Our Privacy Notice

INTRODUCTION

At StorageMart and Manhattan Mini Storage your privacy matters, and we are committed to the responsible use of any personal data you provide us. As a data controller, all personal information provided to us will be processed under regulation of any applicable data protection laws and as outlined in our Privacy Policy and Notice. Our Privacy Policy and Notice outlines:

GLOBAL PRIVACY POLICY AND NOTICE

  • Information We Collect
  • How We Use Information
  • How We Share Information
  • Retention Periods
  • Our Use of Cookies
  • Discounts and Promotions
  • Information Regarding Changes to this Privacy Policy and Notice

GDPR

  • Your Data Protection Rights Under GDPR
  • Enquiries, Issues, and Complaints Under GDPR
  • Contacting StorageMart About GDPR

California Privacy Notice

  • California Consumers’ Rights and Choices Under CCPA
  • Collection of Personal Information from California Residents
  • CCPA Requests

VCDPA

  • Virginia Consumers’ Rights and Choices Under VCDPA
  • VCDPA Requests

GLOBAL PRIVACY POLICY AND NOTICE

Information We Collect

To provide our services, it is necessary to collect information from you as outlined in this Privacy Policy and Notice. We may do this through our website (ex. making an online “hold” or submitting customer information for email, phone, or text communication), via telephone or communications, or through in-person interactions (ex. when you visit a store to sign a rental or licence agreement).If you enter credit card information on the StorageMart domain, that information is sent directly from your browser to the third-party service provider we use to manage credit card processing, and we do not store it on our servers or have access to this information. The service provider is not permitted to use the information you provide except for the sole purpose of credit card processing on our behalf.

EXECUTING A RENTAL OR LICENCE AGREEMENT

When executing a self-storage rental or licence agreement we collect the following customer (or business) information:
  • Name
  • Complete address
  • Phone number(s)
  • Email address
  • Birthdate
  • Copy of Photo ID
  • Details regarding any alternate contact person(s) or authorized users (see “Information About Alternative Contact Person(s) or Authorized Users” for more information)
  • Payment details including bank or card information
  • If applicable, details identifying your business or vehicle (ex. information to store a vehicle or accept a package on your behalf)
  • Records of your interactions with us as a contracted customer

INITIATING SERVICE THROUGH OUR WEBSITE

When visiting our website, you may provide us with certain information to: receive communications regarding licensing a self-storage unit, “hold” a unit, or license a self-storage unit online. For these communications you may provide us with the following information:
  • Name
  • Complete address
  • Phone number(s)
  • Email address
  • Birthdate
  • Details regarding any alternate contact person(s) or authorized users (see “Information About Alternative Contact Person(s) or Authorized Users” for more information)
  • Payment details including bank or card information
  • Information you provide us regarding your customer preferences, wants, or needs (ex. information to store a vehicle or accept a package on your behalf); If you phone or email us, we may record any phone or call data your provide to us. The use of third-parties is sometimes needed to assist us with these services.

INITIATING SERVICE THROUGH TELEPHONE OR EMAILED COMMUNICATIONS

When phoning or email us, communications with you (ex. telephone calls, email, and SMS/MMS) may be recorded for training and quality purposes. Through phone or telephone, you may provide us with certain information to: receive further communications regarding licensing a self-storage unit, “hold” a unit, or license a self-storage unit online. For these communications you may provide us with the following information:
  • Name
  • Complete address
  • Phone number(s)
  • Email address
  • Birthdate
  • Details regarding any alternate contact person(s) or authorized users (see “Information About Alternative Contact Person(s) or Authorized Users” for more information)
  • Payment details including bank or card information
  • Information you provide us regarding your customer preferences, wants, or needs (ex. information to store a vehicle or accept a package on your behalf)

CUSTOMER ACCOUNT PORTAL

On the StorageMart domain you have the option to create an online customer account for account-management and payment purposes. If you create an account, the following information is accessible to you via your account portal:
  • Complete customer information
  • Information regarding your insurance or Value Coverage information (if applicable)
  • Payment receipts
  • Account history (ex. credit, payment description and amounts)
  • Current invoices

