North London Garages GTA – Privacy Policy

North London Garages GTA Ltd (NLG) are committed to protecting and respecting your privacy. This notice sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us.

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a new regulation which replaces the Data Protection Regulation (Directive 95/46/EC) The Regulation aims to harmonise data protection legislation across EU member states, enhancing privacy rights for individuals and providing a strict framework within which organisations can legally operate.

Even though the UK left the EU in January 2020, and we are in transition, the GDPR became applicable in the UK from 25th May 2018. The Government intends for the GDPR to continue in UK law post Brexit.

Please read the following carefully to understand our views, practices and legal obligations regarding your personal data and how we will treat it.

Information you give to us or we collect about you

This is information about you that you give us by filling in forms or by corresponding with us by phone, e-mail or otherwise. The information you give us or we collect from you may include, but not exclusive to, your name, address, e-mail addresses and phone numbers, financial information and compliance documentation.

Purposes of the processing and the legal basis for the processing

  • Used fairly and lawfully – Our legal basis for the processing of personal data is our legitimate business interests, although we will also rely on contract, legal obligation, and consent for specific uses of data

  • Used for limited, specifically stated purposes

  • Used in a way that is adequate, relevant, and not excessive

  • Accurate, kept safe and secure

  • Kept for no longer than necessary – We understand our legal duty to retain accurate data and only retain personal data for as long as we need it for our legitimate business interests and that you are happy for us to do so. Accordingly, we have a data retention notice and run data reviews to remove data that we no longer have a legitimate business interest in maintaining.

Disclosure of your information inside and outside of the EEA

We pass Data to our Data Controllers, as listed below, and may share Data with other third parties as deemed necessary for the running of our business. We will not sell on your details to other third parties.

Service providers who provide IT and system administration services.


We require all third parties to whom we transfer your data to respect the security of your personal data and to treat it in accordance with the law. We only allow such third parties to process your personal data for specified purposes and in accordance with our instructions.

The GDPR provides you with the following rights

  • Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

  • Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

  • Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.

  • Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

  • Request the transfer of your personal information to another party in certain formats, if practicable.

  • Make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office.

The ICO can be contacted through this link

https://ico.org.uk/concerns/ however we would be grateful if you would contact us first if you do have a complaint so that we can try to resolve it for you.

Access to information The GDPR gives you the right to access information held about you.  We also encourage you to contact us to ensure your data is accurate and complete.

Your right of access can be exercised in accordance with the GDPR Changes to our Privacy Policy notice Any updates or changes we make to our Privacy Policy notice in the future will be made available.

Questions, comments and requests, including if you wish to be removed from our database, or general enquiries regarding this Privacy Policy are welcomed and should be addressed to Data Protection Officer at DPO@nlggta.co.uk

Signed: -

Colin Denton,

Chief Executive 25th May 2021