1800 683 290 Back to National Storage

Privacy Policy

Our approach to privacy

This policy describes how we collect use, store and disclose your personal information in accordance with our legal obligations, including under the Privacy Act 1988 (Cth) in Australia and the Privacy Act 2020 in New Zealand.

In this policy, when we say:

  • we, our or us – we mean National Storage Holdings Limited (ABN 38 166 572 845), National Storage Limited (NZBN 9429041658635) and our related companies from time to time, including those outlined in section 13 of this Policy;
  • you – we mean you, the reader of this policy; and
  • the Privacy Act – we mean the Privacy Act 1988 (Cth) if you are located in Australia, and the Privacy Act 2020 if you are located in New Zealand.

The Privacy Act contains exemptions and permitted general situations in relation to certain acts undertaken, including in relation to employee records, legal claims and litigation and related bodies corporate. Where appropriate, we make use of relevant exemptions in the Privacy Act.

We may modify this policy from time to time by publishing updates on our website. We encourage you to check our website periodically to ensure you are aware of our current privacy policy. We may also update individuals about how their personal information is collected and handled over the course of our relationship with those individuals.

What personal information do we collect?

Personal information includes information or an opinion (whether true or not) about an identified or a reasonably identifiable individual.

The table below identifies the types of personal information that we may collect and hold about you.

Type of personal information Examples (non-exhaustive)
Personal and contact details This may include:

•                      your name, address, age or date of birth, postcode, phone number, email address and employment details; and

•                      the contact and identification details of any third party that has been authorised to negotiate or provide personal information on your behalf (including any attorneys appointed by you under a power of attorney).
Payment information This may include your debit card, credit card or bank account details.
Information we collect about your interactions with us, including digital and/or behavioural information This may include:

•                      information regarding the purpose and times of your visitation at our sites or premises;

•                      telephone and video/CCTV recordings and photographs;

•                      information to identify the devices and IP addresses and ISPs you use to access our website or online services;

•                      details of the services we have provided to you or that you have enquired about, including any additional information necessary to deliver those services or respond to your enquiries; and

•                      information that we generate about how you use our products and services and online platforms, including statistics on page views, traffic to and from the sites, ad data and standard web log information.
Government issued identifiers and identification documents This may include your Medicare card (where applicable), passport or drivers licence, or any other local or foreign government issued identity documents.
Sensitive information This may include:

•                      pre-work health screening check information where you have a condition that may affect or be exacerbated by your employment;

•                      any health information you provide when accessing our sites or which is relevant to a safety incident that occurs on one of our sites or in the course of your employment or contract with us;

•                      biometric information (such as fingerprints, palm prints or face), where this information is collected and used for the purposes of biometric verification or biometric identification; and

•                      criminal history, racial or ethnic origin, religious or philosophical beliefs, sexual orientation and any trade union membership which may be collected during the recruitment process, in the course of your employment with, in connection with the provision of contracted services to us, or as otherwise relevant to our relationship or engagement with you.
If you apply for a role with us, information relevant to your potential working relationship This may include your work history, reference and background check information, identity verification information and information about your right to work in Australia.
If you are a current or former employee, contractor, or office holder, other information as necessary and relevant to your employment (or engagement) This may include your emergency contact details, tax file number or IRD number, information about remuneration and benefits and information about your performance, training and development.
If you are a supplier, or if you visit or access our sites This may include:

•                      information regarding the purpose and times of your visitation at our sites or premises; and

•                      information we may require to onboard you to our systems and processes and/or provide you with access to our sites or premises.
If you are a shareholder This may include:

•                      identity information, including your name, address and contact information;

•                      your relationship to other people;

•                      financial and transactional information, including your bank account details and tax file number; and

•                      marketing and communication preferences.
Other personal information made available to us from time to time, including via interactions with us This may include:

•                      information provided through business dealings; and

•                      information provided when submitting a customer inquiry, information request or survey, or lodging a complaint.

How do we collect your personal information?

We generally collect your personal information directly from you, for example when you:

  • enquire about, apply for, or use our products or services;
  • communicate with us through any means (eg in person, or via email, chats or social media platforms); or
  • interact with our websites, app, services, content or our marketing and promotional activities.

