Privacy Policy - Newcross Storage

Effective date: This Privacy Policy applies to all Newcross Storage customers in area and explains how we collect, use, store, share, and protect personal data in line with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Newcross Storage is committed to protecting the privacy and security of personal information. This Privacy Policy sets out what data we collect, why we collect it, the lawful basis we rely on, how long we keep it, who may process it on our behalf, and the rights available to you under data protection law. It applies to all Newcross Storage customers in area, including prospective customers, current customers, account holders, visitors, and individuals whose details are provided to us in connection with storage services.

We only collect and use personal data where it is necessary, proportionate, and lawful. We also aim to be clear, transparent, and fair in the way we handle your information.

2. Personal Data We Collect

Depending on your relationship with us, we may collect the following categories of personal data:

  • Identity information: name, date of birth, and identification details used for verification purposes.
  • Contact information: address, email address, telephone number, and emergency contact details where supplied.
  • Account information: customer reference numbers, booking details, storage unit information, and records of services requested.
  • Payment information: payment card details, billing records, and transaction history. Where possible, payment data may be processed by secure payment providers rather than stored by us directly.
  • Usage information: records of access to storage facilities, entry logs, and related operational information.
  • Correspondence: communications with us by phone, email, written correspondence, or other channels.
  • Technical information: device identifiers, IP address, browser type, and similar information if collected through our digital systems or security controls.
  • CCTV and security records: images or recordings captured for security, safety, crime prevention, and site management.

We may also receive personal data from third parties, such as payment providers, identity verification services, insurers, legal advisers, debt recovery partners, or public authorities where legally permitted.

3. How We Use Personal Data

We use personal data to provide and manage storage services, including:

  • creating and administering customer accounts;
  • verifying identity and preventing fraud;
  • processing bookings, payments, and refunds;
  • managing access to facilities and safeguarding property;
  • responding to enquiries, complaints, and disputes;
  • maintaining business records and meeting accounting obligations;
  • improving our services, operations, and security;
  • complying with legal, regulatory, and insurance requirements.

We may also use data where necessary to establish, exercise, or defend legal claims. We will not use your personal data for purposes that are incompatible with the reasons for which it was collected unless we have a valid legal basis to do so.

4. Lawful Basis for Processing

Under the UK GDPR, we must have a lawful basis to process personal data. The main lawful bases we rely on are:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as setting up your storage agreement, managing access, handling payments, and delivering customer support.

Legal Obligation

We may process data to comply with legal duties, including tax, accounting, anti-fraud, security, and other regulatory obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided these interests do not override your rights and freedoms. Examples include protecting our premises, preventing misuse, improving service quality, and defending legal claims. Where we rely on legitimate interests, we assess the impact on your privacy and apply appropriate safeguards.

Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications or marketing preferences. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Sharing Your Data and Processors

We may share personal data with trusted third parties that help us operate our business. These parties act either as processors or independent controllers, depending on the service they provide.

Processors may include:

  • payment processing providers;
  • IT hosting, cloud storage, and software providers;
  • customer service and communications platforms;
  • identity verification and fraud prevention services;
  • security monitoring and CCTV system providers;
  • professional advisers acting on our instructions, such as accountants, auditors, and legal advisers;
  • collection or recovery agencies where payments are overdue.

We require processors to act only on our instructions, to keep data secure, and to comply with data protection law. Where a third party acts as an independent controller, that party is responsible for its own privacy practices.

We may also disclose personal data where required by law, court order, law enforcement request, or to protect our rights, customers, staff, or property.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy and to meet legal, accounting, and contractual requirements. Retention periods may vary depending on the type of data and the reason it was collected.

  • Customer and contract records: retained for the duration of the agreement and for a reasonable period afterwards for record-keeping, dispute handling, and legal claims.
  • Payment and accounting records: retained for periods required by tax and finance law.
  • Security records, including CCTV: retained only as long as necessary for security and incident investigation, unless needed for a legal matter.
  • Enquiry data: retained for a limited period if no contract is entered into.

When personal data is no longer required, we will delete, anonymise, or securely destroy it.

7. Your Rights

Depending on the circumstances and applicable law, you may have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete information.
  • Right to erasure: to request deletion of your data in certain situations.
  • Right to restriction: to ask us to limit how we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You may also have the right to complain to the Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve them promptly.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure storage, staff training, monitoring systems, and contractual safeguards with service providers. While no system can be guaranteed completely secure, we take data protection seriously and continually review our protections.

9. International Transfers

Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place and that the transfer complies with applicable data protection laws. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

11. Summary of Our Commitment

Newcross Storage is committed to processing personal data lawfully, fairly, and securely. We collect only what we need, use it for clear purposes, keep it only as long as necessary, and respect your rights under data protection law. This policy applies to all Newcross Storage customers in area and is intended to provide a transparent explanation of our privacy practices.

Call Now!
Call Now Get a Quote
Newcross Storage

GDPR-compliant Privacy Policy for Newcross Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.