Privacy Policy - Romford Storage

Romford Storage is committed to protecting the privacy and personal data of our customers, visitors, and anyone who interacts with our services. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK GDPR and the Data Protection Act 2018. It applies to all Romford Storage customers in the area, whether they use our storage services, make an enquiry, visit our premises, or communicate with us by any available means.

We believe that privacy should be handled with care, fairness, and transparency. This policy is intended to help you understand what information we hold about you, why we hold it, how long we keep it, and what rights you have over it.

1. Information We Collect

We may collect and process different types of personal data depending on how you use our services. This may include:

  • Identity details such as your name, date of birth, and identification documents where required.
  • Contact details such as address, email address, and telephone number.
  • Account and service information including booking records, storage unit details, access arrangements, payment status, and communication history.
  • Payment information such as billing records and transaction references. We do not ordinarily store full payment card details where card payments are processed securely through authorised payment providers.
  • Verification information where necessary to confirm identity, prevent fraud, or comply with legal obligations.
  • Technical information such as device details, browser type, and basic usage data if you interact with our digital systems or online services.
  • Security information such as CCTV footage, site access logs, or incident reports where relevant to the safety of our premises, staff, and customers.

We only collect personal data that is relevant and necessary for the purposes described in this policy. Where possible, we limit collection to the minimum amount of information needed to provide services and meet our obligations.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to provide, manage, and administer storage services;
  • to create and maintain customer records;
  • to process payments, refunds, and account-related transactions;
  • to verify identity and prevent fraud or misuse;
  • to communicate about bookings, service changes, access arrangements, or billing matters;
  • to meet legal, regulatory, tax, and accounting obligations;
  • to maintain site security and investigate incidents;
  • to improve our services, processes, and customer experience;
  • to defend, establish, or exercise legal claims where necessary.

We will not use your personal data in ways that are incompatible with the purposes for which it was collected unless we have a lawful basis to do so and, where required, notify you appropriately.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing personal data. Depending on the activity, we rely on one or more of the following lawful bases:

Contract

Processing is necessary to perform our contract with you or to take steps at your request before entering into a contract. This includes setting up a storage agreement, managing your account, providing access to storage services, and handling service-related communications.

Legal Obligation

We may process personal data where it is necessary to comply with a legal obligation. This includes record-keeping requirements, tax and accounting rules, and obligations relating to fraud prevention, health and safety, or law enforcement requests.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests may include managing our business efficiently, protecting our premises and property, preventing misuse, improving services, and ensuring security.

Consent

In limited situations, we may rely on your consent. For example, consent may be used for certain optional communications or specific uses of data that are not necessary for service delivery. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Sharing and Processors

We may share personal data with trusted third parties where necessary for the running of our business, compliance with the law, or the provision of services. When these third parties process personal data on our behalf, they act as processors and are required to handle data securely and only in accordance with our instructions.

Examples of processors and service partners may include:

  • IT and system providers who host or maintain our operational systems, databases, and security infrastructure;
  • Payment processors who handle card or electronic payment transactions securely;
  • Accountancy and bookkeeping providers who support financial administration and compliance;
  • Security contractors who assist with site monitoring, alarm systems, or incident management;
  • Professional advisers such as lawyers, auditors, or insurers when required for legal, regulatory, or insurance purposes;
  • Public authorities where disclosure is required by law, court order, or lawful request.

We do not sell your personal data. Any sharing is limited to what is necessary and proportionate. Where a processor is used, we require appropriate contractual safeguards, confidentiality obligations, and technical and organisational measures to protect your information.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, tax, or reporting requirements. Retention periods depend on the nature of the information and the reason it is held.

  • Customer and contract records are generally retained for the duration of the service relationship and for a period afterwards to handle queries, claims, or legal obligations.
  • Financial records are kept for the period required by applicable law and accounting standards.
  • Security footage and access records are retained for a limited period unless needed longer for investigation, evidence preservation, or legal action.
  • Enquiry records may be retained for a reasonable period to manage follow-up communication and service administration.

When personal data is no longer required, we will securely delete it, anonymise it, or otherwise dispose of it safely. We regularly review retention practices to ensure data is not kept for longer than necessary.

6. Data Security

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, secure storage, staff training, confidentiality obligations, and monitoring of systems and premises where appropriate.

Although we work hard to protect your information, no method of transmission or storage is completely secure. We therefore cannot guarantee absolute security, but we continue to review and improve our safeguards in line with the sensitivity of the data we process.

7. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights are not absolute and may be subject to conditions or exceptions. Your rights may include:

  • Right of access – you may request confirmation of whether we process your personal data and obtain a copy of it.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – in certain circumstances, you may ask us to delete your personal data.
  • Right to restriction – you may ask us to limit how we use your data in specific situations.
  • Right to object – you may object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability – in some cases, you may request that we provide your data in a structured, commonly used format or transmit it to another controller.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to raise a concern with the UK Information Commissioner’s Office if you believe your data has been handled unlawfully. We encourage you to contact us first so we can address your concerns promptly and fairly.

8. Data Sharing Outside the UK

In some circumstances, personal data may be stored or processed outside the UK by our service providers. If this happens, we will ensure that appropriate safeguards are in place so that your data remains protected to a standard consistent with UK data protection law.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, regulation, business practices, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

10. Summary of Our Commitment

Romford Storage is committed to processing personal data lawfully, fairly, and transparently. We collect only what is needed, use it for clear and legitimate purposes, retain it for no longer than necessary, and share it only with trusted processors or where legally required. We respect your rights and will handle all personal data with care and accountability.

This Privacy Policy applies to all Romford Storage customers in area and is intended to provide a clear explanation of how we manage personal data in line with GDPR principles.

Call Now!
Call Now Get a Quote
Romford Storage

GDPR-compliant Privacy Policy for Romford Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.