Privacy Policy - Harlesden Storage

Harlesden Storage is committed to protecting the privacy and personal data of all customers in the Harlesden area. This Privacy Policy explains how we collect, use, store, share, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Harlesden Storage customers in the area, including prospective customers, current customers, former customers, and individuals who communicate with us in connection with storage services.

We aim to process personal data fairly, lawfully, and transparently. This policy describes what data we collect, why we collect it, the legal grounds we rely on, how long we keep it, the processors we may use, and the rights available to individuals.

1. Personal Data We Collect

We collect only the data necessary to provide storage services, manage customer accounts, maintain security, and meet legal obligations. The type of information we may collect includes:

  • Identity details such as name, title, and date of birth where required.
  • Contact details such as address, telephone number, and email address.
  • Billing and payment information, including payment method details and transaction records.
  • Account and service information, including unit size, rental dates, access permissions, and service preferences.
  • Security information, such as CCTV images, access logs, key or access code records, and incident reports.
  • Correspondence and communication records, including emails, forms, calls, complaints, and feedback.
  • Information needed for identity verification, fraud prevention, or compliance checks.

In limited cases, we may also collect special category data if it is necessary for a legal claim, safeguarding, or another lawful purpose permitted under data protection law. We do not seek to collect such information routinely.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage storage accounts.
  • To provide access to storage facilities and related services.
  • To process payments, refunds, and account administration.
  • To communicate with customers about services, account changes, and operational matters.
  • To maintain the safety and security of our premises, staff, customers, and stored property.
  • To prevent fraud, misuse, theft, and unauthorised access.
  • To handle complaints, disputes, and legal claims.
  • To comply with legal, tax, accounting, and regulatory obligations.

We will only use personal data for the purposes described in this policy or for compatible purposes that are reasonably expected. Where required, we will provide further notice before using data for a new purpose.

3. Lawful Basis for Processing

Under UK GDPR, we must have a valid lawful basis for each type of processing. Harlesden Storage relies on the following legal bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with a customer. This includes managing bookings, collecting payment, providing access to storage units, and administering customer accounts.

Legal obligation

We process data where needed to comply with applicable laws, including tax, accounting, consumer protection, fraud prevention, and security-related legal duties.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests and those interests are not overridden by individual rights and freedoms. Our legitimate interests include protecting our property, securing the site, improving service quality, maintaining records, preventing fraud, and managing business operations.

Consent

Where consent is required, such as for certain optional communications or specific uses not covered by other lawful bases, we will request it clearly. Individuals can withdraw consent at any time, without affecting the lawfulness of processing before withdrawal.

Vital interests and public task

These bases are unlikely to apply in ordinary storage operations, but may be relied upon in exceptional circumstances where necessary under applicable law.

4. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, insurance, and reporting requirements. Retention periods depend on the type of information and the reason we hold it.

  • Customer account and contract records: retained for the duration of the relationship and for a period after it ends to handle disputes, claims, and administrative matters.
  • Financial and invoicing records: retained for the period required by tax and accounting laws.
  • Security records and CCTV footage: retained for a limited period unless required for an investigation, incident response, or legal claim.
  • Correspondence and complaint records: retained as long as needed to resolve matters and demonstrate compliance.

When personal data is no longer needed, we securely delete, anonymise, or destroy it. Retention periods may be extended where required for legal proceedings or regulatory obligations.

5. Processors and Data Sharing

We may share personal data with trusted third-party service providers who act as processors on our behalf. These processors only handle data under our instructions and are required to protect it appropriately. Categories of processors may include:

  • Payment service providers that process card and online payments.
  • IT and cloud hosting providers that store or support our systems.
  • Security and CCTV monitoring providers.
  • Maintenance, booking, and customer management system providers.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.

We may also disclose personal data to law enforcement, regulators, courts, or other public authorities where required by law or where necessary to protect our rights, customers, or property. We do not sell personal data.

Where a processor or recipient is located outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent lawful transfer mechanisms.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, staff training, encryption, secure storage, restricted permissions, and monitoring of systems and premises. While no method of transmission or storage is completely secure, we work to maintain a level of protection appropriate to the risks involved.

7. Your Rights

Individuals have important rights under data protection law. Subject to certain conditions and exemptions, these rights include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete information.
  • Right to erasure: to request deletion of personal data in certain circumstances.
  • Right to restriction: to ask us to limit processing in certain cases.
  • Right to data portability: to receive certain data in a structured, commonly used format.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent.

If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits required by law and may decline requests where an exemption applies.

8. Complaints and Further Rights

If you are concerned about how we handle your personal data, you have the right to raise a complaint with the relevant data protection authority. You may also ask us to review how we have processed your information. We encourage customers to contact us first so we can address concerns promptly and fairly.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is published or otherwise made available. Customers should review the policy periodically to stay informed about how personal data is handled.

10. Scope of This Policy

This Privacy Policy applies to all Harlesden Storage customers in area and to anyone whose personal data we process in connection with our storage operations. By using our services or providing your information to us, you acknowledge that your personal data will be handled in accordance with this policy and applicable data protection law.

Harlesden Storage respects your privacy and is committed to using personal data responsibly, securely, and only where lawful and necessary. We believe transparency and accountability are essential to protecting the trust of our customers.

Call Now!
Call Now Get a Quote
Harlesden Storage

GDPR-compliant privacy policy for Harlesden Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.