INFORMATION THAT IS AUTOMATICALLY COLLECTED

We automatically collect and store certain types of information about your use of our services, including information about your interaction with units, locations, content, and services available through StorageMart. Like many websites, we use "cookies" and other unique identifiers, and we obtain certain types of information when your web browser or device accesses StorageMart and other content served by or on behalf of StorageMart on other websites. If you visit our stores, some personal data may also be collected from entrance systems (ex. access-controlled keypads) or automated monitoring such as closed-circuit TV (more information on the retention of CCTV recordings located in paragraph five).

INFORMATION ABOUT ALTERNATIVE CONTACT PERSON(S) OR AUTHORIZED USERS

As a customer, you might provide us with details relating to one or more alternative contact person(s) and/or authorized users. Before providing us with someone’s details, you must check with them that they are happy to be an alternative contact person / authorized user and happy for you to provide us with their details and, if they are, you must draw their attention to this privacy policy and notice. If you have agreed to be an alternative contact person or authorized user for one of our customers, we will hold and process your personal data for these purposes and the relevant provisions of this privacy policy and notice apply to you.

How We Use Information

We or third-party companies we contract to process data on our behalf (more information on third-party data processing can be found below) may obtain and use your personal information for the following purposes:
  • Enter into contract with you for our services
  • Execute services in accordance with our self-storage rental or licence agreement
  • Provide notice to you in accordance with our self-storage rental or licence agreement or applicable self-storage regulations
  • Provide payments services, including invoices, receipts, late payment notices or similar items
  • Identify you to provide account services and maintenance
  • Make our website available to you and respond to the completion of any online forms (ex. request for information about renting a self-storage unit)
  • Where you have given us consent to provide you with promotional content (via mail, e-mail, or SMS/MMS messages)
  • Conduct market studies
  • Utilize cookies and collected information to analyze the use of our website and improve our website (more information on cookies below)
  • Comply with any legal obligations and laws.

PURPOSES FOR PROCESSING DATA

We may process your data for the reasons above for the following reasons:
  • Required for performing necessary items related to the performance of a contract or as required to initiate the process of entering a contract
  • Legitimate business interest to process the data and after careful evaluation as to offer appropriate privacy protection
  • You have given us consent to do so.

How We Share Information

The StorageMart corporate office is located in the United States, and for that purpose, data is stored and accessed in the United States. Most customer information we collect (whether in the United State, Canada or European Economic Area) is processed outside in the United States, even when only handled internally by us. When we transfer or process data outside of the United States (including Canada and the EEA), we will take all steps required by law to ensure sufficient protections are in place to safeguard your personal data, including where appropriate putting in place contractual terms approved by the relevant regulatory authorities.

DATA IS SHARED WITH THIRD-PARTIES AS FOLLOWS:

We may share your personal data with:
  • Services that support business operations, such as payment processing, technology services (including electronic mail delivery)
  • Third-party insurance services for which you contract
  • Any person you have named as an account-holder or person(s) legally authorized to do business on your behalf.
We may also share your personal information with third parties if we are under a duty to share your personal information in order to comply with any legal obligation, or in order to enforce or apply such other terms as apply to our relationship, or to protect the rights, property, or safety of our customers, ourselves or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

Additionally, we will share personally identifiable information if we have a good faith belief that: (i) access, use, preservation or disclosure of such information is reasonably necessary to satisfy any applicable law, legal process (such as a court order or subpoena), request by law enforcement or governmental authorities; (ii) such action is appropriate to enforce the terms of your agreement with us, including any investigation of potential violations thereof; (iii) such action is necessary to detect, prevent, or otherwise address fraud, security, or a violation of our intellectual property rights or the intellectual property rights of others; or (iv) such action is appropriate to protect our rights, property or safety of our employees, affiliates, agents, contractors, other users of the Website, other users of our company’s services or others.

