Privacy Policy - Forestgate Storage

Forestgate Storage is committed to protecting the privacy and personal data of all customers in the area where our services are provided. This Privacy Policy explains how we collect, use, share, store, and protect personal data in connection with our storage services, customer support, billing, account management, security, and related operations. It applies to all Forestgate Storage customers in area and to individuals who contact us or use our services on behalf of a customer.

1. Scope of this Privacy Policy

This Policy applies to personal data processed by Forestgate Storage when you:

  • rent or use a storage unit;
  • create or manage an account;
  • make payments or receive invoices;
  • communicate with us about services, access, security, or administration;
  • visit our premises or interact with our systems and services;
  • provide information to satisfy legal, contractual, or safety requirements.

We process personal data in accordance with applicable data protection law, including the General Data Protection Regulation (GDPR), and we aim to ensure that all processing is fair, lawful, transparent, and limited to what is necessary.

2. Data We Collect

We collect only the information needed to operate our services and meet legal and business obligations. Depending on your relationship with us, we may collect the following categories of data:

2.1 Information you provide directly

  • Identity details such as name, date of birth, and signature;
  • Contact details such as postal address, email address, and telephone number;
  • Account details such as customer reference numbers, rental preferences, and service history;
  • Payment details such as billing information and transaction records;
  • Access and security information such as access codes, key records, or authorisation details;
  • Communications such as enquiries, complaints, feedback, and other correspondence.

2.2 Information collected automatically

  • Usage information related to your use of our services and facilities;
  • Security records such as CCTV footage, entry logs, and incident reports, where applicable;
  • Technical information such as device identifiers or system logs when you use digital services;
  • Location-related information limited to what is necessary for operational or security purposes.

2.3 Information from third parties

We may receive personal data from third parties where needed to provide our services, for example from payment providers, identity verification services, contractors, insurers, legal representatives, or public authorities. We only accept such information where the third party has a lawful right to share it with us.

3. How We Use Personal Data

We process personal data for the following purposes:

  • to provide and manage storage services;
  • to set up and administer customer accounts;
  • to process payments, refunds, and billing matters;
  • to verify identity and protect against fraud or misuse;
  • to manage access to premises and maintain security;
  • to respond to enquiries, complaints, and service requests;
  • to maintain records for operational, financial, and legal purposes;
  • to comply with legal obligations and lawful requests;
  • to improve our services, systems, and customer experience;
  • to defend or establish legal claims where necessary.

We will always process your data only where there is a valid legal basis to do so.

4. Lawful Basis for Processing

Under GDPR, we rely on one or more of the following lawful bases:

4.1 Contract

We process personal data when it is necessary to enter into or perform a contract with you, including managing your storage agreement, handling billing, and providing access to the service.

4.2 Legal obligation

We process data where required to comply with legal duties, including tax, accounting, fraud prevention, security, and record-keeping obligations.

4.3 Legitimate interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided that these interests do not override your rights and freedoms. Examples include protecting our property, preventing theft or misuse, improving operations, and handling disputes.

4.4 Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications or uses of data. Where consent is used, you may withdraw it at any time, and this will not affect the lawfulness of processing before withdrawal.

5. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, security, and contractual requirements. Retention periods depend on the type of information and the purpose of processing.

As general principles:

  • Customer and contract records are retained for the duration of the relationship and for a reasonable period afterwards;
  • Financial records are kept for the period required by tax and accounting law;
  • Security records such as CCTV or access logs are retained only as long as necessary for security and incident review;
  • Complaint and correspondence records are maintained for the time needed to resolve issues and support legal compliance;
  • Legal claim records may be retained until the end of applicable limitation periods.

When data is no longer required, we will delete, anonymise, or securely destroy it.

6. Processors and Sharing of Data

We may share personal data with trusted processors and other third parties who help us operate our business. These parties are only permitted to process data on our instructions and must protect it in accordance with applicable law and contractual safeguards.

Processors may include:

  • payment service providers for payment handling and transaction processing;
  • IT and cloud service providers for hosting, storage, maintenance, and system support;
  • security providers for surveillance, monitoring, or incident response services;
  • accounting and administration providers for bookkeeping and operational support;
  • legal, insurance, or professional advisers where advice or claims handling is required;
  • contractors and maintenance providers when access to limited data is needed to perform services.

We may also disclose data to law enforcement, courts, regulators, or other public authorities where required by law or where necessary to protect our rights, customers, staff, property, or the safety of others.

We do not sell personal data.

7. International Transfers

If any personal data is transferred outside the United Kingdom or the European Economic Area, we will ensure that appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms. We will only transfer data where permitted by law and where suitable protections are available.

8. Your Rights Under GDPR

Depending on the circumstances and the legal basis for processing, you have the following rights:

  • Right of access – to request a copy of your personal data;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain cases;
  • Right to restriction – to ask us to limit how we use your data in certain circumstances;
  • Right to data portability – to receive certain data in a structured, commonly used format;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to withdraw consent – where processing is based on consent;
  • Right not to be subject to solely automated decisions with legal or similarly significant effects, where applicable.

If you wish to exercise any of these rights, we may need to verify your identity before responding. Some rights may be limited where retention or disclosure is required by law or where an exemption applies.

9. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, destruction, alteration, or disclosure. These measures may include access controls, secure storage, staff training, restricted permissions, monitoring, and contractual safeguards with processors. While no system can be guaranteed completely secure, we take reasonable steps to reduce risk and respond appropriately to incidents.

10. Children’s Data

Our services are intended for adults or authorised representatives acting on behalf of a customer. We do not knowingly collect personal data from children except where it is necessary and lawful, for example in relation to an authorised contact or emergency circumstance. If we become aware that we have collected data inappropriately, we will take reasonable steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this Policy periodically so they remain informed about how their data is handled.

Summary: Forestgate Storage explains how customer data is collected, used, retained, shared with processors, and protected under GDPR, and outlines customer rights for all customers in area.

Call Now!
Call Now Get a Quote
Forestgate Storage

Forestgate Storage explains how customer data is collected, used, retained, shared with processors, and protected under GDPR, plus customer rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.