Privacy Policy - Wealdstone Storage

This Privacy Policy explains how Wealdstone Storage collects, uses, stores, shares, and protects personal data in connection with the provision of storage services. It applies to all Wealdstone Storage customers in the area, including prospective customers, current customers, former customers, and anyone who communicates with us about our services.

1. Introduction

Wealdstone Storage is committed to handling personal data in a lawful, fair, and transparent manner. We respect the privacy of everyone who uses our services and we are committed to complying with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and any other applicable privacy laws.

This policy explains what personal data we collect, why we collect it, the legal bases we rely on to process it, how long we keep it, who may process it on our behalf, and what rights individuals have in relation to their personal data.

Important: by using our services, making an enquiry, entering into a storage agreement, or otherwise interacting with us, you acknowledge that your personal data may be processed as described in this Privacy Policy.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity details: name, date of birth, and identification information where required for account opening, verification, or compliance purposes.
  • Contact details: address, email address, and telephone number.
  • Account and contract details: storage unit references, contract dates, payment history, invoices, records of service changes, and correspondence relating to your account.
  • Financial details: payment method information, transaction records, and limited billing details. We do not intentionally store full payment card details unless processed through a secure payment provider.
  • Access and security information: entry logs, CCTV footage, alarm records, visitor records, and other security-related data where applicable.
  • Communications: emails, letters, telephone notes, complaint records, and any other information you provide to us voluntarily.
  • Technical information: IP address, device information, and usage data if you interact with any digital systems or online booking tools associated with our services.

We generally collect personal data directly from you. In some cases, we may also receive data from third parties such as payment processors, identity verification providers, insurers, legal advisers, or public authorities where lawful and appropriate.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage customer accounts;
  • to provide storage services and administer storage agreements;
  • to process payments, refunds, and billing matters;
  • to verify identity and carry out fraud prevention checks;
  • to manage access to storage facilities and maintain security;
  • to communicate with customers about bookings, service updates, or contractual matters;
  • to deal with enquiries, complaints, and disputes;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to establish, exercise, or defend legal claims;
  • to improve our services, systems, and internal operations.

We will only use personal data where we have a lawful basis to do so.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the circumstance, Wealdstone Storage may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, providing storage services, taking payments, issuing invoices, and administering your account.

Legal Obligation

We may process personal data to comply with legal obligations, such as accounting requirements, tax rules, crime prevention duties, or requests from law enforcement or other public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include protecting our premises, preventing fraud, maintaining records, improving services, and handling disputes. Where we rely on legitimate interests, we assess the impact on your privacy and take appropriate safeguards.

Consent

In limited circumstances, we may ask for your consent, for example where consent is required for a specific optional activity. Where we rely on consent, you have the right to withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests

In rare situations, we may process personal data to protect someone’s vital interests, such as in an emergency involving health or safety.

5. Data Sharing and Processors

We do not sell personal data. However, we may share it with trusted third parties where necessary for the purposes described in this policy.

These third parties may act as processors or independent controllers. When they act as processors, they process personal data only on our instructions and are contractually required to protect it.

Examples of processors may include:

  • payment service providers;
  • IT and cloud hosting providers;
  • customer relationship and booking system providers;
  • security service providers, including CCTV or alarm monitoring services;
  • email and communications service providers;
  • accountants, auditors, and legal advisers acting in a professional capacity;
  • identity verification or fraud prevention providers.

We may also disclose personal data to insurers, regulatory bodies, courts, tribunals, law enforcement agencies, debt recovery providers, or other organisations where required or permitted by law. Any such disclosure will be limited to what is necessary and proportionate.

6. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, or reporting requirements.

Retention periods depend on the type of data and the reason for holding it. For example:

  • Contract and account records: kept for the duration of the customer relationship and for a reasonable period afterwards to manage claims, disputes, and accounting obligations.
  • Financial and transaction records: retained in line with tax and accounting law.
  • Security records: such as CCTV footage or access logs, retained for a limited period unless needed for investigation or legal proceedings.
  • Enquiry records: retained for a limited time where no contract is formed.

When personal data is no longer required, we will securely delete, anonymise, or destroy it.

7. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, secure systems, staff confidentiality obligations, data minimisation, and retention controls.

While no system can be guaranteed to be completely secure, we work to ensure that personal data is handled with care and protected in accordance with data protection requirements.

8. Your Rights

Individuals whose personal data we process have the following rights, subject to certain legal conditions and exemptions:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete personal data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit processing in certain situations.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to object: to object to processing based on legitimate interests or to direct marketing where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw that consent at any time.

If you make a rights request, we may need to verify your identity before responding. We aim to respond within the time limits required by law.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your personal data has been handled unlawfully. We encourage you to raise concerns with us first so that we can try to resolve the issue promptly.

9. Automated Decision-Making

We do not use personal data for decisions based solely on automated processing that produce legal or similarly significant effects, unless this is lawful and we have informed you in advance where required.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically.

11. Summary of Key Principles

This policy is designed to ensure that personal data is processed in a way that is lawful, transparent, and secure. We only collect data that is relevant to providing storage services, we retain it only as long as necessary, and we share it only where appropriate and legally justified.

Wealdstone Storage applies this Privacy Policy to all customers in the area. By maintaining careful controls over collection, storage, access, retention, and disclosure, we aim to protect privacy while delivering reliable storage services.

Call Now!
Call Now Get a Quote
Wealdstone Storage

GDPR-compliant privacy policy for Wealdstone Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.