Privacy Policy - Ilford Storage

Effective date: This Privacy Policy applies to all Ilford Storage customers in the area and explains how we collect, use, store, share, and protect personal data when you use our storage services.

We are committed to handling personal information fairly, lawfully, and transparently in line with the UK GDPR and the Data Protection Act 2018.

1. Who This Policy Applies To

This Privacy Policy applies to all customers, prospective customers, website visitors, authorised users, account holders, and anyone else whose personal data is processed in connection with Ilford Storage services in the local area. It also applies where we receive personal data from business partners, property managers, or other third parties involved in providing our services.

By using our services, you acknowledge that your personal data will be processed as described in this policy.

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity data: name, title, date of birth, and identification details used to verify identity.
  • Contact data: address, email address, telephone number, and emergency contact details where provided.
  • Account and booking data: storage unit numbers, rental dates, payment records, contract details, and correspondence relating to your account.
  • Financial data: billing information, payment method details, transaction history, and records relating to refunds, arrears, or charges.
  • Usage data: access logs, site entry records, CCTV footage, and security records where applicable.
  • Technical data: IP address, device information, browser type, and other information collected through digital systems used to manage services.
  • Communication data: messages, complaints, service requests, and notes from telephone, email, or written correspondence.

We normally collect personal data directly from you when you enquire about, register for, or use our services. We may also receive data from authorised representatives, payment providers, fraud prevention services, insurers, debt recovery providers, or public sources where lawful and relevant.

3. How We Use Personal Data

We use personal data to provide and manage storage services, including account administration, payment processing, identity verification, access control, maintenance, security, customer support, and service communications. We may also use data to detect and prevent fraud, enforce contractual rights, recover unpaid balances, comply with legal obligations, and improve the quality and security of our services.

We do not use your personal data in ways that are incompatible with the purposes described in this policy without informing you and, where required, obtaining a valid lawful basis.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing your personal data. Depending on the circumstances, we rely on the following lawful bases:

  • Contract: processing is necessary to enter into or perform our agreement with you, such as managing your storage unit, billing, and customer support.
  • Legal obligation: processing is necessary to comply with legal and regulatory requirements, including tax, accounting, and record-keeping obligations.
  • Legitimate interests: processing is necessary for our legitimate business interests, such as site security, fraud prevention, service improvement, and protecting property, provided these interests are not overridden by your rights and freedoms.
  • Consent: where required, for example for certain optional communications or specific types of processing, we will rely on your consent and you may withdraw it at any time.

Where we process special category or sensitive information, if ever required, we will do so only where a separate lawful condition applies and additional safeguards are in place.

5. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers depending on the service provided. These parties are permitted to process data only for the agreed purpose and must apply appropriate security measures.

Our processors may include:

  • IT and cloud service providers that host systems and data;
  • payment processors that handle card or bank transactions;
  • accounting, audit, and invoicing providers;
  • security providers, including CCTV and access-control support services;
  • customer communication and document management providers;
  • professional advisers such as lawyers, insurers, and compliance consultants;
  • debt recovery or credit control providers where necessary.

We may also disclose personal data to law enforcement, regulators, courts, or public authorities where required by law, or where disclosure is needed to protect our rights, customers, staff, or property.

We do not sell your personal data.

6. International Transfers

If any processor stores or accesses personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent protective measures. We only transfer data where it is lawful and necessary for the relevant service.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, insurance, and reporting requirements. Retention periods vary depending on the type of data and our legal obligations.

  • Customer account and contract records are generally kept for the duration of the relationship and for a reasonable period afterwards.
  • Financial and tax records are kept for the period required by law and accounting standards.
  • Security records such as access logs or CCTV footage are kept only as long as needed for security and incident handling.
  • Correspondence and complaint records are retained for as long as necessary to deal with the matter and maintain evidence of our handling.

When data is no longer required, we securely delete, anonymise, or archive it in accordance with our retention procedures.

8. Data Security

We use technical and organisational measures designed to protect personal data from unauthorised access, alteration, disclosure, loss, or destruction. These measures may include access restrictions, encryption, secure storage, staff training, monitoring, and supplier due diligence. While no system is completely secure, we take reasonable steps to reduce risks to your information.

9. Your Rights

As a data subject under UK GDPR, you have the following rights in relation to your personal data, subject to certain conditions and exemptions:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data where there is no lawful reason to keep it.
  • Right to restriction: you may ask us to limit processing in certain circumstances.
  • Right to data portability: you may request transfer of certain data in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we will respond in accordance with applicable data protection law. We may need to verify your identity before acting on your request.

10. Complaints

If you are concerned about how we handle your personal data, you may raise the matter with us so that we can review and address it. You also have the right to complain to the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

11. Children’s Data

Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful service arrangement and appropriate permissions are in place.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is published or otherwise communicated. Please review this policy periodically to stay informed about how we process your information.

In summary: we process personal data fairly, use it only where lawful, retain it only as long as needed, share it only with trusted processors or authorities where necessary, and respect your data protection rights.

Call Now!
Call Now Get a Quote
Ilford Storage

GDPR-compliant Privacy Policy for Ilford Storage covering data collection, lawful basis, retention, processors, user rights, and applies to all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.