Privacy Policy - Enfieldwash Storage

This Privacy Policy explains how Enfieldwash Storage collects, uses, shares, stores, and protects personal data. It applies to all Enfieldwash Storage customers in area, including prospective customers, existing customers, former customers, and any individuals who interact with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Enfieldwash Storage provides storage-related services to individuals and businesses. In the context of data protection law, we act as the data controller for the personal data we collect and determine the purposes and means of processing that data. This policy describes how we meet our obligations and respect your privacy rights.

2. Personal Data We Collect

We collect only the data necessary to deliver our services, manage our relationship with you, maintain security, and comply with legal obligations. The categories of personal data we may collect include:

  • Identity data: name, date of birth, and identification details where required for verification.
  • Contact data: postal address, email address, telephone number, and other communication details.
  • Customer and account data: storage unit details, account references, contract information, move-in and move-out dates, and service preferences.
  • Payment data: payment method details, billing records, transaction history, and limited financial information needed to process payments.
  • Access and security data: entry logs, CCTV-related information, incident reports, and other security records where applicable.
  • Communication data: correspondence with us by email, phone, or other channels, including complaints, enquiries, and service requests.
  • Technical data: device and browser information, cookies, and IP-related data where digital systems are used.

In limited circumstances, we may also process information that falls into sensitive or special category data if it is provided by you and necessary for a specific legal or operational reason. We will only do so where the law allows and where appropriate safeguards are in place.

3. How We Use Your Data

We process personal data for the following purposes:

  • to set up and manage your storage account;
  • to verify identity and prevent fraud;
  • to provide access to storage facilities and related services;
  • to process payments, invoices, and refunds;
  • to communicate with you about your account or our services;
  • to ensure the safety and security of our customers, staff, and premises;
  • to handle complaints, claims, disputes, and legal proceedings;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to improve our operations, service delivery, and customer experience;
  • to administer records, reporting, and internal business functions.

We only use personal data for the purposes for which it was collected unless we reasonably consider that another compatible purpose applies.

4. Lawful Basis for Processing

We rely on one or more lawful bases under UK GDPR depending on the context of the processing:

Contract

We process personal data where it is necessary for the performance of a contract with you, or to take steps at your request before entering into a contract. This includes creating your account, managing payments, and delivering storage services.

Legal Obligation

We process certain data where it is necessary to comply with a legal obligation, such as tax compliance, accounting requirements, fraud prevention obligations, and responses to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override those interests. This may include facility security, business administration, service improvement, and defending legal claims. Where we rely on legitimate interests, we apply an appropriate balancing test.

Consent

In some limited cases, we may ask for your consent, for example for optional marketing or certain non-essential uses of cookies or similar technologies. Where consent is used, you may withdraw it at any time without affecting the lawfulness of earlier processing.

5. Data Sharing and Processors

We may share personal data with carefully selected third parties where necessary and permitted by law. These parties may act as data processors or, in some circumstances, as separate controllers. We require appropriate contractual safeguards to protect personal data and limit use to authorised purposes.

Examples of processors and service providers may include:

  • Payment processors that handle card or electronic payments;
  • IT and cloud service providers that host systems, store data, or support communications;
  • Security providers that support CCTV, alarm monitoring, or site protection services;
  • Professional advisers such as accountants, auditors, insurers, and legal advisers;
  • Administrative service providers that assist with records management or customer communications;
  • Regulators, law enforcement, or public authorities where disclosure is required by law.

We do not sell your personal data. Any sharing is limited to what is necessary to operate the business, protect our interests, or meet legal requirements.

6. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy and to meet legal, accounting, or reporting requirements. Retention periods may vary depending on the type of data and the reason it was collected.

  • Customer account and contract records are typically kept for the duration of the relationship and for a period after it ends to resolve disputes or comply with legal requirements.
  • Payment and financial records are generally retained for statutory accounting and tax purposes.
  • Security logs and access records are retained only as long as reasonably necessary for safety, incident response, or investigation.
  • Correspondence and complaint records may be kept for the period needed to manage the matter and demonstrate compliance.

When data is no longer required, we will delete it securely or anonymise it so it can no longer identify you.

7. Security of Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or alteration. These measures may include access controls, secure storage, staff confidentiality obligations, system monitoring, and restricted data sharing. While we take data security seriously, no system can be guaranteed completely secure.

8. International Transfers

If any personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place so that the data remains protected to a standard consistent with UK GDPR. Such safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

9. Your Rights

You have a number of rights in relation to your personal data, subject to certain legal conditions and exemptions. These rights include:

  • Right of access: to obtain confirmation of whether we process your data and request a copy of it;
  • Right to rectification: to ask us to correct inaccurate or incomplete data;
  • Right to erasure: to request deletion of your data in certain circumstances;
  • Right to restriction: to request limited use of your data in specific cases;
  • Right to object: to object to processing based on legitimate interests or direct marketing;
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable;
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time;
  • Right to complain: to raise a concern with the relevant data protection supervisory authority.

We may need to verify your identity before responding to a rights request. We aim to respond within the time limits required by law.

10. Children’s Data

Our services are generally intended for adults. We do not knowingly collect personal data from children unless required in connection with a lawful service arrangement and with appropriate authority or consent where applicable. If we become aware that data has been collected inappropriately, we will take steps to delete it or handle it lawfully.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is made available. We encourage you to review this policy periodically to stay informed about how we protect your privacy.

12. Summary of Our Commitment

Enfieldwash Storage is committed to processing personal data lawfully, fairly, and transparently. We collect only what we need, use it for legitimate and clearly defined purposes, retain it for no longer than necessary, and apply safeguards when working with processors or other third parties. We also respect and support your data protection rights under UK GDPR.

This Privacy Policy applies to all Enfieldwash Storage customers in area.

Call Now!
Call Now Get a Quote
Enfieldwash Storage

GDPR-compliant Privacy Policy for Enfieldwash Storage covering data collection, lawful basis, retention, processors, rights, and customer scope in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.