Henley Self Storage

& West Estates Limited

Privacy Policy and GDPR Compliance

1. INTRODUCTION

1.1 This document is created on the basis and in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 with the purpose to inform you regarding your rights under GDPR legislation.

1.2 This document applies to you, in your quality of user of Henley Self Storage and West Estates Limited and in relation with the use of your data and how it is applied and used within our business.

2. Who is collecting your personal data?

2.1 Your personal data is collected by Henley Self Storage & West Estates Limited  who provide space for self storage, offices and general letting as a landlord.

3. What data is being collected?

3.1 We collect the following personal data, made available by you through gocardless our payment/ direct debit provider and stored on space manager a software database. There is also a paper copy kept depicting: Name, email, telephone, company name if applicable, The information collected is billing information, your activity through access control for security purpose

The data is collected with the purpose to provide you a service .

The minimum following data is mandatory to be provided: name, address,email and billing information, unless we will not be able to provide the Service to you. As a consequence, you will not be able to use our services on offer

3.2  We also collect the following personal data, on marketing purposes: name, address and email. We will collect such data based on your consent. You can withdraw your consent, anytime.

4. What is the legal basis for processing the data? How will the information be used?

4.1 We will process the data mentioned under clause 3.1. based on GDPR Regulation article 6 paragraph 1, letter a and with the exclusive purpose of providing you the Service (the right to access the premises and use our services).

4.2 We will process the following personal data: billing information based on GDPR Regulation article 6 paragraph 1 letter c, taking into consideration that we have a legal obligation to store your billing details for accounting reasons.

4.3 We will process the data mentioned under clause 3.2. based on GDPR Regulation article 6 paragraph 1, letter b, on marketing purposes. Therefore, based on your consent, we will send you from time to time marketing emails to promote our Service. Also, from time to time we will target you in our social media marketing campaigns.

5. Will the data be shared with any third parties?

5.1 We will not share your data with third parties unless: we will have such a legal obligation; we will have your consent; it is necessary to share information in order to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the physical safety of any person, violations of Terms of Service, or as otherwise required by law. We may also share your data with our service providers such as Space Manager (our database provider), Gocardless (our payment collection system) and other similar service providers.

6. How long will the data be stored for?

6.1 We will store the data mentioned under clause 3.1.: name and email as long as you have an active account with us, taking into consideration that we cannot keep your user account active without this information.

6.2 We will store your billing information for the period required by the applicable laws.

6.3 We will store the other data mentioned under clause 3.1. as long as we will provide you Services in accordance with the Terms and Conditions (on the basis of a trial or paid subscription plan) and for a 30 days period after that.

6.4 We will store the data mentioned under clause 3.2. as long as we have your consent regarding the data processing on marketing purposes, but no more than 10 years. Therefore, we will delete your data: a) at the moment you cancel your consent; and/or b) at the expiration of 10 years period.    

Please be advised that we decided to store your information for a period up to 10 years (unless you withdraw your consent earlier), having into consideration that during the time we might develop some functions or services related to the Services we provide, that you might want to use. Therefore, we want to be able to announce you each time we develop a new function and/or a new service that might be fit to you. We will delete your data at the end of the storage period.

7. Where do we store the data?

7.1 The data is stored in cloud, in European Union, United States and/or Australia. A back up paper cop[y is stored in a locked cabinet.

8. What security measures we have implemented?

8.1 In order to protect your data, we have implemented security measures in accordance with the applicable laws and the best industry practices. We will protect your data for any security incidents, but we cannot guarantee that such incidents cannot occur.

8.2 In case of personal data breach which is likely to result in a high risk to your rights and freedoms we will communicate the personal data breach to you, without undue delay.

9. What rights do you have?

9.1 According to GDPR Regulation, you have the right to:

  • information about the processing of your personal data;

  • obtain access to the personal data held about you;

  • ask for incorrect, inaccurate or incomplete personal data to be corrected;

  • request that personal data be erased when it’s no longer needed or if processing it is unlawful;

  • object to the processing of your personal data for marketing purposes or on grounds relating to your particular situation;

  • request the restriction of the processing of your personal data in specific cases;

  • receive your personal data in a machine-readable format and send it to another controller (‘data portability’);

  • request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers. You also have the right in this case to express your point of view and to contest the decision.

9.2 To exercise your rights, please contact us by email: west.estates@me.com. We will try to respond to your request as fast as we can, but no later than 1 month since we received your request.

9.3  We might ask you to provide information to confirm your identity (such as, clicking a verification link, entering a username or password, id copies or others) in order to be able to respond to your request.

10. Do we use automated individual decision-making, including profiling?

10.1 No, you will not be subject to any decision based solely on automated processing, including profiling.

11. Cookies

11.1  A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a web site's computers and stored on your computer's hard drive. We do not use cookies.

11.2 We do not use cookies to record current session information, we do do not use permanent cookies. 

12. How can you raise a complaint?

12.1 According to GDPR Regulation, you have the right to lodge a complaint with a supervisory authority. Usually you will lodge a complaint with the supervisory authority headquartered in your country .

13. How can you contact us?

13.1 For any question or request regarding your data, please contact us at the following email address: west.estates@me.com

This document has been updated and is applicable since: 22 May 2018

Henley Self Storage & West Estates Limited