Privacy Policy - Newbarnet Storage

This Privacy Policy explains how Newbarnet Storage collects, uses, stores, shares, and protects personal data. It applies to all Newbarnet Storage customers in the area, including individuals, household customers, business customers, and anyone who enquires about or uses our services. We are committed to handling personal data fairly, lawfully, and transparently in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

For the purposes of data protection law, Newbarnet Storage acts as the data controller in relation to the personal data we collect and process in connection with our storage services. This means we determine why and how your personal data is used. We take our responsibility seriously and aim to process only the data we need for clear and legitimate purposes.

2. Personal Data We Collect

We may collect and process different types of personal data depending on your relationship with us. The information we collect may include:

  • Identity data such as your name, date of birth, and identification details where required.
  • Contact data such as address, email address, and telephone number.
  • Account and contract data such as storage unit references, rental dates, payment history, and service preferences.
  • Payment data such as billing information and transaction records.
  • Security and access data such as entry logs, key records, access codes, CCTV images, and related records.
  • Communications data such as enquiries, complaints, and correspondence with our team.
  • Technical data such as limited device and usage information if you interact with digital systems connected to our services.

We do not intentionally collect more data than is necessary. Where special category data is provided to us by mistake, we will treat it with extra care and only process it where we have a lawful basis and a valid reason to do so.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage customer accounts and storage agreements.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To process payments, refunds, and account adjustments.
  • To provide customer support and respond to enquiries or complaints.
  • To manage access to storage units and maintain site security.
  • To meet legal, tax, insurance, and regulatory obligations.
  • To maintain accurate business records and improve service quality.
  • To defend or establish legal claims where necessary.

We will always aim to use your data in a way that is relevant, proportionate, and limited to the stated purpose.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each use of personal data. Newbarnet Storage relies on one or more of the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage agreement, managing access, and handling billing.

Legal Obligation

We process data where required to comply with laws and regulatory duties, including accounting, taxation, fraud prevention, and lawful requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided your rights do not override those interests. Examples include site security, preventing misuse, maintaining records, and improving operations. We consider the impact on customers before relying on this basis.

Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications. Where we rely on consent, you may withdraw it at any time.

5. Sharing Data and Processors

We may share personal data with trusted third parties where necessary and lawful. These third parties may act as processors or independent controllers depending on the service they provide.

Processors are organisations that handle personal data on our instructions. They may include:

  • Payment service providers.
  • IT and cloud hosting providers.
  • Security and CCTV maintenance providers.
  • Customer management and administrative service providers.
  • Accountants, auditors, and professional advisers.

We require processors to keep personal data secure, use it only for our instructions, and comply with data protection law. We do not sell personal data. If personal data is shared with an independent controller, such as a law enforcement body, insurer, or legal adviser, that party will be responsible for its own use of the data.

6. International Transfers

If any service provider stores or accesses data outside the UK, we will ensure appropriate safeguards are in place. These safeguards may include adequacy regulations or standard contractual protections. We only allow international transfers where permitted by law and where suitable protections exist.

7. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, and for any additional period required by law or legitimate business need. Retention periods depend on the nature of the data and the reason for processing.

Typical retention periods may include:

  • Customer contract and account records: kept for the duration of the agreement and for a reasonable period afterward.
  • Payment and tax records: kept for the period required by accounting and tax law.
  • Security records: kept for a short and proportionate period unless needed for an investigation or legal claim.
  • Correspondence and complaint records: kept long enough to deal with the matter and retain evidence of our handling.

When data is no longer needed, it is securely deleted, anonymised, or destroyed. We take care to ensure that retention is not excessive and that records are reviewed regularly.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, or alteration. These measures may include access controls, secure storage, staff training, and monitoring of site security systems. While no system can be guaranteed completely secure, we continually review our safeguards and improve them where needed.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions and exemptions.

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may ask us to delete your data in certain circumstances.
  • Right to restriction: you may ask us to limit how we use your data in certain situations.
  • Right to object: you may object to processing based on legitimate interests, including direct marketing where applicable.
  • Right to data portability: you may request certain data in a structured, commonly used format where the law allows.
  • Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you are unhappy with how your data has been handled. We encourage you to raise concerns with us first so we can try to resolve the matter promptly and fairly.

10. Automated Decision-Making

We do not usually make decisions about customers solely by automated means. If this changes, we will provide appropriate information about the process and your rights. Where automated processing is used, we will ensure it is lawful and does not unfairly affect you.

11. Marketing

We may send service-related messages that are necessary to manage your account or storage agreement. If we send optional marketing communications, we will do so only where permitted by law. You can opt out of marketing at any time, and we will respect your preferences.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data handling practices. The latest version will always apply. We encourage customers to review this policy periodically so they remain informed about how their data is used.

13. Summary of Our Commitment

Newbarnet Storage is committed to protecting personal data and respecting customer privacy. We collect only what we need, use it for lawful and clear purposes, keep it only as long as necessary, and work with processors that are bound to protect it. We also recognise your rights and will respond to requests in line with data protection law. Our aim is to ensure that every customer in the area can use our services with confidence that their personal information is handled responsibly and securely.

Call Now!
Call Now Get a Quote
Newbarnet Storage

GDPR-compliant Privacy Policy for Newbarnet Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.