Privacy Policy - Ratcliff Storage

Effective date: This Privacy Policy applies to all Ratcliff Storage customers in the area and explains how we collect, use, store, and protect personal data in connection with our storage services, account administration, billing, customer support, and related operations.

1. Introduction

Ratcliff Storage is committed to protecting personal data and respecting privacy rights. We process personal information in accordance with the UK GDPR and the Data Protection Act 2018, and where applicable, the EU GDPR principles of fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, integrity, and confidentiality.

This policy explains what data we collect, why we collect it, the lawful bases we rely on, how long we retain it, who may process it on our behalf, and the rights available to customers. It applies to all customers, including individuals and businesses using our storage services in the area served by Ratcliff Storage.

2. Data We Collect

We collect only the personal data necessary to provide and manage our services, comply with legal obligations, and protect our legitimate interests. Depending on your relationship with us, we may collect the following categories of data:

  • Identity data: name, title, date of birth, and proof of identity where required.
  • Contact data: postal address, email address, and telephone number.
  • Account data: customer reference numbers, facility access details, service preferences, and communication records.
  • Payment data: billing details, payment method information, transaction records, and payment status. We do not intentionally store full card details unless required by a secure payment provider.
  • Service data: storage unit details, hire dates, inventory notes voluntarily provided, access logs, and service requests.
  • Security data: CCTV footage, access control logs, incident reports, and records related to site safety and fraud prevention.
  • Technical data: IP address, device information, browser type, and usage logs if you interact with digital systems connected to our services.
  • Correspondence data: records of emails, calls, complaints, and other communications.

We may also process limited special category data only where necessary and permitted by law, for example if you voluntarily disclose health information relevant to access arrangements or safety. Such data is processed with heightened care and only when strictly necessary.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to create and manage customer accounts;
  • to deliver storage services and manage access to facilities;
  • to process payments, invoices, refunds, and account adjustments;
  • to communicate service updates, notices, and operational information;
  • to respond to enquiries, complaints, and support requests;
  • to maintain security, prevent fraud, and protect property, staff, and customers;
  • to meet legal, regulatory, insurance, and tax obligations;
  • to improve our services, systems, and customer experience;
  • to establish, exercise, or defend legal claims.

We do not sell personal data. We also do not use personal data for unrelated purposes without informing you and ensuring that any additional use is lawful.

4. Lawful Basis for Processing

We process personal data only when we have a lawful basis under data protection law. Depending on the circumstance, our lawful bases include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, including opening an account, managing storage services, issuing invoices, and providing support.

Legal Obligation

We process data where required to comply with laws and regulations, including accounting, tax, fraud prevention, health and safety, and record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your rights and freedoms do not override those interests. Examples include site security, CCTV monitoring, improving operations, handling disputes, and protecting against misuse of services. Where appropriate, we carry out balancing tests to ensure this processing is fair and proportionate.

Consent

In limited situations, we rely on your consent, for example for certain optional communications or specific uses of information not covered by another lawful basis. You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests

In rare circumstances, we may process personal data to protect someone’s vital interests, such as in an emergency involving safety or serious harm.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of information and the reason it is held.

  • Customer account and contract records are generally retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Payment and tax records are retained for the period required by law.
  • Access logs, security records, and CCTV footage are kept only as long as necessary for security, investigation, and compliance purposes.
  • Correspondence and complaint records are retained for as long as needed to resolve issues and defend legal claims.

When data is no longer needed, we will delete, anonymise, or securely destroy it. We use retention controls designed to avoid keeping data longer than necessary.

6. Processors and Third Parties

We may share personal data with trusted processors and third parties that help us operate our business. These recipients only process data on our instructions or where independently required by law. We require them to apply appropriate security and confidentiality measures.

Types of processors and third parties may include:

  • IT and hosting providers that support our systems, data storage, and communications.
  • Payment processors that securely handle card or electronic payment transactions.
  • Security providers that assist with CCTV, alarms, access control, and site protection.
  • Accountants, auditors, and professional advisers who support financial, legal, or compliance obligations.
  • Insurance providers and claims handlers where necessary for coverage and incident management.
  • Regulators, law enforcement, and public authorities where disclosure is required by law or necessary to protect rights and safety.

Where data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as adequacy regulations or standard contractual clauses, as required by applicable law.

7. Data Security

We take reasonable and appropriate technical and organisational measures to protect personal data from unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, staff confidentiality obligations, encryption, secure backups, and monitoring of systems and facilities.

Despite our safeguards, no system can be guaranteed to be completely secure. In the event of a personal data breach, we will assess the situation and notify the relevant authorities and affected individuals where required by law.

8. Your Rights

Depending on your location and the legal basis for processing, you may have the following rights:

  • Right of access: obtain a copy of your personal data and information about how it is processed.
  • Right to rectification: request correction of inaccurate or incomplete data.
  • Right to erasure: request deletion of data in certain circumstances.
  • Right to restriction: request that processing be limited in certain situations.
  • Right to data portability: receive certain data in a structured, commonly used format, where applicable.
  • Right to object: object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: withdraw consent where processing is based on consent.
  • Right to complain: raise concerns with the relevant data protection authority if you believe your rights have been infringed.

We may need to verify your identity before responding to a request. We aim to respond within the time limits required by law and will explain if an exception applies.

9. Cookies and Similar Technologies

If we use digital tools that rely on cookies or similar technologies, they are used only where necessary for functionality, security, and performance, or where you have provided the required consent. Any such use will be limited and proportionate to the service provided.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, service operations, or data practices. The most recent version will apply from the date it takes effect. We encourage customers to review it periodically.

11. Summary of Our Commitment

Ratcliff Storage is committed to processing personal data lawfully, fairly, and transparently. We collect only what we need, retain it for appropriate periods, use processors carefully, and respect your rights. Our goal is to protect customer privacy while delivering secure and reliable storage services.

Call Now!
Call Now Get a Quote
Ratcliff Storage

GDPR-compliant Privacy Policy for Ratcliff Storage covering data collection, lawful basis, retention, processors, rights, security, and scope for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.