Privacy Policy - Selfstorage Enfield

Last updated: May 2026

This Privacy Policy explains how Selfstorage Enfield collects, uses, stores, shares, and protects personal data relating to its customers, prospective customers, visitors, and other individuals whose data we process in connection with our storage services. It applies to all Selfstorage Enfield customers in the area and to any person interacting with our services in relation to units, reservations, payments, account management, security, and customer support.

We are committed to handling personal data in a fair, lawful, transparent, and secure way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we collect, why we collect it, the legal basis for processing, how long we keep it, who may process it on our behalf, and the rights you have over your information.

1. Information We Collect

We may collect and process the following categories of personal data:

  • Identity details: name, date of birth, and, where relevant, proof of identity documents.
  • Contact details: address, email address, telephone number, and correspondence preferences.
  • Account and booking information: storage unit details, reservation records, move-in and move-out dates, access arrangements, and service preferences.
  • Payment information: billing records, payment status, transaction history, and limited payment-related details necessary to process charges and refunds.
  • Security and access information: gate access records, CCTV footage, incident logs, alarm records, and other security-related data.
  • Communication records: emails, messages, phone call notes, complaint records, and customer service interactions.
  • Technical data: device or browser data, IP address, and service usage data where collected through digital systems.

In some circumstances, we may also collect special category data or information relating to vulnerability if you choose to provide it, for example where it is necessary to support reasonable adjustments or to resolve a dispute. We will only process such information where a lawful basis applies and where appropriate safeguards are in place.

2. How We Use Your Personal Data

We use personal data for the following purposes:

  • to register and manage your account;
  • to provide storage services and related customer support;
  • to verify identity and prevent fraud;
  • to process payments, refunds, and invoicing;
  • to manage access to storage facilities and maintain site security;
  • to communicate with you about bookings, renewals, policy updates, or service issues;
  • to investigate complaints, disputes, incidents, or insurance matters;
  • to comply with legal and regulatory obligations;
  • to improve our operations, security measures, and customer experience;
  • to defend or establish legal claims where necessary.

We will only use your personal data for the purposes for which it was collected, unless we reasonably consider that we need to use it for another compatible purpose. If we need to process your data for an unrelated purpose, we will explain the legal basis before doing so, where required.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each processing activity. Depending on the context, Selfstorage Enfield relies on one or more of the following lawful bases:

3.1 Performance of a Contract

We process personal data when it is necessary to enter into or perform our storage agreement with you. This includes setting up your account, providing access to your unit, handling billing, and delivering customer support.

3.2 Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as tax, accounting, anti-fraud, or regulatory requirements, and to respond to lawful requests from authorities.

3.3 Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided these are not overridden by your rights and freedoms. Examples include facility security, CCTV monitoring, fraud prevention, maintaining service integrity, and managing disputes. Where we rely on legitimate interests, we assess and balance those interests against your privacy rights.

3.4 Consent

In limited situations, we may ask for your consent, for example for optional communications or the use of certain data beyond what is needed to provide our services. Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

3.5 Vital Interests and Public Interest

These bases are unlikely to apply in most storage-service contexts, but may be used in exceptional circumstances where necessary to protect life, respond to emergencies, or meet a public-interest obligation.

4. How We Share Personal Data

We do not sell your personal data. We may share information only where necessary and proportionate for the purposes described in this policy. Recipients may include:

  • Service providers and processors: businesses that support our operations, such as payment processors, IT hosting providers, secure cloud storage providers, customer management systems, maintenance contractors, and CCTV or security service providers.
  • Professional advisers: lawyers, accountants, insurers, auditors, and other advisers where necessary for legal, financial, or compliance purposes.
  • Authorities and regulators: law enforcement bodies, courts, government agencies, or regulatory bodies where disclosure is required by law or necessary to establish, exercise, or defend legal rights.
  • Other third parties: where you instruct us to do so, or where sharing is necessary to provide the service you requested.

All processors are required to act only on our instructions, keep personal data secure, and comply with applicable data protection requirements. Where data is transferred outside the UK, we will ensure appropriate safeguards are in place, such as standard contractual clauses or an adequacy decision, as required by law.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, security, and reporting obligations. Retention periods may vary depending on the type of data and the reason we hold it.

  • Customer account and contract records: retained for the duration of the contract and for a reasonable period afterwards for record-keeping and dispute resolution.
  • Payment and financial records: retained for the periods required by tax and accounting law.
  • Security records and access logs: retained only as long as needed for safety, security monitoring, and incident investigation.
  • CCTV footage: typically retained for a short period unless an incident requires longer retention.
  • Complaints and correspondence: retained as necessary to resolve issues and demonstrate compliance.

When data is no longer required, we will securely delete, anonymise, or archive it in a manner consistent with applicable law and good security practice. We review retention needs regularly to avoid keeping information longer than necessary.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, monitoring systems, secure storage, encryption where appropriate, and regular review of security practices.

While we strive to protect your personal data, no system can be guaranteed completely secure. If we become aware of a personal data breach that is likely to result in a risk to your rights and freedoms, we will act in accordance with applicable law, which may include notifying you and the relevant supervisory authority.

7. Your Data Protection Rights

Depending on the circumstances and the lawful basis relied upon, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain situations.
  • Right to restriction: to ask us to limit how we use your data in certain circumstances.
  • Right to data portability: to receive certain information in a structured, commonly used, machine-readable format where applicable.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
  • Right not to be subject to automated decision-making: where applicable, you have rights relating to decisions made solely by automated means that have legal or similarly significant effects.

To exercise your rights, you may submit a request to us using the channels made available by Selfstorage Enfield. We may need to verify your identity before responding. We will respond within the time limits required by law, usually within one month, though this may be extended where requests are complex or numerous.

Important: some rights may not apply in all situations, and exemptions may exist under data protection law. If we cannot fulfil a request, we will explain why, subject to legal restrictions.

8. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data from children except where it is necessary in the context of a lawful customer arrangement or incident handling and only with appropriate legal justification.

9. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data-processing practices. Any revised version will apply from the date of publication or from another stated effective date. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

10. Summary of Our Commitment

Selfstorage Enfield takes privacy seriously and aims to process personal data lawfully, fairly, and transparently. We collect only what we need, use it for clear and legitimate purposes, retain it only for as long as necessary, and protect it with suitable safeguards. We also respect your rights and will respond to valid requests in line with applicable data protection law.

This Privacy Policy applies to all Selfstorage Enfield customers in the area.

Call Now!
Call Now Get a Quote
Selfstorage Enfield

GDPR-compliant Privacy Policy for Selfstorage Enfield covering data collection, lawful basis, retention, processors, and user rights in HTML.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.