Privacy Policy - Pimlico Storage

Pimlico Storage is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal data in connection with our storage services. It applies to all Pimlico Storage customers in area, including prospective customers, current customers, account holders, authorised users, and any other individuals whose personal data we process in the course of providing our services.

1. Who We Are

This Privacy Policy describes how Pimlico Storage acts as a data controller when deciding how and why personal data is processed. In some situations, we may also act as a data processor where we handle information strictly on behalf of another organisation. We handle personal data in accordance with the UK GDPR, the Data Protection Act 2018, and any other applicable privacy laws.

2. Personal Data We Collect

We collect and process different types of personal data depending on how you interact with us and which services you use. The categories of data we may collect include:

  • Identity information such as your name, title, and date of birth where required.
  • Contact information such as your postal address, email address, and telephone number.
  • Account and contract details including customer reference numbers, storage unit details, billing records, and service preferences.
  • Payment information such as bank details, card-related information, and transaction records, processed securely through approved payment providers.
  • Access and security data such as entry logs, CCTV recordings, signatures, and identification checks used for site security and fraud prevention.
  • Communication data including emails, letters, forms, complaints, and customer service interactions.
  • Technical data such as IP address, device information, and website usage data if you interact with any online services we provide.

We only collect data that is necessary, relevant, and proportionate to the purposes described in this policy. Where possible, we limit collection to the minimum amount needed to provide and improve our services.

3. How We Use Your Data

We use personal data for the following purposes:

  • To set up and manage customer accounts.
  • To provide storage services and maintain access arrangements.
  • To process payments, invoices, refunds, and account balances.
  • To verify identity and prevent fraud, theft, or misuse of facilities.
  • To communicate with customers about bookings, renewals, payments, service changes, and account administration.
  • To meet legal, regulatory, tax, and insurance obligations.
  • To handle disputes, complaints, claims, and enforcement matters.
  • To improve our operations, security, and customer experience.

We do not use personal data for purposes that are incompatible with the reasons it was collected unless permitted by law or with your consent where needed.

4. Lawful Basis for Processing

We process personal data only where we have a lawful basis under applicable data protection law. The lawful bases we rely on include:

Contract

We process data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, taking payments, providing access, and fulfilling service requests.

Legal Obligation

We may process data to comply with laws and regulations, including accounting, tax, fraud prevention, health and safety, and lawful disclosure requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests include protecting our premises, improving services, managing business operations, and preventing misuse or unauthorised access.

Consent

In limited situations, we may rely on your consent, for example for certain marketing communications or optional services. Where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for business operations, legal compliance, and service delivery. These third parties may act as processors or independent controllers depending on the circumstances. When acting as processors, they process data only on our instructions and must protect it appropriately.

The categories of processors and recipients may include:

  • Payment processors that handle card and bank transactions securely.
  • IT and cloud service providers that support data storage, email systems, and security infrastructure.
  • Security service providers that assist with CCTV, access control, alarm monitoring, and site protection.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers.
  • Maintenance and operational contractors where access to personal data is necessary for service delivery or facility management.
  • Public authorities and regulators where disclosure is required by law, court order, or a lawful request.

We require processors to implement appropriate technical and organisational measures to protect your data. We do not sell personal data.

6. International Transfers

Where personal data is transferred outside the UK or the European Economic Area, we ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We take steps to ensure that your data remains protected to a standard consistent with applicable data protection requirements.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, operational, or reporting requirements. Retention periods depend on the type of data and the reason for processing.

  • Customer and contract records are usually retained for the duration of the service relationship and for a further period after the relationship ends to address queries, disputes, or claims.
  • Payment and transaction records are kept for the period required under tax and accounting laws.
  • Security records such as access logs and CCTV footage are retained for a limited period unless a longer period is required for an investigation or legal claim.
  • Communication records may be kept for the time necessary to manage ongoing customer service, compliance, or legal matters.

When data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in line with our retention procedures.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, encryption, secure storage, staff training, monitoring, and restricted permissions. While no system can be guaranteed to be completely secure, we continually review and improve our safeguards to reduce risk.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply in full or in part depending on the circumstances and the lawful basis for processing. Your rights include:

  • The right of access to request a copy of the personal data we hold about you.
  • The right to rectification to correct inaccurate or incomplete data.
  • The right to erasure in certain circumstances, also known as the right to be forgotten.
  • The right to restrict processing where you question the accuracy of the data or object to processing in specific situations.
  • The right to data portability for data provided by you that we process by automated means under certain lawful bases.
  • The right to object to processing based on legitimate interests or direct marketing.
  • The right to withdraw consent where processing is based on consent.

If you exercise any of these rights, we will respond within the time limits set by law and may ask for information to verify your identity. In some cases, we may not be able to comply fully if an exemption applies or if we are required to retain the data for legal reasons.

10. Marketing Preferences

Where we send marketing communications, we do so in line with applicable law. You can object to direct marketing at any time, and we will stop using your personal data for that purpose. If marketing is based on consent, you may withdraw consent whenever you choose. Your choice will not affect the delivery of essential service-related communications.

11. Children’s Data

Our services are intended for adult customers and business users. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful service arrangement and appropriate safeguards are in place. If we become aware that we have collected data from a child without a valid legal basis, we will take steps to delete or otherwise handle that data appropriately.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is issued unless stated otherwise. We encourage customers to review the policy periodically to stay informed about how we process personal data.

13. Summary of Key Commitments

In summary, Pimlico Storage only processes personal data for clear and lawful purposes, retains it for no longer than necessary, and uses trusted processors under appropriate safeguards. We aim to be transparent, fair, and accountable in every stage of processing. All Pimlico Storage customers in area are covered by this Privacy Policy.

Call Now!
Call Now Get a Quote
Pimlico Storage

GDPR-compliant Privacy Policy for Pimlico Storage covering data collection, lawful basis, retention, processors, user rights, and customer scope in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.