Data Protection Policy for Camstorage Self-Storage Services in Compliance with GDPR
1. Introduction
This Data Protection Policy outlines the principles and practices we adhere to when collecting, processing, storing, and managing personal data in accordance with the General Data Protection Regulation (GDPR). This policy applies to all personal data collected and processed by Camstorage in the context of self-storage agreements.
2. Data Controller and Data Protection Officer
J, J and A Paul trading as Camstorage acts as the Data Controller responsible for the processing of personal data. The Data Protection Officer (DPO) is designated to ensure compliance with data protection laws. For any concerns or inquiries related to data protection, you can contact the DPO at admin@camstorage.co.uk or 01223 901 021.
3. Types of Personal Data Collected
We collect and process the following types of personal data as part of our self-storage agreement:
-
Contact information (name, address, phone number, email)
-
Identification information (government-issued ID, driver's license)
-
Billing and payment information
-
CCTV footage for security purposes
-
Any additional information provided by the customer for the purpose of the self-storage agreement.
4. Legal Basis for Processing
We process personal data for the following lawful purposes:
-
To fulfill the self-storage agreement
-
To comply with legal obligations
-
To protect the legitimate interests of [Your Company Name]
-
With the explicit consent of the data subject
5. Data Minimization
We collect and process only the personal data that is necessary for the purposes for which it is collected. We ensure that the data collected is adequate, relevant, and limited to what is necessary for the intended purposes.
6. Data Security Measures
We implement appropriate technical and organizational measures to ensure the security of personal data. This includes, but is not limited to:
-
Encryption of sensitive data
-
Access controls and restricted access to personal data
-
Regular security assessments and audits
-
Employee training on data protection principles
7. Data Retention
We retain personal data for the duration necessary to fulfill the purposes for which it was collected, as well as to comply with legal obligations. After the retention period, personal data is securely deleted or anonymized.
8. Data Subject Rights
Data subjects have the following rights under GDPR:
-
The right to access personal data
-
The right to rectification
-
The right to erasure
-
The right to restrict processing
-
The right to data portability
-
The right to object to processing
Data subjects can exercise these rights by contacting [Your Company Name] using the contact details provided.
9. Data Breach Notification
In the event of a data breach that poses a risk to the rights and freedoms of data subjects, Camstorage will notify the appropriate supervisory authority and affected data subjects as required by GDPR.
10. Policy Review and Updates
This Data Protection Policy is subject to periodic review and may be updated to reflect changes in legal requirements or our business practices. Data subjects will be informed of any significant changes to this policy.
J, J and A Paul (Camstorage)
[01.12.2023]
The most convenient Cambridge self-storage company available.