Privacy Policy - Harrow Storage

This Privacy Policy explains how Harrow Storage collects, uses, stores, shares, and protects personal data relating to its customers and prospective customers. It applies to all Harrow Storage customers in area, including individuals and business users who use our storage services, request a quote, make an enquiry, or otherwise interact with us in connection with our services. We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK GDPR and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to any person whose personal data we process in connection with our storage services, including:

  • customers who hold or have held a storage agreement
  • individuals who request information, a quote, or a callback
  • people who visit our premises or interact with us during the provision of services
  • business contacts acting on behalf of an organisation
  • guarantors, emergency contacts, or authorised representatives where relevant

By using our services or providing us with personal data, you acknowledge that we may process your information as described in this policy.

2. Personal data we collect

We collect only the personal data that is necessary for the operation of our services, compliance with legal obligations, and protection of our legitimate interests. Depending on your relationship with us, we may collect the following categories of information:

Identity and contact information

  • full name
  • postal address
  • billing address
  • email address
  • telephone number
  • company name and job title where applicable

Service and account information

  • storage unit details
  • contract dates and service history
  • payment records and invoice details
  • communication records relating to your account
  • access logs and facility attendance records where used for security and operational purposes

Financial and verification information

  • payment method information, processed through secure payment systems
  • anti-fraud or identity verification data, where required
  • records needed to confirm identity, age, authority to act, or payment status

Technical and security information

  • device or browser data if you interact with digital systems
  • CCTV images or recordings where signage and lawful basis apply
  • incident reports, access control data, and security-related records

We generally do not seek to collect special category personal data. If you voluntarily provide such data, we will only process it where a lawful basis exists and, if required, where an additional condition under data protection law applies.

3. How we use your data

We use personal data for the following purposes:

  • to set up and manage your storage agreement
  • to verify identity and maintain security
  • to process payments, refunds, and account balances
  • to communicate about bookings, notices, or service issues
  • to maintain accurate records and customer support logs
  • to prevent fraud, misuse, theft, or unlawful activity
  • to comply with legal and regulatory obligations
  • to resolve disputes, enforce contracts, and establish or defend legal claims

We may also use aggregated or anonymised information for reporting, service improvement, and business administration, provided it no longer identifies any individual.

4. Lawful basis for processing

We process personal data only where a lawful basis under the UK GDPR applies. The relevant bases are:

Contract

We process data where it is necessary to enter into or perform a contract with you, including managing your storage unit, payments, renewals, and service communications.

Legal obligation

We process data where required to comply with law, including accounting, tax, fraud prevention, safety obligations, and lawful requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. This includes security monitoring, business administration, service improvement, debt recovery, and the protection of our property and customers.

Consent

In limited cases, we rely on your consent, for example for certain optional communications or where consent is required by law. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

5. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, operational, and security requirements. Retention periods vary depending on the type of data and the reason for processing.

  • customer and contract records are kept for the duration of the agreement and for a reasonable period afterwards
  • financial and tax records are retained for the period required by law
  • security and access records are kept for a limited period unless needed for an investigation or legal claim
  • enquiry or quotation records may be retained for a shorter period if no contract is formed

When data is no longer required, we securely delete it, anonymise it, or archive it in a restricted format if retention is needed for lawful reasons. Our retention approach follows the principle of storage limitation, meaning we do not keep personal data indefinitely.

6. Processors and data sharing

We may share personal data with trusted third-party processors and service providers who act on our instructions and are contractually required to protect your data. These may include:

  • payment processing providers
  • IT and software support providers
  • cloud hosting and secure data storage services
  • accounting and bookkeeping providers
  • security and CCTV system providers
  • professional advisers such as lawyers, auditors, or insurers

We may also disclose personal data where necessary to:

  • comply with legal obligations or lawful requests
  • protect the rights, property, or safety of Harrow Storage, our customers, or others
  • enforce our terms and conditions
  • support the prevention or detection of crime, fraud, or misuse

We do not sell personal data. Where a processor acts on our behalf, we remain responsible for ensuring that appropriate technical and organisational measures are in place.

7. International transfers

If any of our processors store or access data outside the UK, we will ensure appropriate safeguards are in place, such as approved contractual clauses or equivalent transfer mechanisms recognised under data protection law. We take steps to ensure that any cross-border transfer is lawful and that your information remains protected.

8. Your rights

You have rights in relation to your personal data, subject to certain conditions and exemptions under applicable law. These rights include:

  • Right of access - to request a copy of the personal data we hold about you
  • Right to rectification - to ask us to correct inaccurate or incomplete data
  • Right to erasure - to request deletion in certain circumstances
  • Right to restriction - to ask us to limit processing in specific situations
  • Right to data portability - to receive certain data in a structured, commonly used format
  • Right to object - to object to processing based on legitimate interests or direct marketing
  • Right to withdraw consent - where processing is based on consent

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so we can address them promptly and fairly.

9. Security of your data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure systems, staff training, physical security, and regular review of our procedures. While no system can guarantee complete security, we take data protection seriously and work to reduce risks to a reasonable and lawful level.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

Last reviewed: This policy is intended to be clear, fair, and proportionate, and it applies to all Harrow Storage customers in area.

Call Now!
Call Now Get a Quote
Harrow Storage

GDPR-compliant Privacy Policy for Harrow Storage covering data collection, lawful bases, retention, processors, user rights, and security for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.