Privacy Policy - Millhill Storage

Millhill Storage is committed to protecting the privacy and personal data of our customers, prospective customers, suppliers, and any other individuals whose information we handle. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to all Millhill Storage customers in the area.

1. Who this policy applies to

This Privacy Policy applies to individuals who use, enquire about, or otherwise interact with Millhill Storage services. It covers personal data collected from customers, authorised users, business representatives, and visitors where relevant. It also applies where we process personal data on behalf of or in relation to storage services provided locally within our operating area.

2. Personal data we collect

We collect and process personal data that is necessary to provide storage services, manage accounts, communicate with customers, and meet legal and operational requirements. The types of data we may collect include:

  • Identity information such as name, title, and date of birth where required.
  • Contact details such as postal address, email address, and telephone number.
  • Account and contract information including storage unit details, billing records, service preferences, and communication records.
  • Payment information such as payment status, transaction references, and limited financial details necessary to process payments.
  • Verification information to confirm identity, prevent fraud, and comply with legal obligations.
  • Security and access information such as entry logs, CCTV images where applicable, and records of site access.
  • Correspondence including complaints, queries, notices, and other communications.

We generally do not seek to collect special category data unless it is necessary and lawful to do so. If such data is provided to us accidentally or is required in a specific situation, we will handle it with additional care and only where a valid legal basis exists.

3. How we collect personal data

We may collect data directly from you when you complete forms, sign agreements, make enquiries, communicate with us, or use our services. We may also collect data automatically through security systems, access controls, and CCTV where these are in use at our premises. In some cases, we may receive data from third parties such as payment providers, identity verification services, legal advisers, or public authorities where appropriate.

4. Why we use your data

We use personal data for the following purposes:

  • to create and manage customer accounts;
  • to provide storage services and maintain contractual records;
  • to process payments and manage billing;
  • to verify identity and help prevent fraud;
  • to manage site security, access control, and operational safety;
  • to respond to enquiries, complaints, and requests;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to establish, exercise, or defend legal claims;
  • to improve our services, systems, and customer experience where permitted.

We will only use your personal data for the purposes for which it was collected, unless we reasonably determine that we need to use it for another compatible purpose and that such use is lawful.

5. Lawful basis for processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the circumstances, Millhill Storage may rely on one or more of the following legal bases:

  • Contract - where processing is necessary to enter into or perform a contract with you, such as managing storage services, billing, and account administration.
  • Legal obligation - where processing is required to comply with laws or regulations, including tax, accounting, anti-fraud, or record-keeping obligations.
  • Legitimate interests - where processing is necessary for our legitimate business interests, provided your interests and rights do not override those interests. This may include protecting property, preventing misuse, maintaining security, and improving operations.
  • Consent - where we ask for your permission to process certain information, for example for optional marketing activities or specific non-essential uses. Where we rely on consent, you may withdraw it at any time.

Where special category data is processed, we will only do so where a specific condition under data protection law applies and appropriate safeguards are in place.

6. Sharing personal data and processors

We may share personal data with trusted third parties where necessary and lawful. These parties may act as processors or, in some cases, independent controllers. We require processors to handle personal data securely, only on our instructions, and in compliance with applicable data protection laws.

Examples of processors and service providers may include:

  • IT and hosting providers that support our systems, data storage, and security infrastructure;
  • payment processors that handle card or electronic payment transactions;
  • accounting and bookkeeping providers that assist with financial records and reporting;
  • identity verification or fraud prevention providers where checks are required;
  • security and monitoring providers supporting site protection and access systems;
  • professional advisers such as lawyers, auditors, or insurers where needed;
  • public authorities or law enforcement where we are legally required to disclose information or where disclosure is necessary to protect rights, property, or safety.

We do not sell personal data. If personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations or approved contractual protections.

7. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, tax, and operational requirements. Retention periods vary depending on the type of information and the reason it is held.

In general:

  • contract and account records are retained for the duration of the customer relationship and for a reasonable period afterwards;
  • financial and tax records are kept for the period required by law;
  • security records, such as access logs or CCTV footage, are retained for limited periods unless needed for investigation or legal purposes;
  • correspondence and complaint records are retained for as long as necessary to resolve the matter and for evidence of handling.

When personal data is no longer needed, it is securely deleted, anonymised, or otherwise disposed of in a safe and lawful manner.

8. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff training, restricted permissions, and monitoring of systems. Although no security system is completely risk-free, we take data protection seriously and regularly review our safeguards.

9. Your rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions or exemptions depending on the circumstances. Your rights may include:

  • Right of access - you may request a copy of the personal data we hold about you.
  • Right to rectification - you may ask us to correct inaccurate or incomplete data.
  • Right to erasure - in certain situations, you may request deletion of your personal data.
  • Right to restriction - you may ask us to restrict how we use your data in certain circumstances.
  • Right to object - you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability - where applicable, you may request that certain data be provided in a structured, commonly used format.
  • Right to withdraw consent - where processing is based on consent, you may withdraw that consent at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable data protection law. We may need to verify your identity before actioning a request.

10. Automated decision-making

Millhill Storage does not generally use automated decision-making that produces legal or similarly significant effects. If this changes, we will ensure that any such processing is lawful and that appropriate information and safeguards are provided.

11. Complaints and data protection concerns

If you have concerns about how we handle personal data, you should raise them with us so that we can investigate and respond appropriately. You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

Summary of our commitments

Millhill Storage will only collect personal data that is necessary, use it lawfully, keep it secure, share it responsibly with processors and other permitted recipients, and retain it only for as long as needed. We respect your rights and aim to handle all personal data in a fair, transparent, and compliant manner.

Call Now!
Call Now Get a Quote
Millhill Storage

GDPR-compliant Privacy Policy for Millhill Storage covering data collection, lawful basis, retention, processors, user rights, and local customer scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.