Privacy Policy - Mayfair Storage

This Privacy Policy explains how Mayfair Storage collects, uses, stores, shares, and protects personal data in connection with our services. It applies to all Mayfair Storage customers in the area, including prospective customers, current customers, and individuals who interact with us regarding storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Mayfair Storage is the data controller for the personal data described in this policy. This means we decide how and why your personal data is processed when you use our services, make enquiries, enter into an agreement with us, or otherwise interact with us in relation to storage services.

2. Personal Data We Collect

We may collect and process different types of personal data depending on how you engage with us. The information we collect may include:

  • Identity details such as your name and title.
  • Contact details such as address, email address, and telephone number.
  • Account and booking information such as storage unit details, reservation records, payment status, and service preferences.
  • Transaction information including payment records, invoices, receipts, and billing history.
  • Communication records including emails, messages, complaint details, and notes from conversations.
  • Security and access information such as CCTV recordings, entry logs, visitor records, and access control data where relevant.
  • Technical data such as IP address, browser type, and device information if you interact with our digital systems.
  • Verification information if we need to confirm your identity for security, fraud prevention, or legal compliance purposes.

We do not intentionally collect more personal data than is necessary for the purposes described in this policy.

3. How We Collect Personal Data

We collect personal data directly from you when you complete forms, make enquiries, sign agreements, make payments, or communicate with us. We may also collect data automatically from access systems or security systems used at our premises. In some cases, we may receive personal data from third parties such as payment providers, contractors, insurers, legal advisers, or public authorities where appropriate and lawful.

4. Purposes of Processing

We use personal data only where we have a lawful basis to do so. The main purposes for which we process personal data include:

  • providing storage services and managing your account;
  • processing reservations, renewals, and payments;
  • verifying identity and preventing fraud;
  • maintaining site security and protecting property;
  • managing customer service communications and complaints;
  • meeting legal, accounting, and regulatory obligations;
  • operating and improving our business systems;
  • defending or establishing legal claims where necessary.

5. Lawful Basis for Processing

Under data protection law, we must have a lawful basis before processing your personal data. Depending on the circumstances, Mayfair Storage relies on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing your booking, providing services, and taking payment.

Legal Obligation

We may process personal data where we must do so to comply with applicable laws, such as tax, accounting, anti-fraud, or record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided that your interests and fundamental rights do not override those interests. These interests may include protecting our premises, preventing misuse of our services, maintaining business records, and improving service quality. When we rely on legitimate interests, we ensure that the processing is proportionate and respects your privacy.

Consent

In limited situations, we may rely on your consent, for example where specific optional communications or processing activities require it. Where consent is used, you may withdraw it at any time.

6. Sharing Your Personal Data

We may share personal data with trusted processors and third parties where necessary for the operation of our business, the provision of services, or compliance with law. Such sharing will always be limited to what is necessary and done under appropriate safeguards.

Processors

We use processors that act on our behalf and under our instructions. These may include:

  • Payment processors for handling card or electronic payments.
  • IT and hosting providers for secure storage, systems support, and data management.
  • Security providers for monitoring, access control, and site protection.
  • Administrative service providers who assist with customer management, document handling, or communications.
  • Professional advisers such as accountants, insurers, and legal advisers where needed.

Processors are required to keep personal data secure, use it only for specified purposes, and comply with data protection obligations.

Other Disclosures

We may also disclose personal data to law enforcement, regulators, courts, or other authorities where required by law or where necessary to protect our rights, customers, staff, or property.

7. International Transfers

If any personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place to protect it. This may include relying on adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms permitted under data protection law.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, security, and reporting obligations. The retention period depends on the nature of the data and the reason for processing.

  • Customer account and contract data may be retained for the duration of the service relationship and for a reasonable period afterwards.
  • Financial and transaction records are usually retained for the period required by tax and accounting laws.
  • Security records such as CCTV or access logs are retained for a limited period unless they are needed for an incident investigation, claim, or legal requirement.
  • Communications and complaint records may be kept as long as needed to manage the issue and maintain appropriate business records.

When personal data is no longer needed, we will delete, anonymise, or securely dispose of it.

9. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, alteration, disclosure, loss, or destruction. These measures may include restricted access controls, staff confidentiality obligations, secure systems, monitoring, and supplier checks. While no system can be guaranteed completely secure, we continually review our safeguards to help protect your information.

10. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the circumstances:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain cases.
  • Right to restrict processing – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data has been handled unlawfully. We encourage you to raise any concerns with us first so that we can try to resolve them promptly.

11. Automated Decision-Making

Mayfair Storage does not use personal data for decisions that produce legal or similarly significant effects on you without human involvement, unless we have informed you otherwise and the law permits such processing.

12. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data from children in connection with our storage services. If we become aware that we have inadvertently collected such data, we will take appropriate steps to delete it where required.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how we handle personal data.

14. Summary of Our Approach

Mayfair Storage is committed to processing personal data with lawfulness, fairness, transparency, data minimisation, accuracy, storage limitation, integrity, and confidentiality. We only collect data needed to provide our services and maintain safe, efficient operations. Where we use processors, we ensure they meet strict security and confidentiality standards. Where you exercise your rights, we will respond in line with applicable law and within the required timeframes.

This policy applies to all Mayfair Storage customers in the area. By using our services, you acknowledge that your personal data may be processed as described in this policy and in accordance with applicable data protection law.

Call Now!
Call Now Get a Quote
Mayfair Storage

GDPR-compliant Privacy Policy for Mayfair Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.