Privacy Policy - Blackfen Storage

This Privacy Policy explains how Blackfen Storage collects, uses, shares, stores, and protects personal data in relation to its storage services. It applies to all Blackfen Storage customers in area, including prospective customers, account holders, authorised users, and individuals who communicate with us about our services. We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Blackfen Storage provides storage services to individuals and businesses in the area. For the purposes of data protection law, Blackfen Storage acts as the data controller for the personal data described in this Privacy Policy. This means we determine why and how your personal data is used.

2. Information We Collect

We collect only the data that is necessary for operating our services, managing customer relationships, maintaining security, meeting legal obligations, and improving service delivery. The types of personal data we may collect include:

  • Identity data: name, title, date of birth, and similar identifiers.
  • Contact data: address, email address, telephone number, and billing address.
  • Account and contract data: tenancy details, service preferences, payment status, and account records.
  • Financial data: payment method details, transaction records, and invoice information.
  • Security and access data: CCTV footage, access logs, key or entry records, and site visit information.
  • Communication data: correspondence, enquiries, complaints, and notes from support interactions.
  • Technical data: IP address, device information, and usage information where you interact with our digital systems.

We generally do not seek to collect special category data unless you choose to provide it or it becomes necessary for a specific legal or operational reason. Where special category data is involved, we will only process it where the law allows and where suitable safeguards are in place.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to create and manage customer accounts;
  • to provide and administer storage services;
  • to verify identity and prevent fraud;
  • to process payments, refunds, and invoices;
  • to maintain site security and control access;
  • to communicate about your account, service changes, or important notices;
  • to resolve disputes and enforce agreements;
  • to comply with legal, regulatory, tax, and accounting obligations;
  • to improve our services, systems, and customer experience;
  • to exercise or defend legal claims.

We will only use your personal data for the purposes for which it was collected unless we reasonably consider that we need to use it for another compatible purpose.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Blackfen Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up accounts, providing storage services, managing payments, and communicating about your tenancy or service use.

Legal Obligation

We process data where required to meet legal obligations, including tax, accounting, fraud prevention, safety, and record-keeping requirements.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided your rights do not override those interests. These interests include operating a secure business, protecting property, preventing misuse, improving services, and managing internal administration.

Consent

In limited cases, we may rely on your consent. Where consent is used, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of any processing carried out before it was withdrawn.

5. Sharing and Processors

We may share personal data with trusted third parties where necessary for the operation of our business, compliance with the law, or protection of our rights and customers. These third parties act as processors or independent controllers depending on the circumstances.

Processors may include:

  • payment service providers;
  • IT hosting, cloud, and software providers;
  • security and CCTV service providers;
  • customer support and communication platforms;
  • professional advisers such as accountants, auditors, and legal advisers;
  • maintenance and facility management providers;
  • delivery, logistics, or access control service providers where required.

We require processors to handle personal data securely, only in line with our instructions, and in compliance with data protection law. We do not sell personal data. Where data is shared with independent controllers, such as regulators or law enforcement, they will be responsible for their own use of the data.

6. International Transfers

In some circumstances, personal data may be processed outside the UK. Where this occurs, we will ensure that appropriate safeguards are in place, such as adequacy regulations or approved contractual protections, to ensure that your data remains protected to a standard consistent with UK law.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, operational, and reporting requirements. Retention periods depend on the type of data and the reason for processing.

  • Contract and account records are retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security records, including CCTV footage and access logs, are kept only as long as necessary for safety, investigation, or incident management.
  • Communications are retained for as long as needed to manage enquiries, complaints, and related disputes.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

8. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, encryption where appropriate, staff training, and regular review of security practices. While no system can be guaranteed to be completely secure, we work to maintain a high standard of protection.

9. Your Rights

Under data protection law, you have certain rights in relation to your personal data. Subject to legal limits, these rights include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to ask us to delete your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to data portability – to request that certain data be provided to you or another provider in a structured format.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.
  • Right to complain – to raise concerns with the UK Information Commissioner’s Office if you believe your rights have been infringed.

We may need to verify your identity before responding to a rights request. Some rights may not apply in every situation, and there may be legal reasons why we cannot fully comply with a request.

10. Children’s Data

Blackfen Storage services are not directed to children, and we do not knowingly collect personal data from children unless it is provided incidentally in connection with a customer relationship or legal obligation. If we become aware that data has been collected inappropriately, we will take steps to delete it where required.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. The most current version will apply to your use of our services. Where changes are material, we will take reasonable steps to make customers aware of them.

12. Summary

Blackfen Storage only collects personal data needed to run its services, protect its premises, and meet legal duties. Data is processed under contract, legal obligation, consent, or legitimate interests, retained only as long as necessary, shared with trusted processors under safeguards, and protected by your UK GDPR rights.

Call Now!
Call Now Get a Quote
Blackfen Storage

GDPR-compliant Privacy Policy for Blackfen Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.