Privacy Policy - Northockendon Storage

This Privacy Policy explains how Northockendon Storage collects, uses, stores, shares, and protects personal data. It applies to all Northockendon Storage customers in the area, including prospective customers, current customers, former customers, and any individuals whose personal data is processed in connection with our storage services, enquiries, bookings, site access, billing, and account management.

We are committed to handling personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to be clear, fair, and transparent about what information we process and why.

1. Data We Collect

We may collect and process the following categories of personal data:

  • Identity information, such as your name, title, and date of birth where needed for verification.
  • Contact details, such as postal address, billing address, email address, and telephone number.
  • Account and booking information, including unit allocation, rental terms, payment status, start and end dates, and access permissions.
  • Payment information, such as bank account details or card-related information used to process payments. We do not intentionally store full card security details unless required by secure payment systems.
  • Identification and verification data, such as copies of identity documents or proof of address where we need to confirm identity, prevent fraud, or comply with legal obligations.
  • Security and access records, including site entry logs, access times, CCTV footage, incident reports, and vehicle registration details where necessary for security.
  • Communications, including emails, written correspondence, complaint details, service requests, and notes from telephone or in-person conversations.
  • Technical data, such as IP address, device information, and basic usage data collected when you interact with digital systems we use for administration and security.

We usually collect personal data directly from you. In some cases, we may receive information from third parties, such as payment processors, identity verification providers, lawful authorities, insurers, contractors, or representatives acting on your behalf.

2. How We Use Personal Data

Northockendon Storage uses personal data to provide and manage our storage services and to operate our business safely and efficiently. We may use your data to:

  • set up and manage customer accounts;
  • process reservations, agreements, renewals, and cancellations;
  • collect rent, fees, and other charges;
  • verify identity and prevent fraud;
  • manage access to storage units and premises;
  • maintain security, including CCTV monitoring and incident investigation;
  • respond to enquiries, complaints, and service requests;
  • maintain business records and comply with legal or regulatory requirements;
  • protect our rights, property, staff, customers, and visitors;
  • improve our services, systems, and customer experience.

We only process personal data where the law allows us to do so. Where appropriate, we rely on one or more lawful bases under the UK GDPR.

3. Lawful Basis for Processing

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up storage agreements, managing access, taking payment, and handling account administration.

Legal Obligation

We may process personal data where required to meet legal obligations, such as tax and accounting requirements, fraud prevention duties, record keeping, or responding to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, CCTV monitoring, debt recovery, service improvement, internal administration, and protecting our business against misuse or unlawful activity.

Consent

In limited cases, we rely on your consent, for example where certain optional marketing activities require it. If we use consent as a basis, you have the right to withdraw it at any time.

4. Data Sharing and Processors

We do not sell your personal data. We may share information only when necessary and only with trusted service providers or other parties acting as data processors or independent controllers in accordance with the law.

Typical processors and recipients may include:

  • Payment processors who handle card or bank payments securely.
  • IT and hosting providers who support our email, storage administration systems, and data security services.
  • Security providers who assist with CCTV systems, alarm monitoring, access control, or incident response.
  • Professional advisers such as accountants, legal advisers, insurers, and auditors.
  • Identity verification or fraud prevention services where necessary to confirm identity or reduce risk.
  • Debt collection or credit management services where payment recovery becomes necessary and lawful.
  • Public authorities or law enforcement bodies when disclosure is required by law or necessary to protect rights and safety.

Where processors are used, they are required to process personal data only on our instructions, maintain appropriate security, and comply with data protection laws. We take reasonable steps to ensure that any third party handling personal data provides adequate safeguards.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, or as required by law. Retention periods may vary depending on the type of information and the reason it is held.

  • Customer account and contract records are generally kept for the duration of the agreement and for a reasonable period afterwards to manage disputes, claims, and business records.
  • Payment and accounting records are retained for the periods required by tax and financial laws.
  • Security records and CCTV footage are retained for a limited period unless needed longer for an investigation, insurance matter, or legal claim.
  • Communications and complaint records are kept as long as needed to resolve issues and maintain accurate records.
  • Identification documents are retained only while necessary for verification, compliance, or fraud prevention purposes.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Your Rights Under GDPR

Depending on the circumstances and legal basis for processing, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete information.
  • Right to erasure – to ask us to delete personal data in certain situations.
  • Right to restriction – to request limited processing in certain circumstances.
  • Right to object – to object to processing based on legitimate interests, including direct marketing where applicable.
  • Right to data portability – to receive certain data in a structured, commonly used format where technically feasible.
  • Right to withdraw consent – where processing is based on consent, you can withdraw it at any time.

These rights are not absolute and may be subject to legal exceptions. If we cannot action a request in full, we will explain why.

7. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access controls, secure systems, staff training, encryption where appropriate, and physical security arrangements.

While we work hard to safeguard personal data, no system can be guaranteed completely secure. If a personal data breach occurs that presents a risk to your rights and freedoms, we will take appropriate steps in line with legal requirements.

8. International Transfers

In some cases, data may be processed by service providers outside the United Kingdom. Where this happens, we will ensure appropriate safeguards are in place so that your personal data remains protected to a standard consistent with UK GDPR requirements.

9. Marketing Preferences

We will only send direct marketing where permitted by law. Where consent is needed, we will obtain it before sending such communications. You may opt out of marketing communications at any time if they are provided.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our operations, legal duties, or data protection practices. The latest version will apply to all Northockendon Storage customers in the area. We encourage you to review this policy periodically so that you remain informed about how we handle personal data.

11. Summary of Key Points

  • We collect only the personal data needed to provide storage services and manage our business.
  • We process data under lawful bases including contract, legal obligation, legitimate interests, and consent where necessary.
  • We share data only with trusted processors or where required by law.
  • We keep data only for as long as needed and delete or anonymise it securely when no longer required.
  • You have rights over your personal data, including access, correction, deletion, restriction, objection, and portability in some cases.

By using Northockendon Storage services, you acknowledge that your personal data may be processed as described in this Privacy Policy.

Call Now!
Call Now Get a Quote
Northockendon Storage

GDPR-compliant Privacy Policy for Northockendon Storage covering data collection, lawful basis, retention, processors, user rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.