Privacy Policy - Sandsend Storage

This Privacy Policy explains how Sandsend Storage collects, uses, shares, stores, and protects personal data. It applies to all Sandsend Storage customers in the area, including prospective customers, current customers, former customers, visitors to our premises, and individuals who interact with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to anyone whose personal data we process in connection with Sandsend Storage services. Personal data means any information that can identify a living person, either directly or indirectly. This may include names, contact details, address information, payment information, identification records, access records, and communications with us.

We only collect and use personal data where it is necessary for our storage operations, legal obligations, or other lawful purposes described in this policy.

2. Data we collect

We may collect and process the following categories of personal data:

  • Identity data, such as your name and, where needed, proof of identity.
  • Contact data, such as postal address, email address, and telephone number.
  • Contract data, such as account details, storage unit details, service terms, and records of your agreements with us.
  • Payment data, such as billing records, transaction details, and limited payment information necessary to process fees.
  • Access and security data, such as entry logs, key or access code records, and CCTV footage where used for security and safety purposes.
  • Communication data, such as emails, letters, notes from calls, complaints, queries, and support requests.
  • Technical data, such as device or browser information if you interact with our digital systems, if applicable.

In some circumstances, we may also collect information needed to meet legal, insurance, or regulatory obligations. We do not intentionally collect special category data unless it is necessary and a lawful basis applies.

3. How we use your personal data

We use personal data for the following purposes:

  • To provide storage services and manage your account.
  • To process payments, issue invoices, and handle refunds or account queries.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To maintain security, including site access control and monitoring where appropriate.
  • To communicate with you about your account, service updates, or operational matters.
  • To meet legal, tax, insurance, health and safety, and regulatory requirements.
  • To resolve disputes, enforce agreements, and manage claims.
  • To improve our services and manage business administration.

We will only use your data for purposes that are compatible with the reason it was collected, unless we have a lawful basis to use it for another legitimate purpose.

4. Lawful basis for processing

Under UK GDPR, we must have a lawful basis to process personal data. Sandsend Storage relies on the following bases where appropriate:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, administering your account, billing, and providing the services you request.

Legal obligation

We process certain data where required to comply with legal obligations, such as accounting, tax, safety, fraud prevention, and record-keeping requirements.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Examples include improving our services, securing our premises, preventing misuse, managing disputes, and protecting our business and customers.

Consent

Where we rely on your consent, we will explain this clearly. You may withdraw consent at any time, but this will not affect processing carried out before withdrawal. Consent is not usually required for core storage services.

5. Sharing your data and processors

We may share personal data with trusted third parties where necessary to operate our business, deliver services, or comply with the law. These third parties may act as processors or independent controllers depending on the circumstances.

Examples of processors may include:

  • Payment service providers used to process transactions.
  • IT and cloud storage providers that host data or support our systems.
  • Security providers, including CCTV or alarm monitoring service providers, where applicable.
  • Professional advisers such as accountants, insurers, legal advisers, or auditors.
  • Maintenance, facilities, or service contractors where access to limited personal data is necessary.

We require processors to handle personal data securely, act only on our instructions where applicable, and maintain appropriate confidentiality and data protection standards. We do not sell personal data.

We may also disclose personal data if required by law, court order, regulatory authority, or to protect the rights, property, or safety of Sandsend Storage, our customers, staff, or others.

6. Data retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods depend on the type of data and the reasons for processing.

  • Contract and account records are usually kept for the duration of the service relationship and for a further period to handle queries or disputes.
  • Financial and tax records are retained in line with legal and accounting requirements.
  • Security records, such as access logs or CCTV footage, are kept only for as long as necessary for safety, security, or incident investigation purposes.
  • Correspondence and complaints may be retained for a reasonable period to evidence decisions and support service administration.

When data is no longer needed, we will delete it securely or anonymise it so it can no longer identify you.

7. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, restricted permissions, secure storage, staff training, and physical safeguards. While we work hard to protect personal data, no method of transmission or storage is completely secure.

8. Your rights

Under data protection law, you have a number of rights in relation to your personal data. Depending on the circumstances, these may include:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to ask us to correct inaccurate or incomplete data.
  • Right to erasure - to request deletion of your data in certain situations.
  • Right to restriction - to ask us to limit how we use your data in certain situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent - where processing is based on consent.

You also have the right to lodge a complaint with the UK Information Commissioner's Office if you believe your data has been handled unlawfully. We encourage you to raise concerns with us first so we can try to resolve them promptly.

9. Data accuracy and your responsibilities

We rely on the information you provide being accurate and up to date. Please ensure that your personal details are correct and let us know if changes are needed. Keeping your information current helps us provide services, communicate effectively, and meet legal obligations.

10. International transfers

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place in accordance with data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

11. Automated decision-making

We do not use personal data for automated decision-making that produces legal or similarly significant effects on individuals, unless we inform you otherwise and a lawful basis applies. If we ever introduce such processing, we will provide clear information about how it works and your rights.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or the way we process data. Any updated version will apply from the date it is published or otherwise communicated. We encourage you to review this policy periodically so you remain informed about how we protect your information.

13. Summary of our commitments

  • We process personal data lawfully, fairly, and transparently.
  • We collect only data that is necessary for storage services and related obligations.
  • We share data only with trusted processors or where required by law.
  • We keep data only as long as needed and then delete or anonymise it securely.
  • We respect your rights and aim to handle requests appropriately and within legal timeframes.

Sandsend Storage is committed to protecting your privacy and treating personal data with care and responsibility. This policy is designed to explain our practices clearly and to support compliance with applicable data protection law.

Call Now!
Call Now Get a Quote
Sandsend Storage

GDPR-compliant Privacy Policy for Sandsend Storage covering data use, lawful bases, retention, processors, and customer rights across the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.