Privacy Policy - Woolwich Storage

This Privacy Policy explains how Woolwich Storage collects, uses, stores, shares, and protects personal data relating to our customers. It applies to all Woolwich Storage customers in the area and to anyone who enquires about or uses our storage services. We are committed to handling personal data in a lawful, fair, and transparent way in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We take privacy seriously and only process personal data where we have a valid reason to do so. This policy is written to help you understand what information we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your personal data.

1. Information We Collect

We collect personal data that is necessary for providing storage services, managing our business operations, and meeting legal obligations. The exact information we collect depends on how you interact with us, but it may include:

  • Identity details such as your name, title, and date of birth where required for verification.
  • Contact details including your address, email address, and telephone number.
  • Account and booking details such as unit size, start date, access arrangements, billing records, and service preferences.
  • Payment information including limited card or bank details used for processing payments, invoicing, and refunds.
  • Identification documents where required to verify identity, prevent fraud, or comply with legal obligations.
  • Security information such as access logs, CCTV footage, incident reports, and gate or entry records where applicable.
  • Communication records including emails, call notes, complaints, and customer service correspondence.
  • Technical information if you use digital services, such as IP address, browser type, and device information.

We may also receive personal data from third parties, such as payment providers, identity verification services, insurers, or legal representatives where this is necessary and permitted by law.

2. How We Use Your Personal Data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To process bookings, payments, renewals, and cancellations.
  • To verify identity and prevent fraud.
  • To maintain security, protect property, and manage access to facilities.
  • To respond to enquiries, complaints, and requests.
  • To meet legal, tax, accounting, and regulatory obligations.
  • To improve our services, systems, and customer experience.
  • To send important service-related notices and updates.

We do not use personal data for purposes that are incompatible with the reason it was originally collected unless we have a lawful basis to do so.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. Woolwich Storage relies on the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing your booking, issuing invoices, taking payment, and delivering the services you request.

Legal Obligation

We may process personal data to comply with laws and regulations, including tax rules, accounting requirements, fraud prevention measures, and any lawful request from regulators or law enforcement.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided that those interests do not override your rights and freedoms. Examples include maintaining security, preventing misuse of our services, managing internal administration, and improving our operations. Where we rely on legitimate interests, we balance our interests against your privacy rights.

Consent

In limited situations, we may rely on your consent, for example where you choose to receive certain optional communications. If we rely on consent, you may withdraw it at any time.

4. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods may vary depending on the type of data and the reason it is held.

  • Customer account and contract records are generally retained for the duration of the service relationship and for a period afterward to address queries, disputes, and legal claims.
  • Payment and accounting records are retained for the period required by tax and financial regulations.
  • Security records such as access logs or CCTV footage are retained for a limited period unless needed for investigation, enforcement, or insurance purposes.
  • Communication records may be retained to maintain service history, resolve disputes, and improve service quality.

When personal data is no longer needed, we will securely delete, destroy, or anonymise it. We do not keep personal data indefinitely.

5. Sharing Your Personal Data and Processors

We may share personal data with trusted third parties who help us operate our business. These third parties act as processors when they process data on our behalf and under our instructions, or as separate controllers where they determine their own purposes.

Examples of processors and service providers may include:

  • Payment processing providers.
  • IT hosting, cloud storage, and software support providers.
  • Identity verification and fraud prevention services.
  • Security and monitoring providers.
  • Professional advisers such as accountants, auditors, legal advisers, and insurers.
  • Maintenance and facility management contractors where access is necessary to perform their work.

We require processors to protect personal data, use it only for specified purposes, and comply with applicable data protection law. We do not sell personal data. We may disclose information where required by law, to protect our rights, to prevent fraud, or in connection with legal proceedings.

6. International Transfers

Where personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or equivalent protections permitted by law. We take steps to make sure personal data remains protected wherever it is processed.

7. Data Security

We use reasonable technical and organisational measures to protect personal data against loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include restricted access, encryption, secure storage, staff training, and monitoring of systems. While no system is completely secure, we work to reduce risk and respond appropriately to incidents.

8. Your Rights

Under data protection law, you have rights regarding your personal data. These rights may apply in full or in part depending on the circumstances.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – in certain cases, you can ask us to delete your personal data.
  • Right to restrict processing – you can ask us to limit how we use your data in certain situations.
  • Right to data portability – you may request that certain data be provided to you or another controller in a structured format.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits set by law unless an extension is permitted.

9. Complaints and Supervisory Authority

If you are concerned about how we handle personal data, you have the right to raise a complaint with the relevant data protection authority in the UK. We encourage you to contact us first so we can try to resolve the issue directly. However, you are not required to do so before contacting the authority.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our data handling practices. Any updated version will apply from the date it is published or otherwise communicated. Please review this policy periodically to stay informed about how we protect your information.

11. Summary of Our Approach

Woolwich Storage collects only the personal data needed to provide secure, reliable storage services and operate responsibly. We process data on lawful bases such as contract, legal obligation, legitimate interests, and, in limited cases, consent. We retain information only as long as necessary, share it carefully with trusted processors, and respect your data protection rights. Our aim is to keep your information safe, lawful, and used only for proper business purposes.

Call Now!
Call Now Get a Quote
Woolwich Storage

GDPR-compliant privacy policy for Woolwich Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.