Privacy Policy - Northolt Storage

Northolt Storage is committed to protecting the privacy and personal data of all customers in the Northolt area. This Privacy Policy explains how we collect, use, share, store, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Northolt Storage customers in area, including individuals and business customers who use our storage services, make enquiries, or otherwise interact with us.

1. Who We Are

For the purposes of data protection law, Northolt Storage acts as the data controller in relation to the personal data described in this policy. This means we determine why and how your personal data is processed when you use our services, contact us, or engage with us in connection with storage facilities and related services.

2. Personal Data We Collect

We collect only the personal data that is necessary for the purposes described in this policy. The types of information we may collect include:

  • Identity information such as your name, date of birth, and title.
  • Contact information such as postal address, email address, and telephone number.
  • Account and contract details such as customer reference numbers, storage unit details, rental dates, payment status, and service preferences.
  • Payment information such as transaction records, billing details, and limited payment data necessary to process payments. We do not store card security data unless required by our payment service provider.
  • Verification information such as copies of identification documents where required for identity checks, fraud prevention, or legal compliance.
  • Security information such as CCTV records, access logs, and incident reports where applicable.
  • Communication data such as records of correspondence, complaints, service requests, and notes from conversations.
  • Technical information such as device, browser, or usage data if you interact with digital systems used to manage services.

We may collect information directly from you, from authorised representatives acting on your behalf, from payment and identity verification providers, and from security systems used at our facilities.

3. How We Use Personal Data

We use personal data only where we have a valid lawful basis. Our main purposes for processing include:

  • Setting up and managing customer accounts.
  • Providing storage services and administering access to units.
  • Processing payments, refunds, and billing matters.
  • Verifying identity and preventing fraud, theft, and unauthorised access.
  • Maintaining site security and protecting customers, staff, and property.
  • Communicating with customers about their service, account, or requests.
  • Handling complaints, disputes, and customer support matters.
  • Complying with legal obligations, including tax, accounting, and regulatory requirements.
  • Defending or establishing legal claims where necessary.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless permitted or required by law.

4. Lawful Basis for Processing

Under UK GDPR, we must identify a lawful basis before processing personal data. Northolt Storage relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, taking payment, providing access, and delivering customer support related to the contract.

Legal Obligation

We may process personal data when required to comply with legal obligations, such as accounting rules, tax laws, identity checks, or responses to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided that these interests are not overridden by your rights and freedoms. Examples include securing our premises, preventing fraud, managing operations, improving services, and maintaining records. Where we rely on legitimate interests, we assess the impact on your privacy and ensure appropriate safeguards.

Consent

In some limited situations, we may rely on your consent, for example where it is legally required for a specific type of optional communication or processing. Where consent is used, you have the right to withdraw it at any time, without affecting the lawfulness of processing before withdrawal.

5. Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers. Processors only handle data on our instructions and under written contracts that require them to protect your information. These may include:

  • IT and cloud service providers that store or maintain our systems.
  • Payment processors that handle transaction processing.
  • Security providers that support CCTV, alarms, monitoring, or access control.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Identity verification services used to confirm customer details or prevent fraud.
  • Maintenance and facility service providers where access to limited data is needed to manage the premises.

We may also disclose personal data to law enforcement, regulators, courts, or other public authorities where we are legally required to do so or where disclosure is necessary to protect rights, property, or safety.

We do not sell personal data. If any international transfer of data is required, we will only do so where appropriate safeguards are in place to protect your information in line with data protection law.

6. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, or reporting requirements. Retention periods depend on the type of information and the reason it is held. In general:

  • Customer and contract records are retained for the duration of the relationship and for a reasonable period after it ends.
  • Financial and tax records are retained for the period required by law.
  • Security records, such as CCTV footage or access logs, are kept only for a limited period unless needed for an investigation or legal matter.
  • Enquiry and communication records are kept for as long as needed to manage the request and for a short period afterward, unless further retention is justified.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

7. How We Protect Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access, secure storage, staff training, password protection, encryption where appropriate, and regular review of our procedures. While no system can be guaranteed to be completely secure, we take data protection seriously and work to reduce risk at all times.

8. Your Rights

Under data protection law, you have several rights regarding your personal data. These rights may be subject to conditions and exemptions, but we will respond to requests in accordance with the law.

  • Right of access – you can ask for a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – you can ask us to delete your personal data in certain circumstances.
  • Right to restriction – you can ask us to limit how we use your data in some situations.
  • Right to object – you can object to processing based on legitimate interests or direct marketing where applicable.
  • Right to data portability – you can ask for certain data to be provided in a structured, commonly used format.
  • Right to withdraw consent – where processing relies on consent, you may withdraw it at any time.

You also have the right to make a complaint to the Information Commissioner’s Office if you are unhappy with how your personal data has been handled.

9. Children’s Data

Our storage services are generally intended for adults. We do not knowingly collect personal data from children unless it is necessary in limited circumstances and lawfully obtained, such as where a parent or guardian provides information in connection with an account.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. Any updates will take effect when published. We encourage customers to review this policy periodically so they remain informed about how their data is used.

In summary, Northolt Storage processes personal data fairly, lawfully, and transparently, and only for legitimate business, contractual, and legal purposes. We are committed to respecting privacy rights and ensuring that all Northolt Storage customers in area receive appropriate protection for their personal information.

Call Now!
Call Now Get a Quote
Northolt Storage

GDPR-compliant Privacy Policy for Northolt Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.