Privacy Policy - Enfieldtown Storage

This Privacy Policy explains how Enfieldtown Storage collects, uses, stores, shares, and protects personal data. It applies to all Enfieldtown Storage customers in area, including prospective customers, current customers, former customers, and individuals who interact with us in connection with storage services, account administration, billing, access control, and site security. We are committed to handling personal data in a lawful, fair, and transparent manner in line with applicable data protection law, including the UK GDPR and the Data Protection Act 2018.

1. Who we are

Enfieldtown Storage provides storage services and related facilities management. For the purposes of data protection law, we act as the data controller for personal data we collect and determine the purposes and means of processing. This means we decide why and how your personal data is used when you engage with us as a customer, visitor, supplier contact, or other relevant party.

2. Personal data we collect

We collect only the personal data that is necessary for the provision and management of our services, the protection of our premises, and the fulfilment of legal obligations. The categories of data we may collect include:

  • Identity data such as your name, date of birth, and identification documents where needed for verification.
  • Contact data such as address, email address, and telephone number.
  • Account and transaction data such as booking details, payment records, invoices, service history, and correspondence regarding your account.
  • Access and security data such as entry logs, keycard or access code records, CCTV images, and site attendance records.
  • Communication data such as enquiries, complaints, support requests, and notes of telephone or written conversations.
  • Technical data such as basic device or browser information if you interact with digital systems used to manage accounts or access services.
  • Special category data only in exceptional circumstances, and only where required by law or where you provide it voluntarily and we have an appropriate lawful basis.

We do not intentionally collect excessive data. Where possible, we limit the information requested to what is necessary for the specific purpose explained at the time.

3. How we collect your data

We may collect personal data directly from you when you register for services, complete forms, make payments, contact us, or otherwise interact with our team. We may also receive data from third parties such as payment providers, identity verification services, insurers, contractors, legal advisers, and public authorities where this is lawful and necessary. In some cases, we may collect data automatically through site access systems, security cameras, and service technology used to protect our premises and operations.

4. Why we use your data

We use personal data for the following purposes:

  • To provide storage services and manage your account.
  • To verify identity and prevent fraud.
  • To process payments, issue invoices, and manage refunds where applicable.
  • To operate and secure our premises, including access control and monitoring.
  • To communicate with you about service updates, account matters, and support requests.
  • To maintain records for legal, tax, insurance, and regulatory purposes.
  • To manage complaints, disputes, claims, or enforcement actions.
  • To improve our services, systems, and customer experience.

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and that such use is permitted by law.

5. Lawful basis for processing

We process personal data only where we have a lawful basis under data protection law. Depending on the situation, our lawful bases may include:

  • Contract – where processing is necessary to enter into or perform a contract with you, such as setting up a storage account or providing services.
  • Legal obligation – where we must process data to comply with laws, including accounting, tax, fraud prevention, or regulatory duties.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as protecting property, ensuring site security, preventing misuse, and managing customer relationships, provided your rights do not override those interests.
  • Consent – where we rely on your consent for specific processing activities, such as certain optional communications or where consent is required by law. You may withdraw consent at any time where it is the basis used.

Where we process special category data, we will do so only where an additional legal condition applies, such as explicit consent, legal claims, or another condition permitted by law.

6. Sharing your data and processors

We may share personal data with trusted third parties where necessary and lawful. These third parties may act as processors on our behalf or, in some cases, as independent controllers. Our processors are required to handle personal data securely, only follow our instructions, and comply with data protection obligations.

Examples of processors and service providers may include:

  • Payment processing providers
  • IT hosting and software providers
  • Security and CCTV monitoring service providers
  • Customer relationship and communications platform providers
  • Document storage and archiving providers
  • Professional advisers such as accountants, insurers, auditors, and legal advisers

We may also disclose personal data where required by law, court order, regulatory authority, law enforcement request, or to establish, exercise, or defend legal claims. If data is shared with a third party outside the UK, we will take appropriate safeguards to ensure your information remains protected.

7. Retention of personal data

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, tax, insurance, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

Typical retention approach

  • Customer account records are generally retained for the duration of the contract and for a reasonable period afterward.
  • Payment and invoicing records are retained for the period required by tax and financial laws.
  • Security logs and access records are retained for a limited period unless needed for investigation, dispute resolution, or legal claims.
  • Complaints and correspondence are retained as long as necessary to resolve the matter and for recordkeeping purposes.
  • CCTV footage is normally retained for a short period unless an incident requires longer retention.

When personal data is no longer required, it is securely deleted, anonymised, or archived in line with our retention practices. Retention periods may vary if we have a legitimate reason or legal obligation to keep data longer.

8. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, staff training, restricted permissions, and monitoring of systems. While we take reasonable steps to safeguard data, no system can be guaranteed to be completely secure.

9. Your rights

Subject to legal limits, you have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing relies on consent, you may withdraw it at any time.

You also have the right to raise concerns with the relevant data protection authority if you believe your data has been handled unlawfully. We encourage you to contact us first so that we can address any concerns promptly and fairly.

10. Children’s data

Our services are intended for adults and business or household customers who can lawfully enter into storage arrangements. We do not knowingly collect personal data from children unless it is necessary and lawful, such as where a parent, guardian, or authorised representative provides information for a legitimate purpose.

11. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, operational practices, or service arrangements. Any updated version will apply from the time it is made available. We encourage customers to review this policy periodically so they remain informed about how we process personal data.

12. Summary of our commitment

Enfieldtown Storage is committed to protecting personal data and using it responsibly. We collect only what we need, process it on a valid lawful basis, keep it for no longer than necessary, and share it only with trusted processors or where required by law. We aim to respect your privacy, support your rights, and maintain a secure and transparent service for all Enfieldtown Storage customers in area.

Call Now!
Call Now Get a Quote
Enfieldtown Storage

GDPR-compliant Privacy Policy for Enfieldtown Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.