In some circumstances we may collect your information from third parties which may include:

Type of person Further detail (non-exhaustive)
Your representatives Any persons you have appointed as your representatives, such as an individual authorised to act on your behalf (eg an authorised person under your account), your legal adviser, guardian or those holding your power of attorney.
Verifiers Third parties that assist in verifying information about you, including:

•                      your doctor, to verify your medical history and/or fitness to work;

•                      your current or former employer, to verify your employment status or identity, or previous performance; and

•                      other third parties (recruiters, previous employers, referees and CV checking agencies) that we may use to conduct background and ID checks and/or who can assist us in our assessment of your suitability for a role.
Related third parties This may include:

•                      professional advisors;

•                      contracted service providers; and

•                      other organisations with whom we do business.
Publicly available sources Including from:

•                      online forums, websites, Meta, LinkedIn, X, YouTube or other social media (eg if you use social media to make a complaint); and

•                      public registers (eg registers held by ASIC).
Recruiters, previous employers, referees, CV checking agencies and government and law enforcement agencies When you apply for a job or position with us, we may collect information about you from relevant third parties who can assist us in our assessment of your suitability for a role.

Why do we collect, use and disclose your personal information?

In general, we use your personal information to enable us to conduct our business.  We may use or disclose your personal information where we are permitted to do so under applicable laws, and/or where we have received your consent.

Purpose How we may use your personal information
Engage with you as a customer or customer representative To provide you with, and manage the products and services you or your business purchase or obtain from us, including to communicate with you and provide you with other administrative related information and assist with your application for insurance over storage contents with us, if requested.
Engage with you as a contractor / service provider To engage with you in connection with products or services provided to us, including to enable access and use of our systems and facilities, communicate with you and provide you with other administrative related information.
Manage our operations and improve our business To:

•                      deliver our products and services;

•                      make and manage payments;

•                      manage and administer accounts;

•                      update and maintain our records;

•                      respond to complaints;

•                      operate, protect and improve our website, app and other customer service processes;

•                      conduct necessary searches, including Personal Property Securities Register searches in the event of default;

•                      manage and administer investments including updating or maintaining the register for National Storage REIT; and

•                      conduct marketing and research activities.
Comply with legal obligations To comply with laws and assist government or law enforcement agencies where we are required or authorised to do so.
Manage security and risk To manage our security and risks, such as:

•                      monitoring physical properties to ensure the safety of our people, suppliers and others;

•                      detecting and deterring the inappropriate, unauthorised, suspicious or criminal use or behaviour on our sites and facilities;

•                      investigating health and safety incidents; and

•                      supporting the management of our information security and network procedures to prevent cyber-attacks, unauthorised access and other criminal or malicious activities.
Sales or acquisitions To support any changes to the ownership of assets or our business, such as in connection with actual or potential divestments, acquisitions, restructures, investments or sales.
Engage with our related companies We may share your personal information with our related companies in the course of running our business and managing and enforcing our contracting arrangements (including where those entities may support our business functions or carrying out sponsorship / partnership functions).
Information collected for recruitment or employment purposes If individuals apply for a role or position with us, to determine whether to make an offer of employment or engage individuals under a contract including to contact individuals when we may need to tell them something important about the prospective employment/engagement or request for additional information.
Direct marketing From time to time, we may also use or disclose your personal information to tell you about offerings, products and services we think may be of interest to you, administer surveys, contests or other professional events sponsored or managed by us or our business partners, but we will stop if you ask us to. You can opt out of receiving marketing material from us by using the unsubscribe link contained in all the relevant communications.

We may contact you by various means, including by mail, telephone, email, SMS or other electronic means, such as through social media or targeted advertising.
Data analytics To carry out data analytics activities to help us personalise your experience, develop insights, enhance our products and services and better understand your preferences. As part of these activities, your personal information may be disclosed to third parties including but not limited to Google, HubSpot, Microsoft, SiteLink and Zoom.
Automated decision making To make automated decisions in relation to arrears notices and follow-up communications, insurance contact management, and customer eligibility, which may include using third party software, artificial intelligence and machine learning. We do this to streamline our operations and enhance customer experience.
Other purposes We may also use individual personal information for any other lawful purposes identified at the time of collecting personal information, or a purpose that is directly related to the purpose for which the personal information was originally collected.

