Privacy Policy - Chalkfarm Storage

Chalkfarm Storage is committed to protecting the privacy and personal data of our customers. This Privacy Policy explains how we collect, use, store, share, and protect personal information when individuals use our storage services. It applies to all Chalkfarm Storage customers in the area, including prospective customers, account holders, authorised users, and individuals whose data we process in connection with the provision of storage services.

This policy is intended to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It should be read together with any relevant terms and conditions relating to storage services.

1. Personal Data We Collect

We may collect and process a range of personal data depending on how a customer interacts with us and which services are used. The information we collect is limited to what is necessary for clear business purposes and legal obligations.

Information you provide directly

  • Identity details such as your name, title, date of birth, and photographic identification where required for verification.
  • Contact details including postal address, email address, and telephone number.
  • Account and service information such as storage unit number, booking details, payment records, access permissions, and service preferences.
  • Communications you send to us, including enquiries, complaints, notices, and requests.
  • Financial information such as billing details, payment status, and transaction records.

Information collected automatically

  • Access records relating to entry to the site or unit, where applicable.
  • Technical data such as IP address, device type, browser information, and usage logs when interacting with digital systems.
  • Security records including CCTV footage, incident reports, and audit logs, where lawfully used for site safety and crime prevention.

Information from third parties

We may also receive personal data from third parties, such as payment providers, identity verification services, insurers, professional advisers, law enforcement, or landlords and agents acting on behalf of a customer. Any such information is handled in line with this policy and applicable law.

2. How We Use Personal Data

We process personal data for legitimate operational, contractual, safety, and legal reasons. Typical uses include:

  • providing storage services and managing customer accounts;
  • verifying identity and preventing fraud;
  • processing payments, deposits, and refunds;
  • maintaining site security and protecting property;
  • communicating service updates, notices, and account matters;
  • handling complaints, disputes, and claims;
  • meeting legal and regulatory obligations;
  • enforcing contracts and recovering debts where necessary;
  • improving our operations, systems, and customer experience.

We do not use personal data for purposes that are incompatible with the original reasons for collection unless required or permitted by law.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Chalkfarm Storage relies on the following legal grounds:

Contract

We process personal data where it is necessary to enter into or perform a contract with a customer. This includes opening accounts, providing access to storage, issuing invoices, and managing services.

Legal obligation

Some processing is required to comply with legal obligations, such as tax accounting, anti-money laundering checks where applicable, responding to lawful requests, and maintaining records required by law.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by the rights and freedoms of the individual. This includes security monitoring, fraud prevention, business administration, service improvement, and debt recovery. We balance these interests against the impact on individuals before relying on this basis.

Consent

Where we rely on consent, we will make this clear at the time we request it. Consent is used only in limited situations and can be withdrawn at any time without affecting the lawfulness of processing carried out before withdrawal.

Vital interests and public interest

In rare situations, we may process personal data to protect someone’s vital interests or where processing is necessary for a task carried out in the public interest or under official authority.

4. Data Sharing and Processors

We do not sell personal data. However, we may share information where necessary with trusted third parties who support the operation of our services. These parties act as processors or independent controllers depending on the circumstances.

Processors may include:

  • payment service providers who handle card or bank transactions;
  • cloud storage and IT system providers who host or maintain records;
  • security providers, such as alarm monitoring or CCTV maintenance contractors;
  • identity verification and fraud prevention services;
  • professional advisers, including accountants, auditors, and legal advisers;
  • mailing and communication service providers;
  • repair and maintenance contractors where access is required for operational reasons.

Where we use processors, we require them to process personal data only on our instructions, to keep it secure, and to comply with data protection law. We carry out appropriate checks before appointing processors and use contractual safeguards where required.

We may also disclose personal data if required to do so by law, by court order, or to law enforcement agencies, regulators, insurers, or other authorities where lawful and necessary.

5. International Transfers

Where personal data is transferred outside the United Kingdom, we ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. These measures are used to maintain a level of protection that is essentially equivalent to that required under UK GDPR.

6. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, including any legal, accounting, or reporting requirements. Retention periods depend on the nature of the information and our legitimate business needs.

Typical retention periods include:

  • Customer account and contract records: kept for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records: retained for the period required by law, generally up to six years or longer where required.
  • Security logs and incident records: retained only for as long as necessary for safety, investigation, or legal purposes.
  • General correspondence: kept for a period appropriate to the matter discussed.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in accordance with our retention procedures.

7. Data Security

We take appropriate technical and organisational measures to protect personal data against accidental loss, unlawful use, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, staff training, encryption, audit trails, and physical security controls.

While no system can be guaranteed completely secure, we review our safeguards regularly and update them as needed to reflect changes in risk and technology.

8. Your Rights

Individuals whose data we process have rights under data protection law. These rights may be subject to legal limits and exceptions, but we will always assess and respond to requests appropriately.

You may have the right to:

  • Access your personal data and obtain a copy of it;
  • Rectification of inaccurate or incomplete information;
  • Erasure of personal data in certain circumstances;
  • Restriction of processing in certain situations;
  • Object to processing based on legitimate interests or direct marketing;
  • Data portability where processing is based on consent or contract and carried out by automated means;
  • Withdraw consent where processing is based on consent;
  • Be informed about how your data is used;
  • Complain to the relevant data protection authority if you believe your rights have been infringed.

To protect privacy and security, we may need to verify your identity before responding to a request. We will respond within the legal time limits applicable under data protection law.

9. Children’s Data

Our storage services are not aimed at children, and we do not knowingly collect personal data from children except where it is necessary in connection with a customer account or legal arrangement. If we become aware that we have collected data unlawfully from a child, we will take steps to delete it where appropriate.

10. Automated Decision-Making

We do not carry out decisions based solely on automated processing that produce legal or similarly significant effects on individuals, unless this is permitted by law and appropriate safeguards are in place. If this changes, we will provide clear information about the logic involved and the rights available to affected individuals.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or processing practices. When changes are made, the updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

12. Our Commitment

Chalkfarm Storage recognises that personal data should be handled fairly, transparently, and securely. We aim to process information only where necessary, keep it accurate, and retain it for no longer than needed. Our approach is based on the principles of lawfulness, fairness, transparency, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

If you use Chalkfarm Storage services in the area, this policy applies to your personal data processing by us and by the processors acting on our behalf. By continuing to use our services, you acknowledge that your personal data may be handled in the ways described above and in accordance with applicable data protection laws.

Call Now!
Call Now Get a Quote
Chalkfarm Storage

GDPR-compliant Privacy Policy for Chalkfarm Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.