Retention Periods

We will store your personal data only for as long as we have a legitimate business interest or legal obligation to do so, including:
  • Retaining customer information as necessary for the performance of a contract
  • Record retention for legal or accounting obligations, and analysis of historical business operations.CCTV recordings are stored for a maximum of 30 days unless required to fulfill legal obligations or required for legitimate business interest (ex. investigating a breach of our self-storage rental or licence agreement).

Our Use of Cookies

Part of our dedication to providing the best possible customer experience is ensuring we keep pace with web development trends that can help us provide a better user experience on our website. You can read our full Cookie Policy online.

Discounts and Promotions

Promotions are subject to change at any time due to availability and our discretion. Offered only on select units. This offer applies only to the rental fee. Other restrictions may apply including taxes. Promotions may apply to the next calendar month or to the remainder of the current calendar month depending on the day of rental and local conditions. See contract for full details. We may offer additional discounts, sales, and limited time sales at any time.
  • 2020 "Spring Super Sale" will be available for a limited time from May 19 - May 31, 2020 on select units, while supplies last.

Changes to This Privacy Policy and Notice

We reserve the right to alter this privacy policy and notice at any time. Such alterations will be posted on our website. You can also obtain an up-to-date copy of our privacy policy and notice by contacting us as dpo@storage-mart.com. Should you object to any alteration, please contact us.

GDPR

Your Data Protection Rights (GDPR)
If you are a resident of the European Economic Area, under certain circumstance, by law you have the right to:
  • Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it
  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected
  • Request the erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground
  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example, if you want us to establish its accuracy or the reason for processing it
  • Request the transfer of your personal information to another party.
If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal data, or request that we transfer a copy of your personal information to another party, please use our contact details in paragraph ten. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it. Enquires, Issues, and Complaints (GDPR)
In the unlikely event that you have any concerns about how we use your personal information, please contact us as described in paragraph ten.If you make a complaint about our handling of your personal information, it will be dealt with in accordance with our complaints handling procedure.If you are a citizen of the EU and we are unable to resolve your complaint, you may make a complaint to the Information Commissioner’s Office. Please see https://ico.org.uk/for-the-public for more information.
Contacting StorageMart (GDPR)
If you need to contact us about this policy and notice or any matters relating to the personal information we hold on you, you can do so via our Data Protection Officer, who may be contacted at dpo@storage-mart.com Data Protection Officer Ingleby HouseCrowhurst Road Brighton BN1 8AF

Further information (GDPR)
We hope that the contents of this privacy policy and notice address any queries that you may have about the personal information we may hold about you and what we may do with it. However, if you do have any further queries, comments, or requests, please contact us as described in paragraph ten above. For citizens in the EU, whilst this privacy policy and notice sets out a general summary of your legal rights in respect of personal information, this is a very complex area of law. More information about your legal rights can be found on the Information Commissioner’s website at https://ico.org.uk/for-the-public/.

StorageMart California Privacy Notice

Information for California Residents

We collect Personal Data from Consumers and comply with the California Privacy Rights Act (“CPRA”). This California Privacy Notice applies to California residents (“Consumers,” “you,” or “your”).

For the purposes of this California Privacy Notice, “Personal Data” means information that is linked or reasonably linkable to a particular individual or household. However, the following categories of information are not Personal Data:
  • Publicly available information;
  • Deidentified or aggregated data; or
  • Information otherwise excluded from the scope of the CPRA.

This Privacy Notice provides the following information to California Consumers:
  • Categories of Personal Data we collect;
  • Purposes for which we use Personal Data;
  • Categories of Personal Data we disclose to third parties;
  • Categories of third parties to which we disclose Personal Data; and
  • How Consumers can exercise their rights under the CPRA:
o The rights to access, correct, or delete Personal Data;
o The right to obtain a portable copy of Personal Data;
o The right to limit the use of sensitive personal data in certain circumstances; and
○ The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data,
or certain profiling.


