Privacy Policy - Dollishill Storage

This Privacy Policy explains how Dollishill Storage collects, uses, stores, shares, and protects personal data. It applies to all Dollishill Storage customers in the area, including individuals, household users, and business customers who receive storage services from us. We are committed to handling personal data in a lawful, fair, and transparent way in line with the UK GDPR and the Data Protection Act 2018, where applicable.

1. Who We Are

Dollishill Storage provides storage services and related customer support. For the purposes of data protection law, we act as a data controller when we decide why and how personal data is processed. This means we are responsible for ensuring that personal data is collected and used only for valid purposes and that appropriate safeguards are in place.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity details such as name, title, date of birth, and identification information where needed for verification.
  • Contact details such as postal address, email address, and telephone number.
  • Account and service details such as storage unit number, contract information, payment status, and service history.
  • Financial details such as billing information, payment records, and transaction references.
  • Security information such as access logs, keyholder details, CCTV images, and incident records.
  • Communications including correspondence, complaints, enquiries, and notes from customer support interactions.
  • Technical information where relevant, such as device or online usage data generated through our systems.

We generally collect data directly from you when you complete forms, sign contracts, make payments, contact us, or use our services. We may also receive information from third parties where necessary, such as payment providers, verification services, insurers, legal advisers, or public authorities.

3. How We Use Personal Data

We use personal data only where we have a lawful basis and where the use is necessary for a specific purpose. Typical purposes include:

  • setting up and managing storage agreements;
  • verifying identity and preventing fraud;
  • processing payments, refunds, and invoices;
  • communicating with customers about their storage services;
  • monitoring access to protect property, people, and premises;
  • handling complaints, disputes, and service issues;
  • meeting legal, regulatory, tax, accounting, and insurance obligations;
  • maintaining business records and service continuity;
  • protecting our rights, our customers’ rights, and the security of our operations.

We do not use personal data for unrelated purposes without appropriate notice or a lawful basis.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for each processing activity. Depending on the circumstance, we rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, including managing storage services, payments, access arrangements, and account administration.

Legal Obligation

We may process personal data to comply with legal requirements such as tax recordkeeping, accounting obligations, responding to lawful requests, or maintaining records required by law.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This includes protecting premises, preventing misuse of services, handling disputes, improving security, and maintaining business records. Where we rely on legitimate interests, we take steps to balance our interests against your privacy rights.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or uses not covered by another lawful basis. Where consent is used, it will be freely given, specific, informed, and unambiguous. You may withdraw consent at any time without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests and Public Task

These bases are unlikely to apply in most storage-service situations, but may be used if necessary in exceptional circumstances involving safety or legal authority.

5. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, depending on the service they provide. Processors only act on our instructions and are contractually required to protect your data. Typical processors and recipients may include:

  • Payment processors who handle card payments, direct debits, and transaction verification;
  • IT and cloud service providers who support our booking, storage, and record management systems;
  • Security providers who help operate alarms, CCTV, access control, or monitoring systems;
  • Accountants and auditors who assist with financial compliance and reporting;
  • Legal and insurance advisers where advice or claims handling is needed;
  • Identity verification or fraud prevention services where appropriate;
  • Public authorities, law enforcement, and courts where disclosure is required by law or necessary to protect rights and safety.

We do not sell personal data. If personal data is transferred outside the UK or EEA, we will ensure appropriate safeguards are in place, such as an adequacy decision, standard contractual clauses, or another lawful transfer mechanism.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, contractual, accounting, or reporting requirements. The retention period depends on the type of information and the reason it was collected.

  • Contract and account records are generally kept for the duration of the service relationship and for a reasonable period afterward to manage claims, disputes, and business records.
  • Financial and tax records are retained for the period required by law.
  • Security records such as CCTV or access logs are normally kept only as long as needed for security, incident investigation, or legal purposes.
  • Communication records may be retained to evidence decisions, complaints handling, or service history.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures.

7. Your Rights Under GDPR

You have a number of rights in relation to your personal data, subject to certain legal limits and exceptions:

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete data.
  • Right to erasure – you can ask us to delete your data in certain circumstances.
  • Right to restriction – you can ask us to limit processing in certain situations.
  • Right to object – you can object to processing based on legitimate interests and to direct marketing where applicable.
  • Right to data portability – you may receive certain data in a structured, commonly used, machine-readable format.
  • Right to withdraw consent – where we rely on consent, you can withdraw it at any time.
  • Right to lodge a complaint – you may complain to the UK Information Commissioner’s Office or your local supervisory authority if you believe your data rights have been infringed.

We will respond to valid rights requests without undue delay and within the time limits required by law.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff training, encryption where appropriate, and regular review of internal procedures. While no system can be guaranteed completely secure, we work to maintain a high standard of protection.

9. Children’s Data

Our services are generally intended for adults or organisations acting through authorised representatives. We do not knowingly collect personal data from children unless it is necessary in a specific service context and permitted by law. Where children’s data is involved, we take extra care to ensure lawful processing and appropriate protection.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our services, or our data practices. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

11. Summary of Our Commitment

Dollishill Storage is committed to processing personal data responsibly, securely, and transparently. We collect only the information needed to provide storage services, we use it for clear and lawful purposes, we keep it only as long as necessary, and we respect the rights of our customers. This policy applies to all Dollishill Storage customers in area and is designed to support privacy, accountability, and trust.

Call Now!
Call Now Get a Quote
Dollishill Storage

GDPR-compliant privacy policy for Dollishill Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.