Privacy Policy - Eastcote Storage

This Privacy Policy explains how Eastcote Storage collects, uses, stores, shares, and protects personal data in connection with its storage services. It applies to all Eastcote Storage customers in the area, including prospective customers, current customers, former customers, visitors, and anyone who communicates with us about our services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Scope of this Privacy Policy

This policy applies whenever we process personal data relating to individuals who use, enquire about, or otherwise interact with Eastcote Storage. It covers data collected through in-person interactions, telephone calls, emails, written forms, account administration, payment processing, security systems, and operational records connected to our storage services.

For the purpose of this policy, personal data means any information that can identify a living individual, either directly or indirectly. This may include names, contact details, billing information, identification documents, access records, and correspondence.

2. Data We Collect

We collect only the personal data necessary for running our storage services, managing customer relationships, meeting legal obligations, and protecting the security of our premises and systems.

Information you provide to us

  • Identity details such as your name, date of birth, and proof of identity where required
  • Contact details such as postal address, email address, and telephone number
  • Account and contract information relating to your storage unit, rental agreement, and service preferences
  • Payment information such as billing records, transaction details, and payment status
  • Communications including enquiries, complaints, feedback, and correspondence
  • Access and security information where needed for site access, key or code management, and incident reporting

Information we collect automatically

  • CCTV footage captured for site safety, crime prevention, and asset protection
  • Access logs showing when a person enters or leaves a secured area
  • Technical records such as device or system logs if they are used to maintain security or service reliability

Information from third parties

In some cases, we may receive personal data from third parties such as payment providers, legal advisers, insurance providers, debt recovery services, or identity verification services. We only receive this information where it is lawful and relevant to our business operations.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To register customers and manage storage agreements
  • To provide storage services and maintain customer accounts
  • To take payment and manage invoices, refunds, or arrears
  • To communicate about bookings, access arrangements, service updates, or account matters
  • To verify identity and prevent fraud or unauthorised use of services
  • To maintain security, including the use of CCTV and access monitoring
  • To handle complaints, disputes, and enforcement of contractual terms
  • To comply with legal, regulatory, tax, accounting, and insurance obligations
  • To improve our services, systems, and customer experience

We will only use personal data for the purposes for which it was collected unless we reasonably believe another compatible purpose applies or we are legally permitted to do so.

4. Lawful Basis for Processing

We must have a lawful basis under data protection law for each processing activity. Depending on the circumstances, Eastcote Storage relies on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as managing your storage unit, issuing invoices, or providing access and account administration.

Legal obligation

We process data where required to comply with legal duties, including tax, accounting, fraud prevention, health and safety, and record-keeping obligations.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include protecting our site, preventing theft or misuse, managing customer relations, enforcing contracts, and improving service operations. Where we rely on legitimate interests, we assess the impact on individuals and apply safeguards.

Consent

In limited situations, we may rely on your consent, for example for optional marketing communications if such communications are offered. Where consent is used, you may withdraw it at any time.

5. Data Sharing and Processors

We do not sell personal data. We may share information only when necessary, lawful, and proportionate. Some third parties act as processors, meaning they process data on our instructions and under contract. Others may act as independent controllers.

Typical processors may include:

  • Payment service providers who process card or electronic payments
  • IT and cloud service providers who host systems, email, storage, or backups
  • Security service providers supporting CCTV, alarm, or access control systems
  • Administrative support providers who help with customer record management
  • Professional advisers such as accountants, auditors, lawyers, or insurers
  • Debt recovery or tracing services where needed for unpaid balances, subject to legal limits

All processors are selected carefully and are required to use personal data only for the agreed purpose, keep it secure, and delete or return it when no longer needed. If personal data is shared with an independent controller, that party is responsible for its own privacy obligations.

6. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, including to meet legal, accounting, insurance, and contractual requirements. Retention periods depend on the type of data and the reason for processing.

Examples of retention periods

  • Customer contract and account records may be kept for the duration of the relationship and for a reasonable period afterward
  • Financial and tax records are retained for the period required by law
  • CCTV footage is generally kept only for a short period unless needed for an investigation, legal claim, or incident review
  • Correspondence and complaints may be retained as long as necessary to resolve the matter and demonstrate how it was handled

When personal data is no longer needed, we will delete, anonymise, or securely destroy it in accordance with our retention procedures.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, password protection, secure storage, staff confidentiality obligations, monitoring of system access, and regular review of security arrangements.

Although no system can be guaranteed completely secure, we take data protection seriously and aim to reduce risk at every stage of processing.

8. Your Rights Under Data Protection Law

You have a number of rights in relation to your personal data. These rights may be subject to legal limits or exceptions, but we will always consider your request carefully.

Your rights include:

  • Right of access – to request a copy of the personal data we hold about you
  • Right to rectification – to ask us to correct inaccurate or incomplete data
  • Right to erasure – to ask us to delete personal data in certain circumstances
  • Right to restriction – to ask us to limit how we use your data in certain cases
  • Right to object – to object to processing based on legitimate interests or direct marketing
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable
  • Right to withdraw consent – where processing is based on consent

If you wish to exercise any of these rights, we may ask for information to confirm your identity before responding. We aim to deal with valid requests within the time limits set by law.

9. Children’s Data

Eastcote Storage services are not directed to children, and we do not knowingly collect personal data from children except where necessary in connection with a customer relationship and where lawful to do so. If we become aware that we have collected data improperly, we will take steps to delete it where appropriate.

10. International Transfers

Where personal data is transferred outside the UK, we ensure that appropriate safeguards are in place so that the data continues to receive a suitable level of protection. This may include using approved transfer mechanisms and contractual protections in line with applicable data protection law.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or service arrangements. Any revised version will apply from the date it is adopted. We encourage customers to review the policy periodically to stay informed about how personal data is handled.

12. Summary of Our Commitment

Eastcote Storage will process personal data fairly, lawfully, and transparently. We collect only what we need, use it for clear business and legal purposes, share it responsibly with trusted processors, keep it only as long as necessary, and respect your rights under data protection law. Our aim is to protect the privacy of every customer while delivering secure and reliable storage services.

Call Now!
Call Now Get a Quote
Eastcote Storage

GDPR-compliant Privacy Policy for Eastcote Storage covering data collection, lawful basis, retention, processors, security, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.