Privacy Policy - Bullscross Storage

Bullscross Storage is committed to protecting the privacy and personal data of its customers. This Privacy Policy explains how we collect, use, share, store, and protect personal data in connection with our storage services. It applies to all Bullscross Storage customers in the area, including individuals and businesses using our facilities or related services.

We process personal data in line with the UK GDPR and the Data Protection Act 2018, and we aim to be transparent about what data we collect, why we collect it, and the rights available to you.

1. Data We Collect

We collect only the personal data necessary to provide and manage our storage services, maintain security, and meet legal obligations. Depending on your relationship with us, we may collect the following categories of data:

  • Identity data, such as your name, date of birth, and identification details.
  • Contact data, such as your address, email address, and phone number.
  • Account and contract data, including service agreements, payment arrangements, and service history.
  • Financial data, such as billing information and payment status.
  • Security data, such as access logs, CCTV footage, alarm records, and incident reports.
  • Communications data, including correspondence with us by phone, email, or in writing.
  • Vehicle and access data, where relevant, such as registration details or access credentials used to enter the premises.

In some situations, we may also collect special category data or other sensitive information if it is necessary to meet legal duties or to handle an incident, but this will only happen where permitted by law and subject to appropriate safeguards.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage agreements.
  • To verify identity and prevent unauthorised access.
  • To provide customer support and respond to enquiries.
  • To process payments, refunds, and account administration.
  • To monitor security and protect people, property, and facilities.
  • To maintain operational records and service quality.
  • To comply with legal, regulatory, tax, and insurance requirements.
  • To investigate incidents, disputes, or suspected misuse of the service.

We only process data where we have a valid legal reason to do so, and we do not use personal data for unrelated purposes without proper justification.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Bullscross Storage relies on one or more of the following lawful bases:

Performance of a Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes opening an account, managing storage access, handling payments, and carrying out customer service obligations.

Legal Obligation

We may process personal data where we are required to do so by law, such as keeping records for tax purposes, complying with health and safety duties, or responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include securing our premises, preventing fraud, protecting property, and improving our services. When relying on this basis, we assess whether the processing is necessary and proportionate.

Consent

In limited cases, we may rely on your consent, for example where optional communications or specific data uses require permission. Where consent is used, you may withdraw it at any time, although this will not affect processing carried out before withdrawal.

4. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, and for any additional period required by law or for legitimate business reasons such as resolving disputes or enforcing agreements.

  • Customer and contract records are normally retained for the duration of the contract and for a reasonable period afterwards.
  • Financial and tax records are kept for the period required by applicable law.
  • Security records, such as access logs and CCTV footage, are retained for a limited period unless needed for an investigation, legal claim, or regulatory request.
  • Correspondence and support records are retained as long as needed to manage your enquiry and maintain accurate business records.

When personal data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

5. Sharing Personal Data with Processors

We may share personal data with trusted third parties who act as data processors on our behalf. These processors are only permitted to use personal data under our instructions and must protect it in accordance with data protection law.

Examples of processors may include:

  • IT and hosting providers who support our systems and data storage.
  • Payment service providers who handle transactions securely.
  • Security providers who support monitoring, alarms, or access control systems.
  • Professional advisers, such as accountants, auditors, or legal advisers, where necessary.
  • Maintenance and service contractors who require limited access to support operations.

We may also disclose personal data to data controllers such as regulators, law enforcement agencies, insurers, or other third parties where we are legally required or permitted to do so. We do not sell personal data.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, staff training, physical security controls, secure systems, and monitoring procedures.

Although we work hard to protect personal data, no system can be guaranteed to be completely secure. If a personal data incident occurs, we will respond appropriately and take steps required by law.

7. User Rights

As a data subject, you have a number of rights under data protection law. Subject to certain exceptions and limitations, these rights include:

  • The right of access to request a copy of the personal data we hold about you.
  • The right to rectification to ask us to correct inaccurate or incomplete data.
  • The right to erasure in certain circumstances, sometimes called the “right to be forgotten.”
  • The right to restriction to request limited processing in certain situations.
  • The right to object to processing based on legitimate interests or direct marketing, where applicable.
  • The right to data portability to receive certain data in a structured, commonly used format, where the law allows.
  • The right to withdraw consent where processing is based on consent.

You also have the right to lodge a complaint with a supervisory authority if you believe your data rights have been violated. We encourage you to raise concerns with us first so we can try to resolve them promptly and fairly.

8. Automated Decision-Making

We do not use personal data for automated decision-making that produces legal or similarly significant effects on individuals, unless this is specifically disclosed and permitted by law. If this ever changes, we will provide clear information about the logic involved and your rights.

9. International Transfers

If personal data is transferred outside the UK or the European Economic Area, we will ensure that appropriate safeguards are in place to protect the data in accordance with applicable law. These safeguards may include adequacy decisions, standard contractual clauses, or equivalent legal protections.

10. Children’s Data

Our storage services are generally intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary for lawful service administration and appropriate consent or authority has been obtained where required.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, operations, or security practices. Any revised version will apply from the date it is issued. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

12. Summary of Our Commitment

Bullscross Storage is committed to processing personal data fairly, lawfully, and transparently. We collect only what we need, use it for clear and legitimate purposes, retain it for appropriate periods, and share it only with processors or other parties when necessary and lawful. Your privacy matters to us, and we aim to safeguard it at every stage of our service.

Call Now!
Call Now Get a Quote
Bullscross Storage

GDPR-compliant privacy policy for Bullscross Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.