Privacy Policy - Selfstorage Harrow

This Privacy Policy explains how Selfstorage Harrow collects, uses, stores, shares, and protects personal data in connection with storage services provided to customers in the Harrow area. It applies to all Selfstorage Harrow customers in the area, including prospective customers, account holders, authorised users, and individuals who interact with our services on behalf of a business or organisation.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018. This policy is intended to explain what information we process, why we process it, the legal basis on which we rely, how long we keep it, who may process it on our behalf, and what rights individuals have in relation to their personal data.

1. Data We Collect

We may collect and process different categories of personal data depending on how you use our services. The types of data may include:

  • Identity data such as your name, date of birth, and identification details.
  • Contact data such as billing address, correspondence address, email address, and telephone number.
  • Account and service data such as storage unit details, account references, payment status, access logs, and service preferences.
  • Payment data such as bank details, payment card information, invoice records, and transaction history.
  • Security data such as CCTV footage, access control records, alarm logs, and visitor records where applicable.
  • Communications data such as emails, complaint records, call notes, and customer support interactions.
  • Technical data such as IP address, device information, browser type, and usage data if you interact with any digital systems we operate.

We normally collect personal data directly from you when you make an enquiry, enter into a storage agreement, make a payment, provide proof of identity, use your storage unit, or contact us for support. In some cases, we may receive data from third parties such as payment processors, fraud prevention services, insurance providers, identity verification providers, or other authorised representatives.

2. How We Use Personal Data

We use personal data only where permitted by law and only for legitimate business purposes related to the operation of our storage services. The main purposes for which we use personal data include:

  • setting up and managing customer accounts;
  • verifying identity and preventing fraud;
  • processing payments and managing billing;
  • providing access to storage units and related facilities;
  • communicating about contracts, renewals, and service changes;
  • handling customer support requests, complaints, and disputes;
  • maintaining security, including the prevention and detection of crime;
  • meeting legal, tax, accounting, and regulatory obligations;
  • protecting our rights, property, staff, customers, and premises;
  • improving our services, internal operations, and security systems.

We do not sell personal data. We also do not use personal data for unrelated purposes unless we are legally allowed to do so and have informed you where required.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis before processing personal data. Depending on the activity, we may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, taking payment, providing access to your unit, and delivering related services.

Legal Obligation

We may process personal data when needed to comply with legal obligations, such as tax rules, accounting requirements, anti-money laundering checks, fraud prevention, or lawful requests from public authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. Examples include protecting our premises, preventing unauthorised access, operating CCTV for security, managing business records, improving services, and defending legal claims.

Consent

In limited situations, we may rely on your consent, for example where it is required for specific optional communications or certain types of marketing. Where we rely on consent, you may withdraw it at any time.

4. Retention of Personal Data

We keep personal data only for as long as necessary for the purpose for which it was collected, unless a longer retention period is required or permitted by law. Retention periods vary depending on the type of data and the reason for processing.

  • Customer account records are generally retained for the duration of the relationship and for a period after closure to manage enquiries, disputes, and legal claims.
  • Financial and tax records are kept for the period required by law and accounting rules.
  • Security records such as access logs and CCTV may be retained for a shorter operational period unless needed for investigation, insurance, or legal action.
  • Communication records may be retained to evidence instructions, complaints, and service history.

When personal data is no longer needed, we will securely delete it or anonymise it so that it can no longer identify you. Retention is reviewed periodically to ensure that we do not keep information for longer than necessary.

5. Processors and Sharing of Data

We may share personal data with carefully selected third parties that act as processors on our behalf or, in some cases, as independent controllers. We only share the minimum amount of data needed for the relevant purpose and require appropriate data protection safeguards.

Examples of processors or service providers may include:

  • payment processing providers;
  • identity verification and fraud prevention services;
  • IT hosting, software, and system support providers;
  • security and surveillance service providers;
  • accounting, audit, and professional advisers;
  • document storage and secure destruction providers;
  • insurance-related service providers where relevant to your contract.

Where required, we may also disclose personal data to law enforcement, courts, regulators, insurers, or other third parties if necessary to comply with the law, enforce our terms, protect legal rights, or respond to lawful requests.

All processors are required to act only on our instructions, keep data secure, and process personal data in accordance with applicable data protection law. We take reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure.

6. Your Rights

Depending on the circumstances and legal basis for processing, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete information.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

We may need to verify your identity before responding to a rights request. Some rights may be limited where the law allows us to retain or process data for compliance, security, or legal claim purposes.

If you believe your data protection rights have not been respected, you also have the right to raise concerns with the Information Commissioner’s Office or the relevant supervisory authority.

7. Data Security and Confidentiality

We take data security seriously and use appropriate measures to protect personal information. These measures may include access controls, secure storage, restricted permissions, encryption where appropriate, staff training, and regular review of security arrangements. No method of transmission or storage is completely secure, but we work to reduce risks as far as reasonably possible.

Only authorised personnel and approved processors may access personal data where necessary for legitimate business purposes. All such parties are expected to handle information confidentially and in accordance with applicable law.

8. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process data. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their personal data is used.

9. Summary of Our Approach

Selfstorage Harrow processes personal data in a way that is lawful, secure, and proportionate to the storage services we provide. We collect only the information we need, use it for clear and legitimate purposes, retain it only as long as necessary, and share it only with trusted processors or where required by law. Our aim is to respect privacy while maintaining efficient and secure storage services for all customers in the Harrow area.

Last reviewed: This policy should be treated as the current privacy notice for Selfstorage Harrow customers in the area.

Call Now!
Call Now Get a Quote
Selfstorage Harrow

GDPR-compliant Privacy Policy for Selfstorage Harrow covering data use, lawful bases, retention, processors, and customer rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.