Privacy Policy - Tottenham Storage

This Privacy Policy explains how Tottenham Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, and other individuals whose information we process. It applies to all Tottenham Storage customers in the local area and to anyone who interacts with our services, whether in person, by phone, by email, or through any other communication channel. By using our services, you acknowledge that your personal data may be processed in accordance with this policy.

1. Who We Are

Tottenham Storage provides storage services to individuals and businesses. In the course of operating our services, we act as a data controller for the personal data we determine the purposes and means of processing. This means we are responsible for ensuring that your personal data is handled lawfully, fairly, and transparently in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Personal Data We Collect

We only collect personal data that is necessary for the operation of our services, for legal compliance, and for legitimate business purposes. The categories of information we may collect include:

  • Identity information such as your name, date of birth, and identification details where required for verification.
  • Contact information such as address, email address, and telephone number.
  • Account and service information such as storage unit details, booking records, payment status, and service preferences.
  • Billing and payment data such as invoice information, payment history, and limited transaction details.
  • Access and security information such as entry logs, CCTV footage, security records, and device or key access records where applicable.
  • Communication records such as emails, written correspondence, call notes, and complaint or support information.
  • Usage information relating to how you interact with our services and facilities.

We may also receive personal data from third parties where lawful and relevant to your storage arrangement, for example from payment providers, identity verification services, insurers, landlords, agents, or legal and regulatory authorities.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To set up and manage customer accounts and storage agreements;
  • To verify identity and prevent fraud, misuse, or unauthorised access;
  • To provide storage services and customer support;
  • To issue invoices, take payments, and manage account balances;
  • To maintain site safety, security, and operational records;
  • To communicate about bookings, service changes, notices, and reminders;
  • To handle complaints, disputes, or legal claims;
  • To comply with legal obligations and regulatory requirements;
  • To monitor and improve our services, systems, and customer experience.

We do not sell personal data. We process personal data only where we have a lawful basis to do so.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis before processing your personal data. Depending on the circumstances, we may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes creating your storage account, managing your unit, taking payment, and providing agreed services.

Legal Obligation

We may process data where necessary to comply with legal requirements, such as tax, accounting, fraud prevention, health and safety, or law enforcement obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided these interests do not override your rights and freedoms. Examples include protecting our premises, preventing unauthorised access, improving our service, managing risk, and enforcing contractual rights.

Consent

In limited situations, we may ask for your consent, for example for certain optional communications or where required by law. Where we rely on consent, you may withdraw it at any time. Withdrawal of consent will not affect the lawfulness of processing carried out before withdrawal.

5. Special Category and Sensitive Data

We do not generally seek to collect special category data, such as information about health, religion, race, political opinions, or biometric data. If such information is provided to us voluntarily or becomes necessary for a particular legal or safety reason, we will only process it where an appropriate lawful condition applies and with additional safeguards where required.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, tax, contractual, or security requirements. Retention periods vary depending on the type of data and the reason for processing.

  • Customer account and contract records are generally retained for the duration of the relationship and for a period afterwards to deal with disputes, claims, or audit requirements.
  • Financial records may be kept for the period required under applicable tax and accounting law.
  • Security records such as access logs or CCTV footage are kept only as long as needed for security and investigation purposes, after which they are securely deleted or overwritten.
  • Correspondence and support records are retained for a reasonable period to manage service history and customer care.

When personal data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention procedures.

7. Processors and Third Parties

We may share personal data with trusted third-party service providers who act as processors on our behalf. These processors may only process data under our instructions and must implement appropriate security measures. They may include:

  • IT and hosting providers who support our systems, storage platforms, and data security;
  • Payment processors and financial service providers who handle billing and payment transactions;
  • Identity verification or fraud prevention providers where verification is required;
  • Security service providers involved in site monitoring or incident management;
  • Professional advisers such as accountants, insurers, auditors, or legal advisers;
  • Government bodies, regulators, courts, or law enforcement where disclosure is required by law or to establish, exercise, or defend legal claims.

Where personal data is shared, we ensure appropriate contractual and technical safeguards are in place to protect it. We do not permit processors to use your data for their own independent purposes.

8. Data Security

We take reasonable and appropriate technical and organisational measures to protect personal data against unauthorised access, alteration, disclosure, loss, or destruction. These measures may include access controls, password protection, encryption, staff training, confidentiality obligations, and physical security controls at our premises.

While we strive to protect your data, no system can be guaranteed to be completely secure. Where we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will respond in accordance with legal requirements.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions or exceptions. They include:

  • Right of access – to request a copy of the personal data we hold about you;
  • Right to rectification – to ask us to correct inaccurate or incomplete data;
  • Right to erasure – to request deletion of your data in certain circumstances;
  • Right to restriction – to ask us to limit how we use your data in certain situations;
  • Right to object – to object to processing based on legitimate interests or direct marketing;
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent – where processing is based on consent;
  • Right to complain – to raise concerns with the relevant data protection authority.

We will respond to valid rights requests within the time limits required by law. To protect your privacy, we may need to verify your identity before processing a request.

10. Cookies and Similar Technologies

If we use any online systems that rely on cookies or similar technologies, these may be used to improve functionality, maintain security, or measure performance. Where required, we will provide appropriate information about such technologies and seek consent where necessary. Any such use will be limited to what is necessary and lawful.

11. International Transfers

Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place to protect it in accordance with applicable data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, operational practices, or the services we provide. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is used.

13. Summary of Your Privacy

In summary, Tottenham Storage processes personal data responsibly and only where necessary to provide storage services, comply with the law, protect our premises, and manage customer relationships. We keep data only for as long as needed, use processors carefully, and respect your legal rights under data protection law. This policy applies to all Tottenham Storage customers in the area.

Call Now!
Call Now Get a Quote
Tottenham Storage

GDPR-compliant Privacy Policy for Tottenham Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.