Categories of Non-Sensitive Personal Data
The table below outlines the non-sensitive categories of Personal Data StorageMart collects about Consumers and whether and how they are disclosed to third parties.
We collect Non-Sensitive Personal Data from the following sources:
  • Directly from our users

Category of Personal Data:
Identifiers
Examples: Identifiers may contain the following: information given directly from consumers
Purpose(s)
To assist with creating, entering into, and enforcing the terms of our rental agreement.
Sale
We do not sell Personal Information to anyone
Sharing
This data is not shared with third parties
Retention Period
We retain this data until the user deletes their account, after which it is retained only to the extent required by applicable law or for purposes of preventing fraud.

Category of personal information we may collect: Internet/Electronic Activity
  • Categories of sources from which we may obtain your “Internet/Electronic Activity” include: Directly from consumers
  • The purposes for collecting your “Internet/Electronic Activity” include: To improve our customer experience. Marketing.

Category of personal information we may collect: Geolocational Data
  • Categories of sources from which we may obtain your “Geolocational Data” include: Directly from consumers
  • The purposes for collecting your “Geolocational Data” include: To improve our customer experience. Marketing.

Categories of Sensitive Personal Data
The table below outlines the categories of Sensitive Personal Data StorageMart collects about Consumers and whether they are shared with third parties. StorageMart obtains affirmative consent from Consumers to process the Sensitive Personal Data, in compliance with applicable law.

We collect Sensitive Personal Data from the following sources:
  • Directly from our users
Use of Personal Data
We use Personal Data for the purposes described above. Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.

Disclosing Personal Data
We share Personal Data with the following categories of third parties:
  • Processors: We use processors to securely handle Personal Data on our behalf and only on our instructions. These companies may not use your Personal Data for their own purposes.

See the tables above for more details about how different categories of Personal Data are shared.

We do not sell Personal Data to anyone.


Exercising Your Personal Data Rights
California Consumers have the following rights under the CPRA:
  • The rights to access, correct, or delete Personal Data;
  • The right to obtain a portable copy of Personal Data;
  • The right to limit the use of Sensitive Personal Data in certain circumstances; and
  • The rights to opt out of the sharing of Personal Data for behavioral advertising, sales of personal data, or certain profiling.

If you are a California Consumer, you can submit a request to exercise your personal data rights under the CPRA by visiting our online portal at https://www.requesteasy.com/63ad-1207. To protect your privacy, we may need to authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request. You may also make those requests by calling (866) 350-5900. Please be aware that we do not accept or process rights requests through other means (e.g., via fax or social media).

After submitting your request online, you will receive a follow-up email, which may include a link you must click on in order to verify your identity. If you do not click on that link, we may be unable to complete your request due to lack of verification. It is important that you provide a valid email address in order for us to be able to process your request.

We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic. Also note that each of the rights are subject to certain exceptions.

We reserve the right to decline to process, or charge a reasonable fee for, requests from a Consumer that are manifestly unfounded, excessive, or repetitive.

Behavioral Advertising
The CPRA defines “sharing” as disclosing Personal Data to a third party for behavioral advertising, sometimes referred to as “targeted advertising.” An example of this is displaying advertisements to a consumer where the advertisement is selected based on Personal Data obtained from that consumer's activities over time and across nonaffiliated websites or online applications to predict such consumer's preferences or interests. We share some Personal Data for behavioral advertising. You can opt out of the sharing of your Personal Data for behavioral advertising by submitting a rights request as described above.

Limiting the Use of Sensitive Personal Data
The CPRA provides a right to limit some uses of Sensitive Personal Data. In particular, you may direct companies not to use Sensitive Personal Data except as necessary to provide goods or services you have requested.

You may submit a request to limit the use of your sensitive Personal Data by submitting a rights request as described above.

Authorized Agent Requests
The CPRA allows you to designate an authorized agent to make a rights request on your behalf. Your authorized agent may submit such a request by following the same method described above. We may require verification of your authorized agent in addition to the information for verification above for Consumers and households.

Contact Us
If you have any questions or concerns regarding this California Privacy Notice, contact us at dpo@storage-mart.com.