Who do we share your information with?

We may share your personal information with the parties identified in the table below.

Type of party Description
Our related companies See list in section 13. We also share information with our employees.
Third party suppliers This may include:

•                      auditors, lawyers, accountants, consultants, insurers, insurance brokers and re-insurers;

•                      service providers that assist us to identify, investigate or prevent fraud or other misconduct;

•                      organisations that we partner with to provide services and products such as business partners, affiliated insurance brokers (if you have requested our assistance to obtain insurance for your storage contents), and other third party service providers (including removalist, registry service, operating, IT, marketing and other payment system operators);

•                      providers of data related services; and

•                      our share registry provider.
Verifiers Third parties that assist in verifying information about you, including:

•                      your doctor, to verify your medical history and/or fitness to work;

•                      your employer, to verify your employment status or performance;

•                      your financial service provider, to review charge back requests;

•                      credit reporting bodies, if you have defaulted on the payment of your rental or other fees; and

•                      other third parties (recruiters, previous employers, referees and CV checking agencies) that we may use to conduct background and ID checks and/or who can assist us in our assessment of your suitability for a role.
Authorised third parties This includes:

•                      third parties authorised to act for you (eg your agents and representatives, legal representatives, financial advisors or people with a power of attorney); and

•                      third parties authorised to receive information held by us, such as your employer or a referee.
Persons with an interest in stored goods Persons who can demonstrate a legal or equitable interest in your stored goods, including liquidators or administrators.
Government agencies, law enforcement and regulators This includes government agencies, regulatory bodies, law enforcement agencies, or any other person as required, authorised or permitted by law.
Persons with an interest in our business Anyone to whom our assets, businesses or securities (or any part of them or an interest in them) are or may be transferred (including their advisers and representatives).
Professional advisors This includes our insurers, auditors, lawyers and consultants, as required.
Other entities We may also disclose your personal information to other entities with your consent.

 

Offshore disclosure of your personal information

We may disclose your personal information to recipients outside the country you are located in for the purposes referred to in this policy, including to New Zealand (if you are in Australia), Australia (if you are in New Zealand), India and the United States of America.

If you are located in New Zealand, there may be differences between New Zealand’s privacy laws and those of the overseas locations in which your personal information (and other data we collect) is located. We will only provide your personal information to recipients outside New Zealand or Australia if we have reasonable grounds to believe that it will be protected in a way that provides similar protections to those under the Privacy Act, or if we have your permission.

Automated decision making

In some circumstances we use personal information about you to make automated decisions which may impact you, either solely by operation of a computer program, or by a member of our staff with input from a computer program as part of our decision-making process.

Using our website, electronic messages and cookies

We may collect and store information about your use of our website, such as which pages you visit, the time and date of your visit and the IP (internet protocol) or MAC (media access control) address assigned to your device.

We and our hosting provider also collect information such as the pages you access on our website, the documents you download, items in your cart, the amount of time you spend on a page or viewing a webinar, which links you use to access our site and the type of device and browser you use. This information is aggregated and used for system administration, to improve the services we offer you and for statistical, website development and functionality purposes.

We may also use cookies to collect information about your activity on our website so that we can send you information we think may be of interest to you. When cookies are used on this site, they store information about your visit, which may include a unique identifier or value to indicate whether you have visited a webpage. We may use this to identify you when you engage with our website more than once, to personalise the content of the website for you and to enable transactions to be carried out and information about customer accounts to be accessed.

Cookies themselves only record which areas of the site have been visited by the computer in question, and for how long. Allowing us to create a cookie does not give us access to the rest of your computer and we will not use cookies to track online activity once you leave the site. Cookies are read only by the server that placed them and are unable to execute any code or virus.

Most internet browsers are set up to accept cookies. If you do not wish to enable cookies, you may be able to change the settings of your browser to refuse all cookies or to notify you each time a cookie is sent to your computer.

If you click through to our website from any newsletter, invitation, update or other email or message we send to you, we may identify and collect information relating to your subsequent and previous use of our website, such as which pages you visit and for how long.

We will hold that information and, subject to your communication preferences, we may contact you in relation to those insights or service areas. If you do not want to receive marketing emails from us, you can opt out at any time by unsubscribing via the unsubscribe link contained in the relevant communication.

