Privacy Policy - Honoroak Storage

This Privacy Policy explains how Honoroak Storage collects, uses, stores, shares, and protects personal data relating to its customers. It applies to all Honoroak Storage customers in the area and is intended to meet the requirements of the UK GDPR and the Data Protection Act 2018, together with any other applicable privacy laws.

We are committed to handling personal data lawfully, fairly, and transparently. This Policy should be read alongside any customer agreement, service terms, and notices that we provide when you use our storage services.

1. Who we are

Honoroak Storage provides storage services to individuals and businesses. In connection with these services, we act as a data controller for the personal data we collect and use for our own business purposes, such as account management, billing, security, and legal compliance.

Where we process data on behalf of a business customer or another organisation, we will do so only according to their instructions and applicable law.

2. Personal data we collect

We may collect and process the following categories of personal data:

  • Identity data such as name, title, date of birth, and identification details where required for verification.
  • Contact data such as postal address, email address, and telephone number.
  • Account and contract data such as customer reference numbers, service preferences, agreement details, and records of communications.
  • Payment and transaction data such as payment method, billing records, invoices, and payment status.
  • Access and security data such as entry logs, CCTV images, device or key fob records, alarm information, and site access history.
  • Storage usage data such as unit size, move-in and move-out dates, inspection records, and inventory-related information where provided.
  • Correspondence data such as complaints, enquiries, feedback, and notes from phone, email, or written communication.
  • Technical data such as IP address, browser type, and device information if you use any digital services we operate.

In some cases, we may also collect limited special category data or information about criminal convictions and offences if required for legal compliance, fraud prevention, or safeguarding purposes. Where this occurs, we will only process such data where permitted by law and subject to appropriate safeguards.

3. How we use personal data

We use personal data for the following purposes:

  • to set up and manage customer accounts;
  • to provide storage services and maintain access to your unit;
  • to process payments, fees, deposits, and refunds;
  • to verify identity and prevent fraud;
  • to maintain the safety and security of our premises, staff, customers, and property;
  • to keep accurate business records;
  • to communicate about service updates, notices, and contract-related matters;
  • to resolve disputes, handle complaints, and support legal claims;
  • to comply with law, regulation, taxation, accounting, and insurance obligations;
  • to improve our services, systems, and customer experience.

We will only use personal data for the purposes described above or for compatible purposes that are permitted by law.

4. Lawful basis for processing

We will process personal data only where we have a lawful basis under data protection law. Depending on the context, our lawful bases include:

  • Contract - where processing is necessary to enter into or perform our storage agreement with you, such as managing your unit, billing, and customer service.
  • Legal obligation - where processing is necessary to comply with laws and regulations, including accounting, tax, health and safety, and responding to lawful requests.
  • Legitimate interests - where processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include site security, fraud prevention, service improvement, and internal administration.
  • Consent - where we rely on your consent, for example for certain optional communications or processing activities. You may withdraw consent at any time where consent is the basis relied upon.
  • Vital interests - in rare circumstances where processing is necessary to protect someone’s life.

Where we rely on legitimate interests, we carry out a balancing test to ensure our interests are appropriate and do not unfairly impact your privacy.

5. Sharing personal data and processors

We may share personal data with trusted third parties where necessary for the purposes set out in this Policy. These third parties may include processors who act on our behalf and only under our instructions, as well as independent controllers where they determine their own purposes for using the data.

Our processors may include:

  • IT and cloud service providers;
  • payment service providers;
  • security and surveillance service providers;
  • maintenance and facilities contractors;
  • document storage or archiving providers;
  • professional advisers such as accountants, auditors, and lawyers;
  • debt recovery or credit control services where lawful and necessary.

We require processors to keep personal data secure, to use it only for our instructions, and to comply with data protection law. We may also disclose data to law enforcement, regulators, insurers, courts, or other public authorities when required or permitted by law.

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as an adequacy regulation, standard contractual clauses, or other lawful transfer mechanism.

6. Retention of personal data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, or reporting requirements. The retention period depends on the type of data and the reason for processing.

In general:

  • customer account and contract records are retained for the duration of the relationship and for a reasonable period afterwards;
  • financial and tax records are retained for the period required by law;
  • security records, including access logs and CCTV images, are retained for a limited period unless needed for an investigation, claim, or legal requirement;
  • correspondence and complaint records are retained for as long as needed to handle the matter and for appropriate audit or legal purposes.

When personal data is no longer required, we will securely delete it, anonymise it, or otherwise dispose of it in a safe and lawful manner.

7. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, unlawful destruction, misuse, or disclosure. These measures may include access controls, staff training, secure storage, encryption where appropriate, and regular review of our systems and procedures.

Although we work hard to protect personal data, no system can be guaranteed to be completely secure. We therefore encourage customers to help protect their own data, including by safeguarding access credentials and promptly notifying us of any suspected misuse.

8. Your rights

Under data protection law, you have the following rights in relation to your personal data, subject to certain conditions and exemptions:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to ask us to correct inaccurate or incomplete data.
  • Right to erasure - to request deletion of your data in certain circumstances.
  • Right to restriction - to ask us to limit how we use your data in some situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to receive certain data in a structured, commonly used, machine-readable format where applicable.
  • Right to withdraw consent - where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office or another relevant supervisory authority if you believe your data protection rights have been infringed. We would, however, appreciate the chance to address your concerns first so that we can try to resolve the matter promptly.

9. Children’s data

Our storage services are generally intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary for a lawful and legitimate purpose, such as where a parent or guardian provides information in connection with a service request.

10. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any updated version will apply from the date it is issued. We encourage customers to review this Policy periodically so they remain informed about how we handle personal data.

11. Summary of key points

This Policy explains how Honoroak Storage handles personal data for all customers in the area. We collect only the information needed to provide storage services, maintain security, manage accounts, and comply with the law. We rely on lawful bases such as contract, legal obligation, legitimate interests, and consent where appropriate. We share data only with trusted processors and others where required by law, keep data only as long as necessary, and respect your privacy rights.

By using our services, you acknowledge that your personal data may be processed as described in this Privacy Policy.

Call Now!
Call Now Get a Quote
Honoroak Storage

GDPR-compliant Privacy Policy for Honoroak Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.