Privacy Policy - Hithergreen Storage

This Privacy Policy explains how Hithergreen Storage collects, uses, stores, and protects personal data relating to our customers, prospective customers, visitors, and other individuals whose information we process in connection with our storage services. It applies to all Hithergreen Storage customers in area and is intended to meet the requirements of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, where applicable.

1. Who We Are

Hithergreen Storage provides storage services and related customer support. For the purposes of data protection law, Hithergreen Storage is the data controller in relation to the personal data described in this policy. This means we decide why and how your personal data is processed.

2. Personal Data We Collect

We only collect personal data that is relevant and necessary for providing our services, managing our relationship with you, and meeting legal and operational obligations. The categories of data we may collect include:

  • Identity data: name, title, and identification information.
  • Contact data: address, email address, telephone number, and postal details.
  • Account and contract data: tenancy details, service selections, billing arrangements, and service history.
  • Payment data: payment records, transaction references, and limited financial details necessary to process payments.
  • Communications data: records of correspondence, enquiries, complaints, and support requests.
  • Security and access data: access logs, site entry records, CCTV footage where used, and related safety information.
  • Technical data: device information, IP address, browser details, and usage data if you interact with our digital systems.
  • Legal and compliance data: information needed to comply with taxation, insurance, fraud prevention, or regulatory requirements.

We do not intentionally collect special category personal data unless it is necessary and you have provided it to us voluntarily, or we are otherwise permitted or required to process it under data protection law.

3. How We Collect Personal Data

We may collect data directly from you when you complete forms, sign agreements, contact us, make payments, or otherwise interact with our services. We may also receive data from:

  • payment service providers;
  • identity verification and fraud prevention providers;
  • legal, regulatory, or law enforcement bodies where required;
  • business partners and contractors acting on our behalf;
  • publicly available sources, where permitted by law.

4. Why We Use Your Data and Our Lawful Basis

We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the context, we rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform our contract with you. This includes setting up storage services, managing your account, processing payments, providing access to your storage unit, and handling service changes or cancellations.

Legal Obligation

We may process personal data where needed to comply with legal duties, including accounting, tax, fraud prevention, health and safety, and lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include:

  • managing and improving our business operations;
  • protecting our premises, staff, customers, and property;
  • preventing misuse, theft, or fraud;
  • maintaining service records and customer support;
  • ensuring network and information security.

Consent

In limited circumstances, we may rely on your consent. Where we do so, we will make it clear what you are consenting to and you may withdraw consent at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before the withdrawal.

5. How We Use Personal Data

We use personal data for the following purposes:

  • providing and administering storage services;
  • managing customer accounts and contracts;
  • processing payments and refunds;
  • responding to enquiries and resolving issues;
  • improving service quality and customer experience;
  • protecting the security of our sites and systems;
  • meeting legal, tax, and regulatory obligations;
  • defending legal claims and enforcing agreements.

We will only use your data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose allowed by law.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, and to satisfy legal, accounting, or reporting obligations. Retention periods may vary depending on the type of data and the reason for processing.

In general:

  • Contract and account records are retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by applicable law.
  • Security records, including access logs and CCTV footage where used, are retained for a limited period unless needed for an investigation or legal claim.
  • Correspondence and support records are kept as long as needed to manage the enquiry and any related follow-up.

When personal data is no longer required, we will securely delete it, anonymise it, or otherwise ensure it is no longer identifiable, subject to our legal and operational needs.

7. Data Sharing and Processors

We may share personal data with trusted third parties that help us provide our services. These parties act as processors when they process data on our instructions, and they are contractually required to protect it and use it only for authorised purposes.

Processors may include:

  • payment processing providers;
  • IT hosting, software, and maintenance providers;
  • security and CCTV service providers;
  • customer support and communications tools;
  • professional advisers such as accountants, auditors, insurers, and lawyers;
  • delivery, facilities, and operational contractors.

We may also share data with independent controllers where necessary, for example with banks, insurers, regulators, or public authorities. In those cases, the third party is responsible for its own use of the data.

We do not sell personal data. If personal data is transferred outside the UK or EEA, we will ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent legal mechanisms, to protect your information.

8. Your Rights

Under data protection law, you may have the following rights regarding your personal data, subject to certain conditions and exemptions:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your data has been handled unlawfully. We encourage you to raise concerns with us first so we can address them promptly.

9. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, monitoring tools, and regular review of our security practices.

Although we work to protect your information, no system can be guaranteed to be completely secure. If a data breach occurs that is likely to result in a risk to your rights and freedoms, we will act in accordance with applicable law.

10. Automated Decision-Making

We do not use personal data to make decisions based solely on automated processing that produce legal or similarly significant effects, unless this is permitted by law and appropriate safeguards are in place. If such processing is introduced, we will inform you clearly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or operational practices. The most current version will apply to your personal data from the date it is published or otherwise communicated to you. We encourage you to review it periodically.

12. Additional Notes

This Privacy Policy should be read alongside any relevant terms and conditions or tenancy agreement that applies to your storage service. If there is any inconsistency between this policy and a specific contractual or legal requirement, the latter will apply to the extent permitted by law.

By using Hithergreen Storage services, you acknowledge that we may process personal data as described in this policy and in accordance with applicable data protection law. We will always aim to handle your information fairly, lawfully, and transparently.

Hithergreen Storage is committed to respecting your privacy and protecting your personal information with care, accountability, and integrity.

Call Now!
Call Now Get a Quote
Hithergreen Storage

GDPR-compliant Privacy Policy for Hithergreen Storage covering data use, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.