Privacy Policy - Rushgreen Storage

This Privacy Policy explains how Rushgreen Storage collects, uses, stores, shares, and protects personal data relating to its customers. It applies to all Rushgreen Storage customers in the area, including prospective customers, existing customers, and individuals who interact with us in connection with storage services, account management, payments, access arrangements, and customer support. We are committed to handling personal data in a lawful, fair, and transparent manner in line with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

1. Personal Data We Collect

We collect only the information that is necessary to provide our services, manage our business, and meet our legal obligations. The types of personal data we may collect include:

  • Identity data: name, title, date of birth, and identification details where required for verification.
  • Contact data: postal address, email address, and telephone number.
  • Account and transaction data: booking details, storage unit assignments, payment records, invoices, account history, and related correspondence.
  • Security and access data: access logs, entry records, CCTV footage where applicable, and information relating to site security or incident reports.
  • Communication data: messages, queries, complaints, feedback, and records of communication with our team.
  • Technical data: limited device or usage data when you interact with our digital systems, such as login times, IP address, or browser-related information.

We do not intentionally collect special category data unless it is necessary and lawful to do so. If such information is provided to us incidentally, we will handle it with appropriate care and only where a valid legal basis applies.

2. How We Use Personal Data

We use personal data to operate and improve our services, administer customer accounts, and maintain the safety and security of our facilities. This may include:

  • setting up and managing customer accounts;
  • processing payments and issuing receipts or invoices;
  • providing storage services and managing access arrangements;
  • communicating about bookings, renewals, notices, and service updates;
  • responding to enquiries, complaints, and support requests;
  • protecting customers, staff, property, and premises;
  • preventing fraud, misuse, and unauthorised access;
  • meeting legal, accounting, and regulatory requirements;
  • maintaining business records and internal administration.

We only use personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and that such use is permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Depending on the context, Rushgreen Storage may rely on one or more of the following lawful bases:

  • Contract: when processing is necessary to enter into or perform our storage agreement with you, such as setting up your account, providing access, or managing payments.
  • Legal obligation: when we need to process data to comply with legal or regulatory requirements, including tax, accounting, fraud prevention, or lawful requests from authorities.
  • Legitimate interests: when processing is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include maintaining security, preventing misuse, managing operations, and improving services.
  • Consent: where we rely on your consent for specific activities, we will make that clear at the time consent is requested. You may withdraw consent at any time where it is the basis for processing.

We assess the appropriate lawful basis before processing personal data and keep this under review where our use of data changes over time.

4. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for the operation of our business, but only when there is a lawful reason to do so and appropriate safeguards are in place. These third parties may act as processors on our behalf or, in some cases, as independent controllers.

Our processors may include:

  • Payment service providers: to process card or electronic payments securely.
  • IT and hosting providers: to store data, maintain systems, and support security and backups.
  • Accountancy and bookkeeping providers: to support financial administration and statutory reporting.
  • Security providers: where needed for site monitoring, alarm systems, or incident support.
  • Customer communication tools: to help manage service messages and administrative communications.

All processors are required to handle personal data only on our instructions, keep it secure, and use it only for the agreed purposes. We do not sell personal data. Where personal data is disclosed to authorities, insurers, legal advisers, or similar parties, such disclosure will be limited to what is necessary and permitted by law.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, and operational requirements. The retention period may vary depending on the type of data and the reason it was collected.

  • Customer account and transaction records are generally retained for as long as the account remains active and for a reasonable period afterwards.
  • Financial and tax-related records are retained for the period required by law.
  • Security logs and CCTV-related information are retained only for as long as necessary for safety, incident investigation, or legal purposes.
  • Enquiry and communication records are retained for a period appropriate to customer service and business administration.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify an individual. In some cases, we may retain data for longer if needed for legal claims, dispute resolution, or regulatory obligations.

6. Security of Your Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, disclosure, alteration, or destruction. These measures may include access controls, secure storage, staff awareness, password protection, data minimisation, and review of supplier arrangements. While no system can be guaranteed completely secure, we work to ensure that personal data is handled responsibly and protected to a standard appropriate to the risks involved.

7. Your Rights

Depending on the circumstances and the legal basis for processing, you may have the following rights under data protection law:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to request deletion of personal data in certain situations.
  • Right to restriction: to request that we limit the way we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or to direct marketing where applicable.
  • Right to data portability: to request certain data in a structured, commonly used format where the legal conditions are met.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal conditions, exemptions, or limitations. We will respond to valid requests within the time limits required by law and may need to verify your identity before acting on a request.

8. International Transfers

If personal data is transferred outside the UK, we will only do so where appropriate safeguards are in place and where the transfer is permitted by data protection law. Such safeguards may include adequacy regulations, standard contractual clauses, or equivalent protections designed to keep your data secure and lawfully processed.

9. Children’s Data

Rushgreen Storage services are intended for adults and business users. We do not knowingly collect personal data from children without appropriate authority. If we become aware that we have collected data from a child in circumstances where we should not have done so, we will take reasonable steps to delete it or obtain proper authorisation where lawful and appropriate.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we process personal data.

11. General Principles

We aim to ensure that personal data is:

  • processed lawfully, fairly, and transparently;
  • collected for specific, explicit, and legitimate purposes;
  • adequate, relevant, and limited to what is necessary;
  • accurate and kept up to date where appropriate;
  • kept only for as long as necessary;
  • handled securely and responsibly.

By using our services, you acknowledge that Rushgreen Storage may process personal data as described in this Privacy Policy and in accordance with applicable law. If a conflict arises between this policy and legal requirements, the legal requirements will prevail.

Privacy Policy - Rushgreen Storage

Call Now!
Call Now Get a Quote
Rushgreen Storage

GDPR-compliant Privacy Policy for Rushgreen Storage covering data collection, lawful basis, retention, processors, rights, and applies to all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.