Privacy Policy - Selfstorage Barnet

Selfstorage Barnet is committed to protecting the privacy and personal data of all customers in the Barnet area. This Privacy Policy explains how we collect, use, share, store, and protect personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Selfstorage Barnet customers in the area, including prospective customers, current storage users, former customers, and individuals who interact with us on behalf of a business or household.

1. Who We Are

For the purposes of data protection law, Selfstorage Barnet is the data controller for the personal information described in this policy. This means we determine why and how your personal data is processed when you use our storage services, make enquiries, enter into a contract with us, or otherwise engage with our business.

We take our responsibilities seriously and aim to process personal data fairly, lawfully, and transparently. We only collect information that is relevant and necessary for the services we provide, and we keep it only for as long as required.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, date of birth, and title.
  • Contact data: postal address, email address, and telephone number.
  • Verification data: proof of identity and proof of address where required for security, fraud prevention, or legal compliance.
  • Contract and account data: account details, tenancy or storage agreement information, payment records, billing history, and service preferences.
  • Financial data: payment card information or bank details processed for payment collection and refunds, where applicable.
  • Usage data: information about access to storage units, site entry logs, booking records, and communications regarding service use.
  • Technical data: limited device, browser, or system information if you interact with our online systems or digital communications.
  • Security data: CCTV images, access records, incident reports, and related safety documentation where necessary to protect customers, staff, and property.

We do not intentionally collect special category personal data unless it is volunteered by you and necessary for a specific lawful purpose. If such data is provided, it will be handled with additional care and only where permitted by law.

3. How We Use Your Personal Data

We use personal data for the following purposes:

  • to provide storage services and manage customer accounts;
  • to verify identity and assess eligibility for services;
  • to process bookings, renewals, payments, deposits, and refunds;
  • to manage access to storage units and site security;
  • to communicate about contracts, service changes, billing, and operational matters;
  • to handle complaints, queries, and dispute resolution;
  • to comply with legal, regulatory, accounting, and tax obligations;
  • to protect our property, staff, customers, and visitors;
  • to prevent fraud, misuse, or unauthorised access;
  • to maintain accurate business records and service history.

We only use your data for specified, explicit, and legitimate purposes. If we need to use your data for a new purpose that is incompatible with the original reason, we will ensure we have a lawful basis before doing so.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each type of processing. Depending on the context, Selfstorage Barnet relies on one or more of the following bases:

Contract

We process your personal data where it is necessary to enter into or perform a contract with you. This includes setting up storage agreements, administering your account, taking payment, and providing access to your unit.

Legal Obligation

We process certain information to comply with legal requirements, such as record keeping, tax obligations, fraud prevention, anti-money laundering checks where applicable, and responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided your rights and freedoms do not override those interests. Examples include site security, CCTV monitoring, service improvement, customer support, fraud detection, and managing business operations. When relying on legitimate interests, we consider the impact on your privacy and only process what is necessary and proportionate.

Consent

In limited cases, we may rely on your consent, for example for optional marketing communications or certain types of non-essential data use. Where we rely on consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, and operational requirements. The retention period depends on the type of data and the reason we hold it.

Typical retention principles include:

  • Customer account and contract records: retained for the duration of the storage relationship and for a reasonable period afterwards for legal and administrative purposes.
  • Financial and tax records: retained for the period required by law and accounting rules.
  • Security records and CCTV: retained only for a limited period unless needed for an investigation, dispute, insurance claim, or legal process.
  • Enquiry records: kept for a short time where no contract is formed, unless a longer period is needed to follow up on your request or handle a complaint.

When personal data is no longer required, we will securely delete, anonymise, or destroy it.

6. Processors and Sharing of Data

We may share personal data with trusted third-party service providers acting as processors on our behalf. These processors are only permitted to use your data under our instructions and for the agreed purpose. They are required to take appropriate technical and organisational measures to protect it.

Examples of processors or service providers may include:

  • payment processing providers;
  • IT and cloud hosting services;
  • security and CCTV monitoring providers;
  • customer management and record-keeping systems;
  • maintenance and facilities support contractors;
  • professional advisers such as accountants, auditors, insurers, or legal advisers where needed.

We may also disclose personal data where necessary to comply with the law, enforce our rights, protect our premises or customers, or assist with investigations. We do not sell personal data.

If any processor or third party is located outside the UK, we will ensure appropriate safeguards are in place to protect your personal data in line with applicable data protection law.

7. Data Security

We use reasonable and appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures may include access controls, secure storage, staff training, confidentiality obligations, and system monitoring.

While no method of transmission or storage can be guaranteed to be completely secure, we work to reduce risks and to respond promptly if a security issue arises.

8. Your Rights

Under UK data protection law, you have rights in relation to your personal data. These rights may be subject to conditions and exceptions, but we will always consider your request carefully. Your rights include:

  • Right of access: you can ask for a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate or incomplete data.
  • Right to erasure: you can ask us to delete your data in certain circumstances.
  • Right to restriction: you can ask us to limit how we use your data in certain cases.
  • Right to data portability: you can ask for certain data to be provided in a structured, commonly used format where applicable.
  • Right to object: you can object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to raise concerns with the UK Information Commissioner’s Office if you believe your data has been handled unlawfully. We encourage you to contact us first so we can try to resolve any issue promptly and fairly.

9. Marketing Communications

Where permitted, we may send you service-related updates or marketing communications. You have the right to opt out of marketing at any time. If you no longer wish to receive such communications, your preference will be respected.

Important: essential service notices, billing information, and contract-related communications are not marketing and may still be sent where needed to manage your account or comply with our obligations.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. Any updated version will apply from the date it is made available. We encourage customers in the Barnet area to review this policy periodically to stay informed about how we protect personal data.

11. General Statement

This Privacy Policy applies to all Selfstorage Barnet customers in the area. By using our services, you acknowledge that your personal data will be handled in accordance with this policy and the applicable data protection laws. We are committed to processing data fairly, securely, and transparently, while maintaining the trust of our customers and upholding their privacy rights.

Call Now!
Call Now Get a Quote
Selfstorage Barnet

GDPR-compliant Privacy Policy for Selfstorage Barnet covering data collection, lawful basis, retention, processors, security, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.