Privacy Policy - Morden Storage

Effective date: This Privacy Policy applies to all Morden Storage customers in the area and explains how we collect, use, share, store, and protect personal data in connection with our storage services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018. This policy is intended to help customers understand what information we collect, why we collect it, how long we keep it, and what rights individuals have over their information.

1. Data We Collect

We collect only the personal data that is necessary for providing our storage services, managing our business, and meeting legal obligations. Depending on your relationship with Morden Storage, we may collect the following categories of information:

  • Identity information: name, date of birth, and proof of identity where required.
  • Contact information: postal address, email address, and telephone number.
  • Account and service information: storage unit details, booking records, payment status, contract dates, and correspondence relating to your account.
  • Financial information: billing details, payment records, and limited transaction information necessary to process payments and maintain accounting records.
  • Access and security information: key or access credentials, entry logs, CCTV footage where in operation, and records of site visits for security and operational purposes.
  • Communications: emails, messages, call notes, complaint records, and any other information you choose to provide when contacting us.
  • Technical information: basic device or usage data if collected through digital systems used to manage bookings, access, or service administration.

We do not intentionally collect special category data unless you provide it to us voluntarily and it is necessary for a specific legal or operational reason. If such data is provided, we will handle it with additional care and only where permitted by law.

2. How We Use Your Data

We use personal data for clearly defined purposes connected with our services and legal obligations. These purposes may include:

  • setting up and managing customer accounts;
  • providing storage services and administering storage units;
  • processing payments, issuing invoices, and managing arrears;
  • verifying identity and preventing fraud;
  • monitoring site safety and securing our premises;
  • responding to enquiries, complaints, and service requests;
  • maintaining business records and carrying out internal administration;
  • complying with legal, tax, accounting, and regulatory requirements;
  • exercising or defending legal claims where necessary.

We only use personal data for purposes that are compatible with the reason it was collected. Where we need to use data for a new purpose, we will assess whether that purpose is lawful and appropriate before doing so.

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the context, the lawful basis may include:

Performance of a contract

We process personal data when it is necessary to enter into or perform our storage agreement with you. This includes managing your booking, providing access to your unit, billing, and supporting the services you have requested.

Legal obligation

We may process personal data to comply with legal requirements, including accounting rules, tax obligations, fraud prevention duties, and any lawful requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting our property, improving service quality, preventing misuse, managing disputes, and ensuring operational efficiency. When relying on legitimate interests, we assess the impact on individuals and apply safeguards where appropriate.

Consent

In limited circumstances, we may rely on consent, for example where it is required for optional communications or certain non-essential uses of information. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Vital interests or public interest

These bases are rarely relevant to our services, but we may process personal data where necessary to protect someone’s vital interests or where required for tasks carried out in the public interest and authorised by law.

4. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors on our behalf or, in some cases, as independent controllers. We only share data where it is necessary and lawful to do so.

Processors may include:

  • payment service providers;
  • IT and cloud storage service providers;
  • security and CCTV service suppliers;
  • customer management and booking system providers;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • maintenance and facilities contractors where access is required for operational reasons;
  • debt recovery or dispute resolution services where required to protect our lawful interests.

All processors are required to handle personal data securely, use it only for specified purposes, and maintain appropriate technical and organisational safeguards. We do not sell personal data.

We may also disclose information if required by law, court order, or regulatory request, or where necessary to protect the rights, safety, or property of Morden Storage, our customers, staff, or the public.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including meeting legal, accounting, and reporting obligations. The exact retention period depends on the type of information and the reason we hold it.

  • Contract and account records: retained for the duration of the customer relationship and for a reasonable period afterwards to manage disputes or claims.
  • Payment and invoice records: retained in line with tax and accounting requirements.
  • Security records and access logs: retained for a limited period unless longer retention is needed for an investigation, legal claim, or security issue.
  • Correspondence and complaint records: retained while relevant to service management and record-keeping.

When personal data is no longer needed, we will delete it, anonymise it, or securely archive it in accordance with our retention practices. Retention periods are reviewed regularly to ensure that data is not kept longer than necessary.

6. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to legal exceptions and limitations, but we will always consider requests carefully and respond appropriately.

  • Right of access: you may request confirmation of whether we hold your data and obtain a copy of it.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: in certain circumstances, you may request deletion of your data.
  • Right to restriction: you may ask us to limit how we use your data in specific situations.
  • Right to object: you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability: where processing is based on consent or contract and carried out by automated means, you may request a copy in a structured, commonly used format.
  • Right to withdraw consent: where processing relies on consent, you may withdraw it at any time.

We will not subject you to automated decision-making that produces legal or similarly significant effects unless permitted by law and with appropriate safeguards. If such processing were ever used, we would explain it clearly.

7. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include restricted access controls, secure systems, staff training, confidentiality obligations, and regular security reviews. However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security.

8. International Transfers

If any processor or service provider stores or accesses personal data outside the UK, we will ensure that appropriate safeguards are in place as required by law. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent protections designed to keep your data safe and lawful.

9. Children’s Data

Our services are aimed at adult customers. We do not knowingly collect personal data from children unless it is necessary in limited circumstances and permitted by law. If we become aware that we have collected data unlawfully, we will take steps to delete it or handle it lawfully as soon as practicable.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their data is handled.

11. Complaints

If you have concerns about how your personal data is handled, you may raise them with us so that we can review and address the issue. You also have the right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed.

By using Morden Storage services, you acknowledge that your personal data will be processed in accordance with this Privacy Policy and applicable data protection laws.

Call Now!
Call Now Get a Quote
Morden Storage

GDPR-compliant Privacy Policy for Morden Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.