Privacy Policy - Enfieldhighway Storage

This Privacy Policy explains how Enfieldhighway Storage collects, uses, shares, stores, and protects personal data. It applies to all Enfieldhighway Storage customers in the area, including individuals who enquire about storage services, make bookings, access facilities, or otherwise interact with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to customers, prospective customers, account holders, authorised users, business clients, visitors to our storage facilities, and any person whose personal data we process in connection with our services. It also applies where a customer provides details about another individual, such as an emergency contact, authorised driver, or representative.

2. Information we collect

We only collect personal data that is relevant and necessary for operating our storage services, meeting legal obligations, and protecting our customers, staff, and property. Depending on how you use our services, we may collect the following categories of information:

  • Identity data such as your name, title, date of birth, and identification details used to verify identity.
  • Contact data such as postal address, billing address, email address, and telephone number.
  • Account and booking data such as storage unit details, booking history, payment status, service preferences, and access permissions.
  • Financial data such as payment card details, bank account information, invoices, and transaction records.
  • Usage and access data such as entry logs, gate access records, CCTV images, and timestamps relating to access to the premises.
  • Correspondence data such as emails, messages, complaints, enquiries, and records of communications with our team.
  • Technical data in limited circumstances, such as device or browser information if you interact with digital systems we use for administration or security.
  • Special category data only where necessary and permitted by law, for example if provided in relation to an accessibility request or a legal claim.

We generally collect data directly from you. In some cases, we may receive data from third parties, such as payment processors, identity verification providers, legal advisers, debt recovery services, insurers, or public authorities.

3. How we use your personal data

We use personal data for the following purposes:

  • To set up and manage your storage account or booking.
  • To verify your identity and prevent fraud or unauthorised access.
  • To provide, maintain, and administer storage services.
  • To process payments, refunds, and account balances.
  • To communicate with you about bookings, invoices, service updates, and notices.
  • To monitor site security, protect property, and prevent crime.
  • To manage disputes, complaints, and claims.
  • To comply with legal, regulatory, tax, accounting, and safety obligations.
  • To improve our operations, service delivery, and internal record keeping.

We do not use your personal data for purposes that are incompatible with the reasons it was collected, unless we are required or permitted to do so by law.

4. Lawful basis for processing

We process personal data only where we have a lawful basis under data protection law. Depending on the activity involved, the lawful basis may include:

  • Contract — where processing is necessary to enter into or perform our storage agreement with you, such as managing your account, billing, and access arrangements.
  • Legal obligation — where we must process data to comply with laws relating to taxation, accounting, fraud prevention, health and safety, or lawful requests from authorities.
  • Legitimate interests — where processing is necessary for our legitimate business interests, provided your rights do not override those interests. This may include site security, CCTV monitoring, service administration, debt recovery, and record keeping.
  • Consent — where we rely on your clear permission, for example for optional communications or certain uses of data where consent is the appropriate basis. You may withdraw consent at any time.
  • Vital interests — in rare situations where processing is necessary to protect someone’s life or safety.
  • Public task or legal claims where applicable in limited circumstances.

Where we process special category data, we will do so only when an additional condition under data protection law applies.

5. Sharing your data and processors

We may share personal data with trusted third parties who help us operate our business. These parties act as processors when they process data on our behalf and under our instructions. They are required to keep personal data secure and to use it only for the services they provide.

Examples of processors or service providers may include:

  • Payment processing providers.
  • IT and cloud storage providers.
  • Security and CCTV service providers.
  • Accounting, auditing, and bookkeeping providers.
  • Identity verification and fraud prevention providers.
  • Customer management and communication service providers.
  • Legal advisers, insurers, debt recovery agents, and delivery contractors where necessary.

We may also disclose personal data where required by law, court order, regulatory request, or to protect our rights, customers, staff, or property. If a business transfer occurs, such as a sale or reorganisation, personal data may be transferred as part of that transaction subject to applicable legal safeguards.

6. International transfers

Where personal data is transferred outside the United Kingdom or the European Economic Area, we will ensure appropriate safeguards are in place, such as an adequacy decision or approved contractual protections. We take steps to ensure that any such transfer is lawful and that your data remains protected to a standard consistent with data protection law.

7. Data retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, tax, accounting, insurance, and operational requirements. Retention periods may vary depending on the type of information and the reason for processing.

As a general principle:

  • Account and contract records are kept for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the periods required by law.
  • Security records, including CCTV and access logs, are retained only for as long as needed for safety, crime prevention, or incident investigation.
  • Complaint, claim, and dispute records may be kept until the matter is resolved and for an additional period where necessary to defend legal claims.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer be linked to an individual.

8. Data security

We use reasonable technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include restricted access, secure storage, staff training, access logging, and physical security controls at our facilities. While no system can be guaranteed completely secure, we work to maintain appropriate safeguards based on the nature of the data processed.

9. Your rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access — to request a copy of the personal data we hold about you.
  • Right to rectification — to ask us to correct inaccurate or incomplete data.
  • Right to erasure — to ask us to delete your data in certain circumstances.
  • Right to restrict processing — to ask us to limit how we use your data in certain situations.
  • Right to object — to object to processing based on legitimate interests or direct marketing.
  • Right to data portability — to request that certain data be provided to you or another provider in a structured format.
  • Right to withdraw consent — where we rely on consent, you may withdraw it at any time.

Some rights are subject to legal limitations and may not apply in every case. We may need to verify your identity before responding to a request.

10. Children’s data

Our storage services are not intended for children. We do not knowingly collect personal data from children except where it is provided lawfully and legitimately by an adult acting on their behalf or where required for a specific legal purpose.

11. Complaints and supervisory authority

If you have concerns about how we handle your personal data, we encourage you to raise them so that we can investigate and respond appropriately. You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically.

Summary of our approach

Enfieldhighway Storage only collects data necessary to provide storage services, keep the site secure, meet legal duties, and manage customer accounts. We process data on lawful bases including contract, legal obligation, legitimate interests, and consent where appropriate. We retain data only as long as needed, use trusted processors under strict controls, and respect your data protection rights.

This policy applies to all Enfieldhighway Storage customers in the area. We are committed to using personal data responsibly, keeping it secure, and ensuring that our processing remains transparent and proportionate at all times.

Call Now!
Call Now Get a Quote
Enfieldhighway Storage

GDPR-compliant Privacy Policy for Enfieldhighway Storage covering data collection, lawful basis, retention, processors, user rights, and area-wide customer applicability.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.