Silverbox Self-Storage Limited is committed to the protection of its Customer’s Data. This policy explains what information we collect, how we collect it, hold it, process it and for what purposes.

Please ensure that you read this document carefully. If you have any queries please contact us at

For the purpose of the General Data Protection Regulations 2019, the Data Controller is NWLondoncommercial, whose registered office address is at

11 Main Drive, East Lane Business Park.  HA9 7NA

Revisions to the Notice will be updated here so you will always be aware of what information we collect and the legal basis for our processing.

The Privacy Policy was last updated on 18/06/2019.

Personal Information

Legal basis for processing your data
The normal legal basis for us processing your data is that it is necessary for the performance of or entering into a contract – either you may be incumbent tenant who has a contract with us (i.e. you are renting one of our properties) or you may be inquiring about one of our properties with a view to entering into a contract with us.

In addition, we will processes data for our legitimate interests as outlined below in ‘How we use this data’ in order to communicate with you and improve our service.

Data we collect
Silverbox Self-Storage Limited may collect the following information about you:

  • Information you provide with us directly;
  • Information we collect about your device(s) and your use of our website, including through cookies and other internet technologies; and
  • Information we obtain from third-party sources.

How we use this data
Collecting this data helps us understand, how you use our website, what you are looking for in order to better tailor our services. Specifically, we may use data:

  • For our own internal records;
  • To improve the products and services we provide;
  • To contact you in response to a specific enquiry;
  • To customise the website for you;
  • To send you promotional emails about products, services, offers and other things we think might be relevant to you;
  • To send you promotional mailings or to call you about products, services, offers and other things we think might be relevant to you; and
  • To contact you via email, telephone or mail for market research reasons.

Your information and marketing communications
When you fill in a form or provide your details on our website, we may ask you whether you would like to receive marketing communications from Silverbox Self-Storage Limited via email, telephone, text message or post that we feel may be of interest to you. In order to receive these communications, you will need to opt in during registration. You will also need to acknowledge that you have read and understand our Terms and Conditions and also our Privacy Policy.

On occasions, Silverbox Self-Storage Limited may run promotions in which personal information is collected. We will always ask you if you agree to this. You will always be asked to provide your consent to this use by opting in.

By using, you consent to the collection and use of this information by Silverbox Self-Storage Limited and to this Privacy Policy.


What is a Data Subject?
The Data Subject is a living individual to whom personal data relates. For the purposes of this Privacy Notice, the Data Subject is any customer of Silverbox Self-Storage Limited.

What is Personal Data?
As described by Article 4 in the GDPR Definitions ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What is a Data Controller?
A Data Controller means the natural or legal person, public authority, agency or any other body which alone or jointly with others determines the purposes and means of the processing of personal data; where the purposes and means of processing are determined by EU or Member State laws, the controller may be designated by those laws.

What is a Data Protection Officer?
Data protection officers are responsible for overseeing data protection strategy and implementation to ensure compliance with GDPR requirements.

ICO (Information Commissioners Office)

Silverbox Self-Storage Limited has a lot of experience in dealing with Personal data and keeping it safe. We know what to do if there is a breach of data or if a request for data comes in. As such we are aware and know who to report into at the ICO.

Data Protection Complaints

If you would like to raise a complaint in regards to the way we have handled your data or you have a concern please raise this with our DPO by:

Data Protection Officer
11 Main Drive, East Lane Business Park.  HA9 7NA


If we are unable to come back to you with a satisfactory response you can raise your concerns with the ICO.

Information Commissioner’s Office
Wycliffe House,
Water Lane,

Data Controller/Data Processor

Due to the wide variety of customers and clients we serve in some instances, we are the Data Controller and others we are the Data Processor. Please see definitions at the top of the Notice in accordance with the GDPR.

Who does this policy apply to?
This policy applies to our customers and clients (including but not limited to Leaseholders, Tenants and Residents)

Sharing information
We may give out your personal data if required to so for Police Investigation or Court Order.

