Privacy Policy - Northfinchley Storage

Northfinchley Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, share, retain, and protect personal information when individuals use our storage services. It applies to all Northfinchley Storage customers in the area, including prospective customers, active customers, account holders, and individuals who communicate with us about our services.

1. Introduction

This Privacy Policy is designed to comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It explains the types of personal data we collect, the lawful bases on which we process that data, how long we keep it, the third parties that may process it on our behalf, and the rights available to individuals under data protection law.

We only process personal data where we have a lawful reason to do so and we take appropriate technical and organisational measures to keep that data secure. We aim to be clear and transparent about how personal information is handled.

2. Data We Collect

We may collect and process personal data depending on how you interact with us and which services you use. The categories of information we may collect include:

  • Identity data such as your name, title, and date of birth where needed for verification.
  • Contact data such as address, email address, and telephone number.
  • Account data including customer reference numbers, account status, and storage unit details.
  • Payment data such as billing records, payment status, and limited financial information needed to process transactions.
  • Contract data including agreements, service preferences, and correspondence relating to your storage service.
  • Access and security data such as entry logs, key or access-card records, and CCTV recordings where used for security and site safety.
  • Communications data including enquiries, complaints, feedback, and any other messages you send to us.
  • Technical data such as device or browser information if you interact with our digital systems.

We do not intentionally collect special category data unless it is necessary and you have provided it, or we are legally required to process it. Where special category data is processed, we do so only in accordance with the law and with additional safeguards.

3. How We Use Personal Data

We use personal data to provide storage services and manage our relationship with customers. This may include:

  • setting up and managing customer accounts;
  • verifying identity and preventing fraud;
  • processing payments and maintaining accounting records;
  • communicating about bookings, renewals, access, and service updates;
  • maintaining site safety, security, and operational records;
  • handling complaints, disputes, and legal claims;
  • meeting legal and regulatory obligations;
  • improving service quality and internal administration.

We process data only for purposes that are specified, explicit, and legitimate. We do not use personal data in ways that are incompatible with those purposes.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis before processing personal data. Depending on the context, we rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage service, managing billing, maintaining your account, and providing the service you requested.

Legal obligation

We may process personal data where necessary to comply with a legal obligation, such as accounting, tax, fraud prevention, or responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. Examples include site security, CCTV monitoring, service improvement, and internal record-keeping.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or specific processing activities. Where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Data Sharing and Processors

We do not sell personal data. We may share personal information with trusted third parties who act as processors or independent controllers, only where necessary and in accordance with data protection law.

Processors may include:

  • Payment service providers who process card or other payment transactions.
  • IT and cloud service providers who host systems, email tools, or secure data storage.
  • Security providers who support site monitoring, alarms, or access control systems.
  • Accounting or administration providers who assist with record management and financial administration.
  • Maintenance and facilities contractors where access to limited personal data is required to carry out work safely and effectively.

Where processors act on our behalf, they are subject to contractual obligations to process personal data only in accordance with our instructions, to keep it secure, and to protect confidentiality.

We may also disclose personal data where required by law, court order, or regulatory obligation, or where necessary to protect the rights, property, or safety of Northfinchley Storage, our customers, or others.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, and to meet legal, accounting, and reporting requirements. Retention periods depend on the type of data and the purpose of processing.

In general:

  • Customer account and contract records are retained for the duration of the service relationship and for a reasonable period afterward to handle queries, disputes, or legal claims.
  • Payment and financial records are retained for the period required by tax and accounting law.
  • Security and access records are retained only for as long as needed for operational and security purposes, unless a longer period is necessary for an incident or legal matter.
  • Enquiry and correspondence records are kept for as long as needed to respond and maintain accurate service records.

When personal data is no longer required, we delete it or anonymise it securely.

7. Data Security

We use appropriate organisational and technical safeguards to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, and regular review of data handling practices.

While no system can be guaranteed to be completely secure, we take data protection seriously and continually assess how to improve our safeguards.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions and exemptions under the law. They include:

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – you can request deletion of your data in certain circumstances.
  • Right to restriction – you can ask us to limit how we use your data in certain situations.
  • Right to data portability – you can request certain data in a structured, commonly used format where applicable.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with data protection law and may need to verify your identity before taking action.

9. Children’s Data

Our storage services are not directed at children. We do not knowingly collect personal data from children unless it is necessary in a specific legal or contractual context and appropriate safeguards are in place.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. Any changes will take effect when the updated policy is made available. We encourage customers to review this policy periodically to stay informed about how their information is protected.

11. Scope of This Policy

This Privacy Policy applies to all Northfinchley Storage customers in area, including anyone who uses, requests, or enquires about our storage services. By using our services, you acknowledge that your personal data may be processed in accordance with this policy and applicable law.

12. Summary of Key Points

  • We collect only the personal data needed to provide and manage storage services.
  • We process data under lawful bases including contract, legal obligation, legitimate interests, and consent where appropriate.
  • We retain data only for as long as necessary and delete or anonymise it when no longer needed.
  • We may use trusted processors for payment, IT, security, and administration services.
  • You have rights over your personal data, including access, correction, deletion, and objection.

Northfinchley Storage is dedicated to handling personal information responsibly, lawfully, and with respect for customer privacy.

Call Now!
Call Now Get a Quote
Northfinchley Storage

GDPR-compliant Privacy Policy for Northfinchley Storage covering data collection, lawful bases, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.