Privacy Policy - Leavesgreen Storage

Leavesgreen Storage is committed to protecting the privacy and personal data of all customers who use our services in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Leavesgreen Storage customers in area, including individuals, business customers, and authorised users acting on behalf of a customer.

1. Who this policy applies to

This policy applies whenever you:

  • request information about our storage services;
  • enter into a storage agreement with Leavesgreen Storage;
  • visit or use our storage facilities;
  • communicate with us by phone, email, online forms, or in person;
  • are named as an emergency contact, account holder, authorised user, guarantor, or payment contact.

By using our services, you acknowledge that we may process your personal data as described in this policy. We only collect and use personal data where we have a lawful basis to do so, and we do not process data for purposes that are incompatible with those stated below.

2. Data we collect

We collect only the personal data necessary to provide, manage, and secure our storage services. Depending on your relationship with us, this may include:

Information you provide directly

  • name, address, email address, and telephone number;
  • date of birth and identification details where required;
  • billing and payment information;
  • account details, tenancy information, and access permissions;
  • correspondence and customer service records;
  • special instructions relating to your storage unit or account;
  • information contained in complaints, claims, or dispute records.

Information we collect automatically

  • entry and exit records;
  • security logs and CCTV images where facilities are monitored;
  • device or browser information if you interact with digital systems;
  • site usage records needed for security, fraud prevention, or service administration.

Information from third parties

We may receive personal data from payment providers, identity verification services, debt recovery providers, insurers, or other parties involved in the management of your account. Where relevant, we may also obtain contact details from a customer or authorised person acting on your behalf.

3. How we use personal data

We use personal data to operate our services safely and lawfully. This includes:

  • setting up and managing accounts;
  • verifying identity and preventing fraud;
  • processing payments and handling refunds where applicable;
  • granting and controlling access to storage facilities;
  • communicating important notices, including contract updates and security information;
  • responding to enquiries and complaints;
  • maintaining records for accounting, tax, legal, and insurance purposes;
  • monitoring site security and protecting people, property, and business assets;
  • establishing, exercising, or defending legal claims.

We do not sell personal data. We also do not use personal data for automated decision-making that produces legal or similarly significant effects without appropriate safeguards.

4. Lawful basis for processing

Under GDPR, we must have a lawful basis for each processing activity. Leavesgreen Storage relies on the following bases:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement, including account administration, service delivery, billing, and access control.

Legal obligation

We process some data to comply with legal requirements, such as accounting, tax, fraud prevention, regulatory compliance, and responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, CCTV use, service improvement, record keeping, debt recovery, and preventing misuse of our facilities.

Consent

Where consent is required for a specific activity, we will ask for it clearly. You may withdraw consent at any time, without affecting the lawfulness of processing carried out before withdrawal.

Vital interests and public task

These bases are unlikely to apply in most storage services, but we may rely on them if necessary in exceptional circumstances involving safety or lawful public authority requests.

5. Retention of personal data

We keep personal data only for as long as necessary for the purpose for which it was collected, and to meet legal, accounting, insurance, and operational requirements. Retention periods depend on the type of information and the context in which it is used.

  • Account and contract records: kept for the duration of the relationship and for a reasonable period afterwards.
  • Payment and invoicing records: retained for tax and accounting obligations.
  • Security records and access logs: kept only as long as needed for safety, investigation, or operational review.
  • Complaint and dispute records: retained until the matter is fully resolved and for any further period needed to defend legal claims.
  • Enquiry records: kept only as long as needed to respond and manage follow-up actions.

When personal data is no longer required, it is securely deleted, anonymised, or destroyed. Where possible, we minimise retained data to the smallest practical amount.

6. Sharing personal data and processors

We may share personal data with trusted third parties that help us operate our business. These third parties act as processors or independent controllers depending on the service provided. We ensure appropriate contracts and safeguards are in place before sharing data.

Examples of processors

  • payment processing providers;
  • IT hosting, cloud storage, and software service providers;
  • customer support and communication platform providers;
  • identity verification and fraud prevention services;
  • security monitoring, alarm, and CCTV service providers;
  • accounting and bookkeeping service providers;
  • professional advisers, such as auditors, insurers, lawyers, or debt recovery specialists where needed.

We may also disclose data to law enforcement, regulators, courts, or other authorities where required by law or where disclosure is necessary to protect rights, property, or safety. Any processor we use is required to act only on our instructions, keep data secure, and use it only for the agreed purpose.

7. Data security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, staff training, secure storage, encryption where appropriate, and regular review of our security practices. While no system can be guaranteed completely secure, we take reasonable and proportionate steps to protect the information we hold.

8. Your rights

Under data protection law, you have rights in relation to your personal data. These rights may be subject to limitations and exemptions. They include:

  • Right of access: request a copy of the personal data we hold about you;
  • Right to rectification: ask us to correct inaccurate or incomplete data;
  • Right to erasure: request deletion in certain circumstances;
  • Right to restriction: ask us to limit processing in certain situations;
  • Right to object: object to processing based on legitimate interests or direct marketing;
  • Right to data portability: request transfer of certain data to you or another organisation;
  • Right to withdraw consent: where processing is based on consent;
  • Right to complain: raise concerns with the relevant data protection authority if you believe your rights have been infringed.

To exercise your rights, we may need to verify your identity to protect your information. We aim to respond within the timeframes set by law and will explain if any request cannot be fully actioned.

9. International transfers

Where any processor or service provider stores or accesses personal data outside the UK, we will ensure appropriate safeguards are in place to protect the data in line with GDPR requirements. These safeguards may include approved contractual protections and additional security measures.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect legal, operational, or security changes. Any revised version will apply from the date it is published or otherwise communicated. We encourage customers to review it periodically so they remain informed about how their data is handled.

11. Summary of our commitments

Leavesgreen Storage handles personal data fairly, lawfully, and transparently. We collect only what is necessary, use it for clear and legitimate purposes, keep it only as long as required, and share it only with processors and other recipients who need the data for lawful reasons. We respect the rights of all Leavesgreen Storage customers in area and aim to manage personal data in a careful and accountable manner.

This policy is intended to provide a clear, GDPR-compliant explanation of how personal data is processed in connection with Leavesgreen Storage services.

Call Now!
Call Now Get a Quote
Leavesgreen Storage

GDPR-compliant privacy policy for Leavesgreen Storage covering data collection, lawful bases, retention, processors, rights, and customer scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.