Privacy Policy - Turnpikelane Storage

This Privacy Policy explains how Turnpikelane Storage collects, uses, stores, shares, and protects personal data when providing self-storage and related services. This policy applies to all Turnpikelane Storage customers in the area, including individuals, households, and business account holders who use our storage facilities, services, or customer support channels.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, where applicable. We only process personal data when we have a valid legal basis and only for specified, legitimate purposes.

1. Personal Data We Collect

Turnpikelane Storage collects only the personal data necessary to operate our services, manage accounts, maintain site security, and meet legal obligations. The information we may collect includes:

  • Identity details such as your name, date of birth, and signature.
  • Contact details such as postal address, email address, and telephone number.
  • Account and transaction information such as billing records, payment status, service history, and storage unit allocation.
  • Identification and verification information where required for fraud prevention, security, or compliance purposes.
  • Vehicle and access information such as registration details, entry logs, and gate access records.
  • Security records such as CCTV footage, visitor logs, incident reports, and access monitoring data.
  • Communications including emails, phone notes, complaints, queries, and service requests.
  • Technical data such as device or browser information when you interact with our digital systems.

We do not seek to collect more personal data than is needed for the purposes described in this policy. Where possible, we limit access to personal data to authorised personnel only.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To register customers and create storage accounts.
  • To provide access to storage units and manage facility operations.
  • To process payments, deposits, refunds, and account administration.
  • To communicate with customers about bookings, renewals, notices, and service updates.
  • To maintain safety and security across our facilities.
  • To detect and prevent fraud, misuse, theft, unauthorised access, or other unlawful activity.
  • To handle complaints, disputes, and customer support matters.
  • To meet legal and regulatory obligations, including accounting and tax requirements.
  • To establish, exercise, or defend legal claims where necessary.

We do not sell personal data. We do not use personal data for unrelated marketing without a lawful basis and, where required, your consent. If marketing communications are sent, you may opt out where applicable.

3. Lawful Basis for Processing

Turnpikelane Storage processes personal data only when a lawful basis under GDPR applies. Depending on the context, the lawful basis may be one or more of the following:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up storage agreements, managing access, collecting fees, and providing services you have requested.

Legal Obligation

We process personal data where required to comply with laws and regulations, such as accounting, tax, fraud prevention, and lawful disclosure obligations.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting property, ensuring site security, preventing misuse, improving operations, and responding to customer enquiries.

Consent

In limited cases, we may rely on your consent, for example where consent is required for certain optional communications or specific uses of data. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Sharing Personal Data with Processors and Other Third Parties

We may share personal data with trusted third parties that support our operations. Where such parties process personal data on our behalf, they act as processors and are contractually required to protect the data and process it only under our instructions.

Examples of processors or third-party service providers may include:

  • Payment service providers for handling card or electronic payments.
  • IT and hosting providers for maintaining our systems, records, and security infrastructure.
  • CCTV, alarm, and access-control providers for site security and monitoring.
  • Maintenance and facilities contractors where access to limited data is needed to carry out services.
  • Professional advisers such as accountants, auditors, insurers, or legal advisers.
  • Debt recovery or enforcement partners where necessary for unpaid accounts or contractual enforcement.

We may also disclose personal data to public authorities, regulators, law enforcement, or courts where required by law or where reasonably necessary to protect our legal rights, the safety of our customers, or the security of the facility.

Where personal data is transferred outside the UK or EEA, we will ensure that appropriate safeguards are in place to protect that information in accordance with applicable law.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, to comply with legal obligations, and to resolve disputes or enforce agreements. Retention periods vary depending on the type of data and the purpose of processing.

  • Account and contract records are generally kept for the duration of the customer relationship and for a reasonable period afterwards for administration and legal purposes.
  • Financial and transaction records are retained for the period required by accounting and tax laws.
  • Security records such as CCTV footage and access logs are kept only as long as necessary for security, incident investigation, or legal compliance.
  • Communications and complaint records are retained for as long as needed to manage the matter and any follow-up obligations.

When personal data is no longer required, we will delete it securely, anonymise it, or otherwise ensure it is no longer identifiable. Retention periods may vary based on legal requirements and operational needs.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, password protection, restricted staff permissions, secure storage, logging, and staff confidentiality obligations.

While we take reasonable steps to safeguard data, no system can be guaranteed to be completely secure. We therefore encourage customers to notify us promptly of any suspected misuse of their account or unauthorised access to their information.

7. Your Rights Under GDPR

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit processing in certain situations.
  • Right to data portability – to receive certain data in a structured, commonly used format.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

To exercise your rights, you may submit a request through the appropriate customer service process. We may need to verify your identity before responding. We will respond within the time limits required by law, usually within one month, subject to lawful extensions in complex cases.

You also have the right to lodge a complaint with your local data protection authority if you believe your personal data has been handled unlawfully.

8. Children’s Data

Our services are intended for adults and business users. We do not knowingly collect personal data from children except where it is incidentally provided in connection with a customer relationship and is necessary for lawful business administration. If we become aware that we have collected data unlawfully from a child, we will take appropriate steps to delete or protect that data.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, our business practices, or the services we provide. Any updated version will apply from the date it is made available. Customers are encouraged to review this policy periodically to stay informed about how personal data is handled.

10. Summary of Our Commitments

  • We collect only the personal data needed to provide secure storage services.
  • We process personal data on lawful bases including contract, legal obligation, legitimate interests, and consent where appropriate.
  • We retain data only as long as necessary and dispose of it securely.
  • We use processors under written terms that protect your data.
  • We respect your GDPR rights and provide a transparent, accountable approach to data protection.

Turnpikelane Storage is committed to treating personal data with care, respect, and accountability. By using our services, customers acknowledge that their data will be processed in accordance with this Privacy Policy and applicable data protection law.

Call Now!
Call Now Get a Quote
Turnpikelane Storage

GDPR-compliant Privacy Policy for Turnpikelane Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.