StorageMart Virginia Privacy Notice

Information for Virginia Residents

We collect Personal Data from Consumers as a Controller under the Virginia Consumer Data Protection Act, as amended or superseded from time to time (“VCDPA”). This VCDPA Privacy Notice applies to Virginia residents (“Consumers,” “you,” or “your”).

For the purposes of this VCDPA Privacy Notice, “Personal Data” means information that is linked or reasonably linkable to a particular individual. However, the following categories of information are not Personal Data:
  • Publicly available information;
  • Deidentified data; or
  • Information otherwise excluded from the scope of the VCDPA.

This Privacy Notice does not apply to the information of individuals acting in a commercial or employment context, such as job applicants to StorageMart (“StorageMart”) or employees or contractors of StorageMart. Persons acting in those roles should review the applicable CPA Limited Privacy Notice made available by StorageMart.

This Privacy Notice provides the following information to Virginia Consumers:
  • Categories of Personal Data we collect;
  • Categories of Personal Data we share with third parties;
  • Purposes for which we use Personal Data;
  • Categories of third parties with whom we share Personal Data; and
  • How Consumers can exercise their rights under the CPA:
  • How Consumers can exercise their rights under the CPA:
o The rights to access, correct, or delete Personal Data;
o The right to obtain a portable copy of Personal Data; and
o The right to opt out of targeted advertising, sales of personal data, or certain profiling.

Categories of Non-Sensitive Personal Data
The table below outlines the categories of Personal Data StorageMart collects about Consumers and whether they are shared with third parties.
We collect Non-Sensitive Personal Data from the following sources:
  • Directly from our users
  • Inferences from your activity

Categories of Sensitive Personal Data
We do not Process any categories of Sensitive Personal Data

Use of Personal Data
We use Personal Data for the purposes described above. Personal Data may also be used or disclosed as otherwise permitted or required by applicable law.

Sharing Personal Data
We share Personal Data with the following categories of third parties:
  • Processors: We use processors to securely handle Personal Data on our behalf and only on our instructions; these companies may not use your Personal Data for their own purposes.

See the table above for more details about how different categories of Personal Data are shared.

We do not sell Personal Data to anyone.

Exercising Your Personal Data Rights
Virginia Consumers have the following rights under the VCDPA:
  • The rights to access, correct, or delete Personal Data;
  • The right to obtain a portable copy of Personal Data; and
  • The right to opt out of targeted advertising, sales of personal data, or profiling.

If you are a Virginia Consumer, you can submit a request to exercise your personal data rights under the VCDPA via https://www.requesteasy.com/63ad-1207. You may submit a rights request free of charge up to twice per year. To protect your privacy, you must authenticate your identity before we respond to your rights request. We will use commercially reasonable efforts to verify your identity for this purpose. Any information you provide to authenticate your identity will only be used to process your rights request.

After submitting your request online, you will receive a follow-up email, which may include a link you must click on in order to verify your identity. If you do not click on that link, we may be unable to complete your request due to lack of verification. It is important that you provide a valid email address in order for us to be able to process your request.

We will respond to your rights request within 45 days, though in certain cases we may inform you that we will need up to another 45 days to act on your request. If we suspect fraudulent or malicious activity on or from your account, we will delay taking action on your request until we can appropriately verify your identity and the request as authentic. If you believe our response to your rights request is insufficient, you can appeal our decision by contacting Data Protection Officer at dpo@storage-mart.com and we will inform you of our final decision within 45 days.

We reserve the right to charge a reasonable fee for, or decline to process, requests from a Consumer that are manifestly unfounded, excessive, or repetitive.

Targeted Advertising
The VCDPA defines “targeted advertising” as displaying advertisements to a consumer where the advertisement is selected based on personal data obtained from that consumer's activities over time and across nonaffiliated websites or online applications to predict such consumer's preferences or interests. We use Personal Data for targeted advertising. You can opt out of the use of your Personal Data for targeted advertising by submitting a rights request as described above. Please be aware that we do not accept or process opt-out requests through other means (e.g., via fax or social media).

Contact Us
If you have any questions or concerns regarding this VCDPA Privacy Notice, contact us at dpo@storage-mart.com.