding balances.
  • Security and access data, such as CCTV images, access logs, gate entry records, alarm-related records, and incident reports.
  • Communication data, such as correspondence with us by email, phone, written messages, or other communication channels.
  • Technical data, such as device or browser information when interacting with our systems, if applicable.
  • Customer service and complaint data, including requests, claims, disputes, and support notes.

We generally do not collect special category personal data unless it is required for a specific legal or administrative reason and permitted by law. Where we do so, we will apply additional safeguards as required by GDPR.

3. How We Collect Personal Data

We collect personal data directly from you when you complete forms, enter into a storage agreement, make payments, contact us, or otherwise use our services. We may also collect data from third parties where lawful and appropriate, such as payment providers, identity verification services, insurers, lawful authorities, or agents acting on your behalf.

In some cases, personal data may be collected automatically through security systems, access controls, and monitoring equipment used to protect our premises and property. This may include CCTV footage or entry records.

4. Purposes of Processing

We use personal data only where necessary for specific and legitimate purposes. These include:

  • managing customer accounts and storage agreements;
  • verifying identity and preventing fraud;
  • processing payments and maintaining financial records;
  • providing customer support and handling enquiries;
  • protecting the security of our site, customers, staff, and property;
  • monitoring access to storage facilities;
  • handling complaints, disputes, and insurance-related matters;
  • complying with legal and regulatory obligations;
  • improving our services, systems, and operational efficiency;
  • asserting, exercising, or defending legal claims.

We do not sell your personal data.

5. Lawful Basis for Processing

Under GDPR, we must have a lawful basis before processing your personal data. Depending on the circumstances, we rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access to your unit, processing payments, and carrying out services you have requested.

Legal Obligation

We may process personal data where necessary to comply with a legal obligation. This includes maintaining accounting and tax records, responding to lawful requests, and meeting regulatory requirements.

Legitimate Interests

We may process personal data where necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include protecting our property, maintaining security, preventing fraud, managing our business efficiently, and defending legal claims.

Consent

In limited cases, we may rely on your consent, for example where specific optional communications or uses require it. Where consent is used, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing before withdrawal.

6. Sharing and Processors

We may share personal data with trusted third parties that act as processors or, in some cases, independent controllers. Processors are organizations that process personal data on our behalf and only according to our instructions.

Typical processors and recipients may include:

  • IT and cloud service providers who host or maintain secure systems and data storage;
  • payment processors and banking partners who handle transactions and payment administration;
  • security providers who support alarm systems, surveillance, or facility protection;
  • professional advisers such as accountants, auditors, insurers, or legal advisers;
  • identity verification or fraud prevention providers where necessary;
  • public authorities, regulators, courts, or law enforcement where required by law;
  • debt recovery or dispute resolution providers where lawful and necessary.

We require processors to handle personal data securely, confidentially, and in compliance with GDPR. Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses, as required by law.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, reporting, security, and business requirements.

Retention periods may vary depending on the type of data and the reason it is held. For example:

  • Contract and customer account records are generally retained for the duration of the agreement and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security records, including CCTV, are retained only for as long as necessary for safety, incident review, or legal purposes.
  • Correspondence and complaint records are retained as needed to resolve matters and defend legal claims.

When data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.

8. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorized access, accidental loss, destruction, misuse, or disclosure. These measures may include access restrictions, physical security controls, staff training, encryption, secure record handling, and regular review of our systems.

Although no system is completely secure, we work to reduce risk and respond promptly to any suspected data breach.

9. Your Rights Under GDPR

You have a number of rights in relation to your personal data. These rights may be subject to legal conditions or exemptions, but we will always assess each request carefully.

Right of Access

You have the right to request confirmation of whether we process your personal data and to obtain a copy of that data.

Right to Rectification

You may request that inaccurate or incomplete personal data be corrected or updated.

Right to Erasure

In certain circumstances, you may ask us to delete your personal data. This right does not apply where we are legally required or otherwise entitled to retain the data.

Right to Restrict Processing

You may request that we restrict how we use your personal data in certain situations, for example while a correction request is being reviewed.

Right to Data Portability

Where processing is based on consent or contract and carried out by automated means, you may request a copy of certain data in a structured, commonly used, machine-readable format.

Right to Object

You may object to processing based on legitimate interests, including direct marketing where applicable. We will stop processing unless we have compelling lawful grounds to continue.

Rights Related to Automated Decision-Making

We do not normally make decisions based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide appropriate information and safeguards.

If you wish to exercise any of these rights, we will respond in accordance with GDPR timelines and requirements.

10. Children’s Data

Our services are intended for adults and business or personal customers who can lawfully enter into storage agreements. We do not knowingly collect personal data from children except where it is incidentally included in records necessary for lawful business or legal purposes.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational needs. Any updates will take effect when published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

12. Summary of Our Commitment

Foresthill Storage is committed to respecting your privacy and protecting your personal data. We only collect data that is relevant and necessary for providing secure storage services, managing our business, and meeting legal obligations. We use clear lawful bases for processing, limit access to trusted processors, retain data only as long as needed, and support your rights under GDPR.

This policy applies to all Foresthill Storage customers in area.

We aim to handle your information responsibly, transparently, and securely at all times.

Call Now!
Call Now Get a Quote
Foresthill Storage

GDPR-compliant Privacy Policy for Foresthill Storage covering data collection, lawful basis, retention, processors, user rights, and applying to all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.