Privacy Policy - Mitcham Storage

This Privacy Policy explains how Mitcham Storage collects, uses, stores, shares, and protects personal data. It applies to all Mitcham Storage customers in the area, including current, prospective, and former customers, and anyone who interacts with our services in connection with storage, administration, or account management. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who we are

Mitcham Storage provides storage-related services and associated administration. For the purposes of data protection law, we act as the data controller for the personal data we collect and determine the purposes and means of processing. This policy applies to personal data collected through our customer onboarding, account management, payments, security processes, and service communications.

2. Data we collect

We collect only the personal data that is necessary for the operation of our services, legal obligations, and legitimate business interests. Depending on how you interact with us, this may include:

  • Identity data: name, title, date of birth, and identification details where needed for verification.
  • Contact data: address, email address, telephone number, and emergency contact details if supplied.
  • Account data: customer reference details, booking information, contract records, preferences, and communications history.
  • Payment data: billing information, payment status, transaction records, and limited financial details needed to process payments.
  • Security data: CCTV images where applicable, access logs, key or entry records, incident reports, and site safety information.
  • Technical data: device, browser, and usage information when you interact with digital systems used for administration.
  • Special category data: we do not ordinarily seek this information. If it is provided incidentally, we will process it only where a lawful basis exists and additional safeguards apply.

We may receive data directly from you, from authorised representatives, from payment providers, from fraud prevention services, or from other third parties where necessary for our operations and legal compliance.

3. How we use your data

We use personal data for the following purposes:

  • to register and manage customer accounts;
  • to provide storage services and administer contracts;
  • to process payments and manage billing;
  • to verify identity and prevent fraud;
  • to communicate important service, account, or safety information;
  • to manage access, security, and incident handling;
  • to maintain records, audit trails, and legal evidence;
  • to comply with legal, regulatory, tax, and insurance obligations;
  • to improve our services, systems, and customer experience;
  • to defend or establish legal claims where necessary.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and have informed you where required.

4. Lawful basis for processing

Under data protection law, we must have a lawful basis for each type of processing. Mitcham Storage relies on the following bases:

Contract

We process data where it is necessary to enter into or perform our contract with you. This includes onboarding, service delivery, account management, billing, and customer support.

Legal obligation

We process data where necessary to comply with applicable laws and regulations, including tax, accounting, security, fraud prevention, and lawful record-keeping requirements.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include improving services, maintaining security, preventing misuse, handling disputes, and protecting business assets.

Consent

In limited situations, we may rely on your consent, for example where it is required for certain optional communications or non-essential processing. Where we rely on consent, you may withdraw it at any time without affecting processing carried out before withdrawal.

Vital interests

In rare circumstances, we may process personal data where necessary to protect someone’s vital interests, such as in an emergency or serious safety incident.

5. Data sharing and processors

We do not sell personal data. We may share it only where necessary and lawful. This may include sharing with trusted processors and third parties who help us deliver services, operate systems, or meet legal obligations. These may include:

  • Payment processors that handle transactions and payment verification;
  • IT and cloud service providers that store data and support our systems;
  • Security providers that assist with monitoring, access control, and incident management;
  • Professional advisers such as accountants, insurers, auditors, or legal advisers;
  • Regulators, law enforcement, and public authorities where disclosure is required by law or necessary to protect rights and safety;
  • Debt recovery or dispute resolution providers where applicable and lawful.

When we use processors, we ensure they act only on our instructions, keep data secure, and are subject to appropriate contractual safeguards. Where data is transferred outside the UK, we will use suitable transfer mechanisms to protect it.

6. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, insurance, and operational requirements. Retention periods depend on the type of data and the reason it is held.

  • Contract and account records are retained for the duration of the relationship and for a reasonable period afterwards.
  • Payment, invoicing, and tax records are retained for the period required by law and relevant accounting standards.
  • Security records, access logs, and incident reports are retained only as long as needed for safety, audit, or dispute resolution.
  • Enquiry records are kept for a limited period if no contract is formed.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

7. Security of your data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or alteration. These measures may include access restrictions, secure storage, encryption where appropriate, staff training, and internal policies designed to protect confidentiality. While no system can be guaranteed to be completely secure, we work to maintain a high standard of protection.

8. Your rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to legal limits, you may have the right to:

  • Access the personal data we hold about you;
  • Rectify inaccurate or incomplete information;
  • Erase your data in certain circumstances;
  • Restrict how we process your data in certain situations;
  • Object to processing based on legitimate interests or direct marketing;
  • Data portability for data you provided to us and which we process by automated means under certain lawful bases;
  • Withdraw consent where processing is based on consent;
  • Complain to the relevant supervisory authority if you believe your rights have been infringed.

To help protect your privacy, we may need to verify your identity before responding to a request. We will respond within the timeframe required by law and may extend that period where requests are complex or numerous.

9. Automated decision-making

Mitcham Storage does not ordinarily make decisions about you based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide appropriate information about the logic involved, the significance of the processing, and your rights.

10. Children’s data

Our services are intended for adults or those acting with proper authority. We do not knowingly collect personal data from children unless it is necessary and lawful in the context of service administration or authorised arrangements. If we become aware that data has been collected in error, we will take appropriate steps to delete or protect it.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. The updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their data is handled.

12. Summary of our approach

Mitcham Storage is committed to processing personal data responsibly, securely, and lawfully. We collect only what we need, use it for clear and limited purposes, retain it only as long as necessary, and work with processors that are contractually bound to protect it. We respect your rights and aim to make privacy practices transparent for every customer in the area.

By using our services, you acknowledge that you have read and understood this Privacy Policy.

Call Now!
Call Now Get a Quote
Mitcham Storage

GDPR-compliant Privacy Policy for Mitcham Storage covering data collection, lawful basis, retention, processors, rights, and area-wide customer applicability.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.