Privacy Policy - Lissongrove Storage

This Privacy Policy explains how Lissongrove Storage collects, uses, stores, shares, and protects personal data in connection with our storage services. It applies to all Lissongrove Storage customers in area, including individuals, businesses, and anyone who uses our services, visits our premises, communicates with us, or otherwise provides information to us. We are committed to handling personal data in a lawful, fair, transparent, and secure manner in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

1. Personal Data We Collect

We collect only the personal data needed to provide and manage our services, maintain security, meet legal obligations, and support customer accounts. The information we collect may include:

  • Identity information such as name, date of birth, and identification documents where required for verification.
  • Contact information such as address, email address, and telephone number.
  • Account and service information such as storage unit details, booking records, payment status, invoices, access logs, and customer correspondence.
  • Payment information such as billing details and transaction records. We do not typically store full card details if payment processing is handled by a payment provider.
  • Security information such as CCTV footage, entry records, alarm logs, and incident reports where relevant to site safety and protection of property.
  • Technical information such as device data or website usage data if you interact with our digital services, where applicable.
  • Communication records including emails, calls, complaints, claims, notices, and other messages exchanged with us.

We do not intentionally collect special category data unless it is necessary and lawful to do so, for example where required in connection with a dispute, legal claim, or safety incident. If we do collect such information, we apply additional safeguards.

2. How We Use Your Data

We use personal data for the following purposes:

  • To set up and manage storage agreements.
  • To identify and verify customers and authorised users.
  • To process payments, deposits, invoices, and refunds.
  • To provide access to storage facilities and manage site security.
  • To respond to enquiries, complaints, and support requests.
  • To maintain records, monitor use of our services, and improve operations.
  • To detect, investigate, and prevent fraud, theft, damage, unauthorised access, and other unlawful activity.
  • To comply with legal, accounting, tax, regulatory, and insurance obligations.
  • To establish, exercise, or defend legal claims.

We only use your personal data where we have a valid lawful basis to do so and only for the purposes described in this policy or for purposes that are compatible with them.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Lissongrove Storage may rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your account, providing storage services, managing access, and handling billing.

Legal obligation

We process data where needed to comply with legal obligations, including tax and accounting requirements, health and safety duties, record keeping, and lawful requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests. This may include protecting our premises, preventing loss or damage, managing risk, improving our services, maintaining administrative records, and resolving disputes. Where we rely on legitimate interests, we consider the impact on your privacy and apply safeguards.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or specific uses of data. Where consent is used, you can withdraw it at any time. Withdrawal will not affect processing already carried out lawfully before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties where necessary to operate our services, meet legal requirements, or protect our interests. These third parties act as processors or independent controllers depending on the situation.

  • Payment processors that handle secure card or electronic payments.
  • IT and hosting providers that support email, data storage, software systems, and backups.
  • Security providers that supply CCTV, alarm monitoring, access control, or maintenance services.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers.
  • Authorities and regulators where disclosure is required by law or necessary to protect rights, property, or safety.
  • Debt recovery or dispute resolution services where needed to recover unpaid amounts or resolve claims.

Where a third party acts as a processor, they may only process personal data on our instructions and must keep it secure and confidential. We require processors to implement appropriate technical and organisational measures to protect personal data and to delete or return it when no longer needed.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, insurance, and dispute resolution needs. Retention periods depend on the type of information and the reason it is held.

  • Customer account records are generally retained for the duration of the relationship and for a period afterwards where needed for administration, legal claims, or compliance.
  • Payment and accounting records are retained for the period required by tax and financial regulations.
  • CCTV and access records are retained for a limited period unless needed for investigation, safety, insurance, or legal purposes.
  • Correspondence and complaint records are retained as needed to manage service issues, evidence decisions, or handle claims.

When personal data is no longer required, we will delete, destroy, or anonymise it securely.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure systems, password protection, and restricted physical access to records and premises. While no system can be completely secure, we work to maintain a level of protection appropriate to the risk.

7. International Transfers

Where personal data is transferred outside the UK or the European Economic Area, we ensure that appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, so that your data remains protected to a standard consistent with applicable law.

8. Your Rights

Subject to legal conditions and exemptions, you have the following rights under data protection law:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.
  • Right not to be subject to solely automated decisions – where applicable.

If you wish to exercise your rights, we will respond within the time limits required by law. We may need to verify your identity before acting on your request. Some rights may not apply in all situations, and legal obligations may require us to retain certain data.

9. Children’s Data

Our services are not directed at children. We do not knowingly collect personal data from children except where necessary in connection with lawful business, legal, or administrative matters, and then only with appropriate safeguards.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The most current version will apply to your use of our services. We encourage you to review it periodically to stay informed about how we protect personal data.

11. Complaints

If you have concerns about how your personal data is handled, you have the right to raise a complaint with the relevant data protection authority. You may also contact us through the usual service channels to seek clarification or resolution. We encourage you to let us know first so we can address your concerns promptly and fairly.

Last updated: This policy applies from the date it is published and remains in effect until replaced.

Call Now!
Call Now Get a Quote
Lissongrove Storage

GDPR-compliant Privacy Policy for Lissongrove Storage covering data collection, lawful basis, retention, processors, rights, security, and scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.