Stasher ('we' or 'us') are a 'data controller' for the purposes of the Data Protection Act 1998 and the General Data Protection Regulation 2018 This means we are responsible for, and control the processing of, your personal information. The person responsible for how we handle personal information is Jacob Wedderburn-Day ([email protected]).
We collect the following personal information about you when you create an account or create a booking via our website or apps:
Our lawful basis for collecting this information is simply to provide you with the best service possible. Your contact details are required to send you transaction confirmations - and to reach you in case we need to alert you to changes. Your name and address are required so that our StashPoints can verify your identity when you drop off and collect your belongings.
"Personal data" is defined in Article 4(1) of the GDPR:
"(1) 'personal data' means any information relating to an identified or identifiable natural person ('data subject'); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person".
If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:
We will not usually ask you to provide sensitive personal information. We will only ask you to provide sensitive personal information if we need to for a specific reason, for example, if we believe you are having difficulty dealing with your account due to illness. If we request such information, we will explain why we are requesting it and how we intend to use it.
Sensitive personal information includes information relating to: your ethnic origin, your political opinion, your religious beliefs, whether you belong to a trade union, your physical or mental health or condition, your sexual life, and whether you have committed a criminal offence.
We will only collect your sensitive personal information with your explicit consent.
We do not knowingly collect personal data relating to children under the age of 16. If you are a parent or guardian of a child under the age of 16 and think that we may have information relating to that child, please contact us at [email protected] We will ask you to prove your relationship to the child but if you do so you may (subject to applicable law) request access to and deletion of that child’s personal data.
We do not collect or hold your payment information. This is all handled by our third party payment processors, Stripe or Paypal. Stripe only store what information they are required to store by law. No additional information is stored unless your express permission is given (e.g. ‘Remember Me’ function at checkout). This information is stored securely in a manner that is not accessible. Please check their privacy policies for further information.
We gather information directly from you when you provide us with it via our websites and mobile applications or ‘Apps’.
We may monitor and record communications with you (such as telephone conversations and emails). We may do this for a number of reasons, such as to check the quality of our customer service, for training purposes, to prevent fraud or to make sure we are complying with legal requirements.
You can set your browser not to accept cookies and the websites below tell you how to remove cookies from your browser. However, some of our website features may not function as a result.
For further information on cookies generally visit www.aboutcookies.org or www.allaboutcookies.org.
We collect information about you for a number of reasons.
So that we can take steps to enter into a contract with you and provide services to you once that contract is in place, we collect personal information to:
We also collect personal information to comply with our legal obligations, for example to comply with anti-money laundering and counter-terrorist financing requirements.
So that we can make sure we give a high quality service, we collect personal information to:
If you agree, we will contact you to let you know about other products or services that may be of interest to you—see 'Marketing’ section below;
If we propose to use your information for any other uses we will ensure that we notify you first. If we need your consent to use your information for these other purposes, we will give you the opportunity to opt in or to refuse. If you opt in, you will be able to opt out at any time.
We would like to send you information by post, email, telephone, text message (SMS) or automated call about products and services, competitions surveys and special offers which may be of interest to you.
We will ask whether you would like us to send you marketing messages by asking you to tick the relevant boxes when you complete our sign up process or create a booking.
If you have given consent to such receive marketing from us, our group or other businesses, you can opt out at any time. See 'What rights do you have?’ below for further information.
We may contact you to let you know about any changes to the service you have signed up for or to provide information you have requested. Where you have opted to receive further information from us, we will invite you to participate in surveys about our services (but it is your choice if you wish to take part) and we will contact you for marketing purposes. You can tell us to stop contacting you for marketing at any time – see the section on your rights below. If you ask us to stop contacting you, you can also ask us to start again at any time.
We may disclose your personal data to:
We will use technical and organisational measures to safeguard your personal data, for example:
access to your account is controlled by a password and username that are unique to you; we store your personal data on secure servers.
We have strict security and confidentiality procedures covering the storage and disclosure of your information in order to keep it safe and to prevent unauthorised access. We only allow certain authorised employees to have access to your personal information who need to use it to fulfil their job responsibilities. These employees are trained in the proper handling of customer information. Employees who do not comply with our internal rules are subject to our usual disciplinary procedures.
While we will use all reasonable efforts to keep your personal data safe, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data that is transferred from you or to you via the internet. If you have any particular concerns about your information, please contact us (see ‘How can you contact us?’ below).
Our website contains links to websites and applications owned and operated by other people and businesses. These third party sites have their own privacy policies and use their own cookies and we recommend that you review them before you provide them with personal information. They will tell you how your personal information is collected and used whilst you are visiting these other websites. We do not accept any responsibility or liability for the content of these sites or the use of your information collected by any of these other sites and you use these other sites at your own risk.
If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org. Get Safe Online is supported by HM Government and leading businesses.
We may need to transfer your personal data to countries which are located outside the European Economic Area. Rest assured that we will always ensure any transfer is subject to appropriate security measures to safeguard your personal data.
We will hold your personal information on our system for as long as is necessary for the service you have requested or for the length of time set out in any contract between us, unless you have told us you want us to remove us from the system (see section “Right to erasure” below). We will delete your data within 30 days of your request.
You can request a copy of your information which we hold (this is known as a subject access request). If you would like a copy of some or all of it, please:
We will not charge any fee for this service.
If you have your login details, the easiest thing is to login to your account. There you can add, edit and delete the data we hold on you. To delete your account, please contact [email protected]
You can require us to correct any mistakes in your information which we hold free of charge. If you would like to do this, please:
You can ask us to stop contacting you for direct marketing purposes. If you would like to do this, please:
You can ask us to delete the data we hold about you in certain circumstance. You can do this if it is no longer necessary for us to hold the data for the purpose it was collected (for example if you are no longer a customer), or if we are using it without your consent or you have to ask us to delete it to comply with any of your legal obligations. You can also do this if you originally gave your consent to us using your information and you want to change your mind, If you would like to do this, please:
We will take steps to make sure the information is deleted from our systems and by any people who are processing your information for us unless we have to carry on using the information for legal reasons. This process may take up to 30 days.
If you wish to contact us, please send an email to [email protected] or write to us at Stasher, RocketSpace, 42 Islington High St, London, N1 8EQ or call us on +44 20 3355 3544