Privacy Policy - Sipson Storage

Sipson Storage is committed to protecting the privacy and personal data of our customers, prospective customers, and anyone who interacts with our services. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Sipson Storage customers in area, including individuals and businesses who use, enquire about, or otherwise engage with our storage services.

1. Who We Are

For the purposes of data protection law, Sipson Storage acts as the data controller for personal data that we collect and process in connection with our storage services, customer accounts, administration, billing, security, and service communications. This means we determine the purposes and means of processing personal data in a lawful and transparent way.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as your name, title, and date of birth where needed for verification.
  • Contact data such as your address, email address, and telephone number.
  • Account and contract data including booking details, storage unit information, payment status, and service preferences.
  • Payment data such as billing information, transaction records, and limited payment card details processed through secure payment providers.
  • Verification data where necessary to confirm identity, prevent fraud, or comply with legal obligations.
  • Communications data including correspondence, complaints, enquiries, and records of support requests.
  • Security data such as CCTV recordings, access logs, incident reports, and visitor records where applicable.
  • Technical data where you interact with our digital systems, such as device or browser information, IP address, and usage data.

We generally collect personal data directly from you when you make an enquiry, sign up for services, communicate with us, or use our facilities. In some cases, we may receive information from third parties, such as payment service providers, identity verification services, insurers, legal advisers, or public authorities.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To provide storage services and manage customer accounts.
  • To process bookings, contracts, renewals, and payments.
  • To verify identity, prevent fraud, and maintain site security.
  • To communicate service updates, operational notices, and administrative information.
  • To handle enquiries, complaints, and customer support requests.
  • To comply with legal, regulatory, tax, accounting, and insurance obligations.
  • To protect the rights, property, and safety of Sipson Storage, our customers, staff, and visitors.
  • To improve our services, systems, and customer experience.

We only process personal data where it is necessary and where we have a lawful basis to do so.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Depending on the situation, we may rely on one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your account, providing storage space, managing payments, and administering your services.

Legal Obligation

We process personal data where necessary to comply with laws and regulations, including obligations relating to tax, accounting, anti-fraud measures, health and safety, and lawful requests from public authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include protecting our premises, preventing misuse of our services, improving operations, maintaining records, and resolving disputes. Where we rely on legitimate interests, we consider the impact on your privacy and take appropriate safeguards.

Consent

In limited cases, we may rely on your consent, for example where required for certain optional communications or specific types of processing. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Retention of Personal Data

We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, and reporting requirements. The length of retention depends on the type of data and the purpose of processing.

  • Customer and contract records are typically retained for the duration of the relationship and for a period after it ends to manage claims, disputes, and compliance obligations.
  • Financial and accounting records are retained for the period required by applicable tax and accounting laws.
  • Security records such as CCTV footage and access logs are retained for a limited period unless needed for incident investigation or legal proceedings.
  • Communications and support records are retained for as long as needed to resolve the matter and maintain appropriate business records.

When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices.

6. Processors and Third Parties

We may share personal data with trusted third-party service providers who act as processors on our behalf. These providers are only permitted to process your data in accordance with our instructions and applicable data protection law.

Examples of processors and service partners may include:

  • Payment processing providers.
  • Information technology and cloud hosting providers.
  • Security and surveillance service providers.
  • Customer administration and communications providers.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers.

We may also disclose personal data where required to comply with legal obligations, enforce our agreements, protect our rights, or respond to lawful requests from courts, regulators, or law enforcement agencies. We do not sell personal data.

7. International Transfers

Where personal data is transferred outside the UK, we take steps to ensure that appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms permitted under data protection law.

8. Data Security

We take the security of personal data seriously and use appropriate technical and organisational measures to reduce the risk of loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff training, encryption where appropriate, and regular review of security practices.

While no system can be guaranteed to be completely secure, we work to protect personal data in a manner proportionate to the risks involved.

9. Your Rights

As a data subject, you have certain rights under data protection law. Subject to legal limitations and exemptions, these may include:

  • Right of access to request a copy of the personal data we hold about you.
  • Right to rectification to ask us to correct inaccurate or incomplete personal data.
  • Right to erasure to request deletion of your personal data in certain circumstances.
  • Right to restriction to ask us to limit how we use your personal data in certain cases.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent where processing is based on consent.

You also have the right to raise a concern with the Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to contact us first so that we can try to resolve any concerns directly.

10. Children’s Data

Our services are generally intended for adults and businesses. We do not knowingly collect personal data from children except where required in connection with lawful service arrangements, safeguarding, or legal obligations. If we become aware that personal data has been collected from a child in error, we will take appropriate steps to delete or protect it.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the time it is made available. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

12. Summary of Our Commitment

Sipson Storage respects your privacy and aims to handle personal data lawfully, fairly, and transparently. We collect only what we need, use it for clear purposes, retain it for appropriate periods, and protect it with suitable security measures. This policy applies to all Sipson Storage customers in area and forms part of our commitment to responsible data protection.

In short: we collect limited personal data to provide storage services, rely on lawful bases such as contract, legal obligation, legitimate interests, and consent where appropriate, keep data only as long as necessary, use processors under contract, and respect your privacy rights under the law.

Call Now!
Call Now Get a Quote
Sipson Storage

GDPR-compliant Privacy Policy for Sipson Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.