How do we store and keep your information secure?

We may hold your personal information in either electronic or hard-copy form. We use a variety of physical and electronic security measures to keep your personal information secure from misuse, interference, loss or unauthorised access, use or disclosure. For example, we restrict physical access to our offices, employ firewalls, secure databases, password protect our IT systems, use anti-virus software and use cyber security services.

However, we cannot guarantee the security of your personal information. The internet is not a secure environment. If you do use the internet to send us any information, including your email address, please be aware that it will be sent at your own risk.

Our websites and electronic communications may contain links to other websites operated by third parties. Unless expressly stated otherwise, we are not responsible for the privacy practices or the content of those linked websites. The privacy policies that apply to those other websites may differ from our privacy policy, so we encourage individuals to read them before using those websites.

Accessing or correcting your personal information

You have rights under the Privacy Act, the Spam Act 2003 (Cth) in Australia and/or the Unsolicited Electronic Messages Act 2007 in New Zealand to (as applicable):

  • request access to personal information we hold about you;
  • ask us to update or correct any information that is inaccurate, incomplete or outdated; and
  • opt out of receiving direct marketing communications from us.

You can do any of these things by contacting our Privacy Officer using the contact details below.

If you are in Australia, we will try to make your information available within 30 calendar days after you ask us for it.

If you are in New Zealand, we will try to respond to your request for your personal information within 20 working days after you ask us for it.

If it will take us longer to respond, we will tell you how much more time we need and the reason why.

If you request access to your personal information or ask us to correct or update information about you, we may need to verify your identity. In some circumstances, there may be a valid reason for us to deny your request to access or correct your information. If we do this, we will tell you why.

We will not charge an application fee for making a request to access the personal information we hold about you or for making any corrections to the personal information we hold about you. However, in certain circumstances we may charge you a fee for providing you with access to your personal information, for example, if you make multiple requests for information, the information requested is voluminous or if we incur third party costs in providing you with access to your personal information.

Making a complaint

If you think we have breached the Privacy Act, or are not happy with our response or how we handled your query (including our response to your request to access or correct your personal information) or how we have handled your personal information, you can contact us using the contact details below.

Please note that we require all complaints to be made in writing and request that you include your name, email address and/or telephone number, as well as a clear description of your complaint. If you are not satisfied with the outcome of any internal investigation we conduct, you may lodge a complaint with the relevant regulator for your country.

In Australia: Office of the Australian Information Commissioner (OAIC) at [email protected] or on 1300 363 992. More information is available on the OAIC’s website at https://www.oaic.gov.au/.

In New Zealand: Office of the Privacy Commissioner (OPC) using its enquiry form at https://www.privacy.org.nz/news/contact-us/enquiry-form or on 0800 803 909. More information is available on the OPC’s website at www.privacy.org.nz.

Contact details

Phone: Australia:                      07 3218 8100

New Zealand:    0800 742 310
Email: [email protected]
Website: Australia:                      www.nationalstorage.com.au

New Zealand:    www.nationalstorage.nz
Address: Level 16 Waterfront Place, 1 Eagle Street, Brisbane, QLD, 4000
Feedback Form: Found here.

Related companies

This Privacy Policy applies to National Storage Holdings Limited (ABN 38 166 572 845), National Storage Limited (NZBN 9429041658635) and our related companies from time to time, including:

  • BFNS Operations Pty Ltd*;
  • National Storage (NZ) Pty Ltd;
  • National Storage (Operations) Pty Ltd;
  • National Storage Developments Pty Ltd;
  • National Storage Finance Pty Ltd;
  • National Storage Financial Services Limited;
  • National Storage Investments Pty Ltd;
  • National Storage No.2 Pty Ltd;
  • National Storage No.3 Pty Ltd;
  • National Storage Pty Ltd;
  • National Storage Ventures Operations Pty Ltd*;
  • NS Development Co 1 Pty Ltd;
  • Runway Technologies Pty Ltd;
  • Southern Cross Storage Operations Pty Ltd; and
  • Wine-Ark Pty Ltd.

*These entities are joint venture entities.  More information is set out in our latest Annual Report available on our website at https://nationalstorageinvest.com.au/reporting/.