We may give your personal data to a 3rd party as part of a sale of the business and assets to the 3rd party. However, steps will be taken to ensure that your privacy rights continue to be protected and the data is used in accordance our Privacy Notice.

In an emergency, we may be required to give your contact details out to a contractor to contact you. However, we will always try and contact you beforehand.

As part of our process for collecting site funds, where there has been no contact made by you to advise why there has been no payment or to setup a payment plan we may pass your details on to a Debt Collecting Agency. We would like to assure you that the agency we use has under gone checks to ensure they are GDPR compliant and will not share your details further.

When required to do so we enlist the expertise of external solicitors for legal advice. Your data may be passed on to them to give them a better understanding of certain legal situations.

There may be instances where we share data with the Freeholder, RMC and directors of a site. We will query the use of the data to ensure the reason is a ‘legitimate interest’ before giving this to them and ensure they have adequate protection in place to store your data.

If we lose management of a site we will give all information we hold to the new management agents to ensure they can properly manage the site from the moment they take control.

Other than the points listed above we will not disclose your personal information without your permission. We do not sell your information to third parties and your personal data is treated with the up most care.

How do we protect your data?

Every member of staff is trained how to handle your Personal Data according to their Job Role.

Your data is only accessible by the teams involved in the management and service provision for your site/s.

Your data is housed in a secure data centre

Silverbox Self-Storage Limited operates firewalls which are regularly updated with the latest patches to ensure the latest threats are protected against.

Internet is restricted down to stop file sharing sites and malicious software.

All mobile devices are password protected and capable of being remotely wiped.

All Servers are backed up regularly into an external Data Centre which (in the event of a disaster) can be up and running in 4 hours to continue core services.

Your rights

Depending on the legal basis we have relied upon to process your data you have various rights you can choose to exercise.

All requests will be considered and responded to within 28 days of receipt. To submit a request please email with a subject of ‘Personal Data Request’. Please include specifics of what right you would like to exercise as detailed below.

Subject Access Request (SAR) and Changing your details
You can view your personal details on request.

You can also change your personal details if you know that have changed or after you have received your details from us.

Please ensure that you include your Tenant Reference number which can be found on any previous correspondence from us or your address that you are contacting us about.

How information will be provided to you
We will ask how you would like the information to be provided whether that be electronically or in printed hard copy.

Right to deletion
If you would like us to delete any data we have on you please let us know.

We will then consider your request. If there is no legal, contractual or other reason for us holding your data we will then delete your data and notify you that we have done so. However, there may be reasons for us to hold personal data e.g. you are an incumbent tenant, which would legally mean we are unable to delate your data. If this is the case, we will notify you why we are unable to delete your data.

Right to portability
In event that data has been processed on the basis of consent or for entering into or the performance of a contract you may request to have the data provided to you in a structured, commonly used and machine readable form (usually in CSV format).

Right to rectification
In event that any of your data has changed or been amended, please email us at and we will update the information we hold about you.

Right to Object
If you no longer wish your data processed due to grounds relating to your particular situation, where we are relying upon legitimate interests, you can exercise your right to object. Where this is concerned with direct marketing it will be stopped immediately.

Data Controller/Processor
Where we are the Data Controller we will process your request.

Where we are the Data Processor we will communicate with the Data Controller as they may wish to take ownership of the request.

Other matters

Use of cookies
This site, like many others, use small files called cookies to help us ensure you get the best possible experience. By using this website, you consent to the use of cookies.

What are cookies?
Cookies are files that contain small pieces of text that are stored by your web browser when you visit a website. They allow websites to recognise you and store things like user preferences, helping make your next visit easier and the service more useful to you.

Third-party cookies
In addition to our own cookies, we also use selected cookies provided by trusted third parties, such as from Google Analytics.

Google Analytics is a web analytics tool that helps us understand how visitors engage with our website. It allows us to view reports on information such as the time visits occurred, whether the visitor has been on our site before and what website referred the visitor to our site.

Your cookie choices
You can delete cookies or set your web browser to not accept cookies, but this may limit your ability to use all of our website’s features.

More information
If you would like to know more about cookies and their use, you may find the following website useful.