Privacy Policy - Colindale Storage

This Privacy Policy explains how Colindale Storage collects, uses, stores, shares, and protects personal data relating to its customers in the Colindale area. It applies to all Colindale Storage customers in area, including prospective customers, current customers, former customers, and anyone who interacts with our services on behalf of a business or household. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Data We Collect

We collect only the personal data that is necessary to provide storage services, manage accounts, maintain security, and meet legal obligations. The type of information we may collect includes:

  • Identity information such as your name, date of birth, and identification details when required for verification.
  • Contact information including address, email address, and telephone number.
  • Account information such as account reference numbers, booking details, payment status, and service preferences.
  • Payment information such as billing details and transaction records. We do not store full payment card details unless necessary for a lawful and secure payment process handled by a payment provider.
  • Security information including CCTV footage, access logs, gate entry records, alarm-related records, and other site security data.
  • Communications such as emails, written correspondence, service requests, complaints, and records of calls or notes from customer interactions where applicable.
  • Technical information such as device or browser data if collected through digital systems used for bookings, access, or service administration.

We do not seek to collect unnecessary personal data. Where we receive information that is not required for our operations, we will limit its use and retention as far as reasonably possible.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To create and administer customer accounts.
  • To verify identity where appropriate.
  • To process payments, refunds, and billing matters.
  • To communicate about bookings, access, invoices, renewals, and service updates.
  • To maintain site safety and protect customer property.
  • To investigate incidents, disputes, or suspected misuse of the site.
  • To comply with legal, regulatory, tax, accounting, and insurance obligations.
  • To improve the quality, efficiency, and security of our services.

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose and that such use is permitted by law.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. Depending on the context, we process data on the following bases:

  • Contract – where processing is necessary to enter into or perform our storage agreement with you, such as managing bookings, access, and billing.
  • Legal obligation – where we are required to keep records or disclose information to comply with law, tax rules, accounting duties, court orders, or regulatory requirements.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as site security, fraud prevention, service improvement, and handling disputes, provided these interests are not overridden by your rights and freedoms.
  • Consent – where we rely on your consent for a specific optional activity. If consent is used, you may withdraw it at any time.
  • Vital interests – in rare circumstances where processing is necessary to protect someone’s life or physical safety.

We will always assess the appropriate lawful basis before processing personal data and keep records of our decision-making where required.

4. Data Sharing and Processors

We may share personal data with trusted third parties who help us run our business. These third parties act as processors or, in some cases, independent controllers. We only share data where there is a lawful basis and where appropriate safeguards are in place.

Processors we may use

  • Payment processors to handle card or electronic payments securely.
  • IT and cloud service providers to store records, manage systems, and support operational software.
  • Security providers for CCTV, alarm systems, monitoring, and site protection.
  • Accounting and administrative service providers to manage invoices, bookkeeping, and records.
  • Maintenance and access-control contractors who may need limited information to carry out essential services.
  • Professional advisers such as solicitors, insurers, or auditors where necessary for legal, compliance, or claims-related matters.

All processors are required to act only on our instructions, keep personal data secure, and use it solely for the services they provide to us. We do not sell personal data.

5. International Transfers

Where a processor or service provider stores or accesses data outside the UK, we will ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or equivalent legal protections designed to keep your data secure and compliant with UK GDPR requirements.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes described in this policy, including to meet legal, accounting, tax, insurance, and dispute-resolution requirements. Retention periods vary depending on the type of data and the reason for processing.

  • Customer account and contract data may be retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and transaction records are generally kept for the period required by law or accounting practice.
  • Security records, including CCTV, are retained for a limited period unless required longer for investigation, safety, or legal purposes.
  • Correspondence and complaint records are retained as long as needed to resolve the matter and protect our legal position.

When data is no longer needed, we will securely delete, anonymise, or destroy it. Retention is reviewed regularly to ensure data is not kept longer than necessary.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, or disclosure. These measures may include access controls, password protection, encryption where suitable, restricted staff access, secure archiving, and monitoring of site systems. While no system can be guaranteed completely secure, we take data protection and site security seriously and review safeguards periodically.

8. Your Rights

As a data subject, you have rights under UK data protection law. Subject to conditions and exemptions, these may include:

  • The right of access – to request a copy of the personal data we hold about you.
  • The right to rectification – to ask us to correct inaccurate or incomplete data.
  • The right to erasure – to ask us to delete personal data in certain circumstances.
  • The right to restriction – to request that we limit how we use your data in certain situations.
  • The right to object – to object to processing based on legitimate interests or direct marketing, where applicable.
  • The right to data portability – to receive certain information in a structured, commonly used, machine-readable format, where legally applicable.
  • The right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to complain to the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage customers to raise concerns with us first so that we may try to resolve them promptly and fairly.

9. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is incidental to a lawful transaction or service arrangement and is necessary for legitimate operational purposes. If we become aware that we have collected children’s data inappropriately, we will take appropriate steps to delete it or handle it lawfully.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. Any updated version will apply from the date of publication or implementation as stated in the revised policy. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

11. Contact and Further Information

This policy is designed to be clear and transparent, but it does not replace your legal rights or our obligations under data protection law. If you wish to exercise your rights, raise a concern, or request more information about how your data is processed, you may do so through the appropriate customer service channels. We will respond in accordance with applicable legal timeframes.

Colindale Storage is committed to protecting privacy, maintaining trust, and handling personal data responsibly for every customer in the area. Our aim is to ensure that all information is used fairly, stored securely, and retained only for as long as necessary.

Call Now!
Call Now Get a Quote
Colindale Storage

GDPR-compliant Privacy Policy for Colindale Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.