Privacy Policy - Thehale Storage

Thehale Storage is committed to protecting the privacy and personal data of our customers. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR), where it applies. This policy applies to all Thehale Storage customers in area, including prospective customers, current customers, and individuals who interact with us in relation to storage services.

1. Scope of This Policy

This Privacy Policy applies to personal data processed by Thehale Storage in connection with our storage services, account management, customer support, billing, site access, and related business operations. It covers information collected from individuals directly and, in some cases, from third parties where permitted by law.

We handle personal data in a manner that is lawful, fair, and transparent. We aim to collect only the information that is necessary for defined purposes and to retain it only for as long as required.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity information: name, title, date of birth, and identification details where required for verification.
  • Contact information: postal address, email address, and telephone number.
  • Account and customer records: service preferences, account identifiers, contract details, and communication history.
  • Payment information: billing details, transaction records, and limited financial information needed to process payments.
  • Access and security information: entry logs, access records, CCTV footage where applicable, and security-related incident reports.
  • Device and technical data: IP address, browser type, and usage information when you interact with our digital systems.
  • Correspondence: emails, calls, written messages, complaints, feedback, and support requests.

We do not seek to collect special category data unless it is necessary, lawful, and clearly relevant to a specific service, compliance obligation, or request made by you. Where such data is processed, we apply additional safeguards required by law.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide and manage storage services;
  • to verify identity and maintain account security;
  • to process payments, invoices, and refunds;
  • to communicate service updates, notices, and account matters;
  • to respond to enquiries, complaints, and support requests;
  • to maintain records for legal, contractual, and operational purposes;
  • to detect, investigate, and prevent fraud, misuse, or security incidents;
  • to comply with legal and regulatory obligations;
  • to improve our services, systems, and internal processes;
  • to protect the rights, property, and safety of Thehale Storage, our customers, and others.

We will only use your personal data for the purposes for which it was collected, unless we reasonably determine that a different but compatible purpose applies or a legal basis otherwise permits the new use.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis to process personal data. Depending on the context, Thehale Storage may rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up storage agreements, administering services, collecting fees, and providing customer support related to the contract.

Legal obligation

We may process personal data where necessary to comply with legal duties, including accounting, tax, fraud prevention, safety obligations, and lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. Examples include service improvement, security monitoring, preventing misuse, and internal administration.

Consent

In limited circumstances, we may ask for your consent to process personal data. Where consent is used as the lawful basis, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

Vital interests and public task

Although uncommon in our normal operations, we may process data where necessary to protect vital interests or where required for a task carried out in the public interest or under official authority, if applicable.

5. Data Sharing and Processors

We may share personal data with trusted third parties that help us operate our business. These parties act as processors or, in some cases, independent controllers. We require appropriate contractual and technical safeguards before sharing data.

Processors may include:

  • Payment processors: to handle card or electronic payments securely;
  • IT and cloud service providers: to store data, host systems, and maintain infrastructure;
  • Security providers: to support access control, alarm monitoring, and CCTV-related services;
  • Professional advisers: such as accountants, auditors, legal advisers, and insurers;
  • Customer service tools: to manage communications and service requests;
  • Compliance and identity verification providers: where needed for lawful checks;
  • Delivery or logistics partners: only when required to support an agreed service.

We may also disclose personal data where necessary to comply with law, enforce agreements, protect our rights, investigate suspected wrongdoing, or respond to lawful requests from regulators, courts, or law enforcement.

We do not sell personal data. Where data is transferred outside the UK or EEA, we will use approved safeguards such as adequacy decisions, standard contractual clauses, or equivalent lawful transfer mechanisms.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including legal, accounting, operational, and dispute-resolution requirements. Retention periods vary depending on the type of data and the purpose for which it is processed.

  • Customer contract and account records: kept for the duration of the relationship and for a reasonable period thereafter.
  • Financial and tax records: retained for the period required by law.
  • Security records and access logs: kept for a limited period unless longer retention is required for an incident, investigation, or legal claim.
  • Correspondence and support records: retained as needed to manage enquiries, resolve disputes, and demonstrate compliance.

When retention is no longer necessary, data is securely deleted, anonymised, or archived in line with legal and operational requirements. Retention is regularly reviewed to ensure we do not keep information longer than needed.

7. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, alteration, disclosure, or destruction. These measures may include restricted access, encryption, secure storage, staff training, monitoring, and contractual controls with processors.

While we take security seriously, no system can be guaranteed to be completely secure. In the event of a personal data breach, we will assess the risk and take action as required by law, including notification where necessary.

8. Your Rights Under GDPR

Where GDPR applies, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete information.
  • Right to erasure: to request deletion of your personal data in certain circumstances.
  • Right to restriction: to request limited processing in specific situations.
  • Right to data portability: to receive certain data in a structured, commonly used format and have it transmitted where feasible.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can address them promptly.

These rights may be subject to legal limitations and exemptions. For example, we may be unable to delete certain records if we must retain them for legal, regulatory, or contractual reasons.

9. Children’s Data

Our services are intended for adult customers and business-related users. We do not knowingly collect personal data from children unless required in connection with a lawful service arrangement or legal obligation. If we become aware that we have collected data from a child without appropriate authorisation, we will take steps to delete it where required.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or services. Any revised version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

11. Fair Processing Commitment

Thehale Storage is committed to ensuring that personal data is processed lawfully, transparently, and securely. We will only process data where we have a valid legal reason to do so, and we will respect your rights under data protection law. If you use our services, you acknowledge that we may process your personal data in accordance with this policy and applicable legal requirements.

By maintaining clear records, limiting access to authorised personnel, and working with carefully selected processors, we aim to uphold a privacy standard that is both responsible and compliant.

Call Now!
Call Now Get a Quote
Thehale Storage

GDPR-compliant Privacy Policy for Thehale Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.