Privacy Policy - Bowespark Storage

Bowespark Storage is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Bowespark Storage customers in the area, including individuals, business account holders, and anyone who contacts us, uses our services, or enters into a storage agreement with us.

1. Who We Are

For the purposes of data protection law, Bowespark Storage acts as the data controller for personal information collected in connection with our storage services, customer administration, and related communications. This means we decide why and how your personal data is processed.

2. Personal Data We Collect

We collect only the personal data that is necessary for operating our services, meeting legal obligations, and managing our customer relationships. Depending on your interaction with us, the information may include:

  • Identity details such as your name, date of birth, and proof of identity;
  • Contact information such as postal address, email address, and telephone number;
  • Account and contract information such as storage unit details, billing records, payment status, and service history;
  • Financial information such as payment card details, bank account details, or transaction references, where needed for payments and refunds;
  • Access and security information such as entry logs, CCTV recordings, key or access code records, and incident reports;
  • Correspondence such as emails, notes of phone calls, complaints, claims, and other communications;
  • Legal and compliance information such as verification records, insurance details, and documentation required to prevent fraud or meet regulatory duties.

We do not intentionally collect special category personal data unless you choose to provide it to us or it is necessary to handle a specific legal or operational matter. If we do collect such information, we will only process it where the law allows and where appropriate safeguards are in place.

3. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage your storage account;
  • to verify identity and prevent unauthorised access or fraud;
  • to process payments, issue invoices, and administer refunds;
  • to communicate with you about your agreement, account matters, and service changes;
  • to maintain security, including access control and CCTV monitoring;
  • to comply with legal, tax, accounting, insurance, and regulatory obligations;
  • to resolve disputes, manage claims, and enforce our contractual rights;
  • to improve the safety, efficiency, and quality of our services.

4. Lawful Basis for Processing

We only process personal data where we have a lawful basis under UK GDPR. Depending on the purpose, our lawful bases may include:

Contract

We process data where it is necessary to enter into or perform a contract with you, such as setting up your storage unit, handling billing, and maintaining your account.

Legal obligation

We may process your data to comply with laws and regulations, including tax, accounting, anti-fraud, and record-keeping requirements.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. This may include securing our premises, preventing misuse of services, managing risk, and improving operations. We always consider whether the processing is necessary and proportionate.

Consent

In limited cases, we may rely on your consent, for example where we use optional communications or process information outside the usual customer relationship. Where consent is used, you may withdraw it at any time.

5. Sharing Your Personal Data

We may share personal data with trusted third parties where necessary for the purposes described in this Policy. These third parties act either as processors on our behalf or as independent controllers in limited situations. We take steps to ensure that any sharing is lawful, secure, and limited to what is needed.

Processors may include:

  • payment service providers and banks for processing transactions;
  • IT and cloud storage providers supporting our systems and data security;
  • accounting, audit, and bookkeeping providers;
  • security providers, including CCTV monitoring and access control support;
  • legal, insurance, or debt recovery advisers where required;
  • maintenance and facility service providers who need limited access for operational reasons.

We require processors to handle personal data only on our instructions, to keep it secure, and to delete or return it when it is no longer needed.

We may also disclose information if required by law, court order, law enforcement request, or to protect our rights, property, customers, or staff. Where possible and lawful, we will only disclose the minimum information necessary.

6. International Transfers

Some of our processors may store or access data outside the United Kingdom. If this happens, we will ensure appropriate safeguards are in place, such as standard contractual clauses or other approved transfer mechanisms, so that your personal data remains protected to an equivalent standard.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, insurance, and reporting requirements. Retention periods vary depending on the type of record and the reason it is held.

  • Customer contract and billing records are typically retained for the duration of the agreement and for a further period where required by law or to manage claims.
  • Payment and accounting records are retained for the period needed to meet tax and financial reporting obligations.
  • Security records, including CCTV and access logs, are retained for a limited period unless an incident requires longer retention.
  • Correspondence and complaint records are retained for as long as necessary to resolve the matter and defend or establish legal claims.

When information is no longer needed, we will delete it securely or anonymise it so it can no longer identify you.

8. Data Security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access restrictions, password protection, staff training, secure storage, and monitoring of our systems. Although no system can be guaranteed to be completely secure, we work to maintain a high standard of protection.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply in full or in part depending on the circumstances and the lawful basis relied upon.

  • Right of access – you may request confirmation of whether we hold your data and receive a copy of it;
  • Right to rectification – you may ask us to correct inaccurate or incomplete information;
  • Right to erasure – you may request deletion of your data in certain situations;
  • Right to restriction – you may ask us to limit how we use your data in certain cases;
  • Right to object – you may object to processing based on legitimate interests;
  • Right to data portability – you may request certain data in a structured, commonly used format where legally applicable;
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time;
  • Right to complain – you may raise concerns with the UK Information Commissioner’s Office if you believe your rights have been infringed.

We will respond to rights requests within the time limits set by law and may need to verify your identity before acting on a request. In some cases, legal exceptions may apply.

10. Cookies and Similar Technologies

If we use any digital tools that involve cookies or similar technologies, these are used only where necessary for security, functionality, analytics, or service improvement. Any such use will be limited and managed in line with applicable law. Where consent is required, we will ask for it before placing non-essential cookies.

11. Children

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children in connection with our services. If we become aware that a child’s information has been provided to us without appropriate authority, we will take steps to delete it where appropriate.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, operational practices, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated, and we encourage customers to review it periodically. The latest version will always govern how we process personal data.

13. Summary of Our Commitment

Bowespark Storage processes personal data fairly, lawfully, and transparently. We only collect what we need, use it for clear and legitimate purposes, retain it for no longer than necessary, and share it only with trusted processors or where required by law. We respect the rights of every customer and aim to maintain privacy and security at every stage of our service.

This Privacy Policy applies to all Bowespark Storage customers in the area.

Call Now!
Call Now Get a Quote
Bowespark Storage

GDPR-compliant Privacy Policy for Bowespark Storage covering data collection, lawful basis, retention, processors, rights, and applies to all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.