Self Storage Tufnell Park Privacy Policy
This Privacy Policy explains how Self Storage Tufnell Park collects, uses, stores, and shares personal data relating to our customers and prospective customers in the local area. It also sets out your rights under the United Kingdom General Data Protection Regulation and the Data Protection Act 2018. This Privacy Policy applies to all Self Storage Tufnell Park customers and enquirers in the surrounding area, regardless of the storage unit or service used.
By using our storage facilities or contacting us about our services, you acknowledge that you have read and understood this Privacy Policy.
Data Controller
Self Storage Tufnell Park is the data controller for the personal data described in this Privacy Policy. This means we determine the purposes and means of processing your personal data and are responsible for ensuring that such processing complies with applicable data protection laws.
Personal Data We Collect
We may collect and process the following categories of personal data about you when you enquire about or use our services:
Identification data such as full name, title, date of birth, and proof of identity details contained in documents that you provide to us when you sign an agreement or visit our facility.
Contact details such as residential address, billing address, and any correspondence address you provide, together with information you use to communicate with us, such as your name used on online forms.
Account and contract information such as storage unit number, contract start and end dates, payment history, deposit details, and records of communications about your agreement.
Payment and billing information such as billing address, details of payments made to us, and information necessary to verify and allocate payments. We do not store full card details if you pay by card, but our payment processors may do so in accordance with their own privacy terms.
Security and access information such as CCTV images in and around our premises, gate or door access logs, and any incident reports relating to safety or security.
Communication records such as emails, letters, and records of telephone or in-person conversations when you contact us or we contact you regarding your storage or any enquiry.
Website usage information such as basic technical data provided by your browser when you visit our website, and any information you provide via contact or enquiry forms.
Lawful Basis for Processing
We rely on the following lawful bases under the UK GDPR to process your personal data:
Contract: We process personal data where it is necessary to enter into a storage agreement with you, to set up and manage your account, to take payment, and to provide you with access to our facility.
Legal obligation: We process certain information to comply with legal and regulatory requirements, including record keeping, accounting rules, tax obligations, law enforcement requests, and health and safety obligations.
Legitimate interests: We process personal data where it is necessary for our legitimate business interests and those of our customers, provided these interests are not overridden by your rights and freedoms. These interests include managing and securing our premises, preventing and detecting fraud or crime, maintaining and improving our services, handling enquiries and complaints, and recovering outstanding fees.
Consent: In limited circumstances, we may rely on your consent, for example where we send certain types of optional marketing communications. Where we rely on consent, you may withdraw it at any time, and this will not affect the lawfulness of processing before withdrawal.
How We Use Your Personal Data
We use your personal data for the following purposes:
To respond to enquiries, provide quotations, and give information about our storage services.
To verify your identity and eligibility for a storage unit and to complete our customer onboarding processes.
To prepare, enter into, and manage your storage contract, including handling payments, deposits, renewals, and terminations.
To operate, manage, and secure our facility, including recording CCTV images and access logs, monitoring for suspicious activity, and investigating incidents.
To maintain internal records for administration, accounting, and auditing purposes.
To communicate with you about your account, including notices about changes to your contract, payment reminders, and important information about our services.
To pursue and defend legal claims, enforce our contractual rights, and manage disputes and complaints.
To comply with our legal and regulatory obligations, including cooperation with law enforcement where required by law.
Data Retention
We retain your personal data only for as long as necessary for the purposes for which it was collected, and in line with applicable law and our internal policies.
In general, we keep customer account and contract records for a period after your contract ends, to comply with legal, tax, and accounting requirements, to handle any queries or disputes, and to demonstrate that we have fulfilled our obligations. Security footage and access logs are usually kept for a shorter period, unless they are required for the investigation of a specific incident, in which case they may be retained for longer.
When personal data is no longer needed, we will securely delete or anonymise it so that it can no longer be associated with you.
Data Processors and Sharing of Personal Data
We may share your personal data with trusted third parties who process data on our behalf as our data processors. These may include payment processing providers, accounting and bookkeeping services, IT and cloud service providers, providers of CCTV or access control systems, and professional advisers such as legal or compliance advisers.
We ensure that all such processors are bound by written contracts requiring them to act only on our instructions, to keep your data secure, and to comply with data protection law.
We may also share your personal data with other third parties where required by law or where necessary to protect our rights or the rights of others. This may include regulatory authorities, law enforcement agencies, courts, debt recovery agencies, and insurers.
We do not sell your personal data to third parties.
International Transfers
If any of our processors or service providers are located outside the United Kingdom, we will ensure that appropriate safeguards are in place before any transfer of your personal data takes place. These may include the use of standard data protection clauses or reliance on an adequacy regulation issued by the UK Government.
Your Data Protection Rights
Under the UK GDPR, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions. These rights include:
Right of access: You can request confirmation that we process your personal data and receive a copy of that data, together with certain additional information.
Right to rectification: You can ask us to correct inaccurate or incomplete personal data we hold about you.
Right to erasure: You can, in certain circumstances, ask us to delete your personal data, for example where it is no longer necessary for the purposes for which it was collected or where you withdraw consent and we have no other lawful basis for processing.
Right to restriction: You can request that we restrict the processing of your personal data in specific situations, for example while we verify its accuracy or consider an objection you have raised.
Right to object: You can object to processing based on our legitimate interests, on grounds relating to your particular situation. We will stop processing unless we can demonstrate compelling legitimate grounds which override your interests, rights, and freedoms, or where processing is required for legal claims.
Right to data portability: Where processing is based on consent or contract and carried out by automated means, you can request a copy of the personal data you have provided to us in a structured, commonly used, machine-readable format and ask us to transfer it to another controller where technically feasible.
Right to withdraw consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
Exercising Your Rights and Complaints
If you wish to exercise any of your rights, or if you have any questions about how we collect or use your personal data, you can contact us using the usual contact details you use to communicate with Self Storage Tufnell Park.
You also have the right to lodge a complaint with the Information Commissioner's Office, which is the supervisory authority in the United Kingdom for data protection matters. Further information about your rights and how to contact the Information Commissioner's Office can be found on its official information channels.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage. Measures may include access controls, physical security at our facility, secure storage of records, regular review of our procedures, and limiting access to personal data to staff and processors who need it for legitimate business purposes.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or the services we offer. The updated Privacy Policy will apply from the date it is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal data.
