Privacy Policy - Westwickham Storage

This Privacy Policy applies to all Westwickham Storage customers in the area and explains how we collect, use, store, share, and protect personal data in connection with our storage services. We are committed to handling personal information lawfully, fairly, and transparently in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Westwickham Storage provides storage services to individuals and businesses in the local area. In providing these services, we act as a data controller for the personal data we collect and use about our customers, prospective customers, visitors, and other individuals whose information is processed in the course of our operations.

2. Personal Data We Collect

We collect only the personal data that is necessary for operating our services, managing our relationship with customers, and meeting legal and security obligations. The types of data we may collect include:

  • Identity details such as name, date of birth, and proof of identity where required.
  • Contact details such as postal address, email address, and telephone number.
  • Account and service details such as storage unit references, booking information, payment status, and service history.
  • Payment information such as billing details and transaction records. We do not store full payment card details where a third-party payment processor is used.
  • Access and security data such as entry logs, CCTV recordings, alarm records, and incident reports where applicable.
  • Communication records such as correspondence, complaints, enquiries, and feedback.
  • Technical data such as basic device or usage information if collected through digital systems used to manage access, security, or administration.

We do not intentionally collect special category data unless it is provided to us by you for a specific reason and we have a lawful basis to process it. Please avoid sharing unnecessary sensitive information.

3. How We Collect Data

We may collect personal data directly from you when you complete forms, make an enquiry, sign a storage agreement, make a payment, contact us, or otherwise use our services. We may also receive data from third parties such as identity verification providers, payment processors, insurance providers, contractors, or public authorities where this is lawful and appropriate.

4. Why We Use Personal Data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To verify identity and prevent fraud.
  • To process bookings, payments, and account administration.
  • To maintain site safety, security, and access control.
  • To handle enquiries, complaints, and customer support.
  • To meet legal, regulatory, tax, and insurance obligations.
  • To enforce agreements and manage disputes.
  • To improve our operations, systems, and service quality.

5. Lawful Basis for Processing

We only process personal data where we have a valid lawful basis under the UK GDPR. The lawful bases we rely on may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, including setting up your account, providing access to storage, managing billing, and administering our services.

Legal Obligation

We may process data where this is necessary to comply with legal requirements, including tax, accounting, health and safety, safeguarding, and law enforcement obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. This may include protecting our premises, preventing fraud, maintaining records, improving services, and managing operational risks.

Consent

In limited circumstances, we may rely on consent, for example where it is required for certain optional communications or specific processing activities. Where we rely on consent, you have the right to withdraw it at any time.

6. Sharing and Processors

We may share personal data with trusted third parties where necessary for the purposes described in this policy. These third parties act as processors or, in some cases, independent controllers. We require appropriate contractual and security safeguards before any sharing takes place.

  • Payment processors to handle secure payment transactions.
  • IT and hosting providers to support data storage, email, and system administration.
  • Security service providers to manage alarms, CCTV, access control, and monitoring systems.
  • Identity verification and fraud prevention providers where needed to verify customers or prevent misuse.
  • Professional advisers such as accountants, insurers, auditors, or legal advisers.
  • Public authorities where required by law or where disclosure is necessary to protect rights, property, or safety.

We only disclose the minimum information required for the relevant purpose. Any processor acting on our behalf is instructed to process personal data only in accordance with our instructions and applicable data protection laws.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for the fulfilment of contractual obligations, legal compliance, dispute resolution, and record-keeping. Retention periods vary depending on the type of data and the context in which it is used.

  • Customer account and contract records are generally retained for the duration of the relationship and for a period afterward to deal with claims, queries, or legal requirements.
  • Financial and tax records are retained for the period required by law.
  • Security records such as access logs or CCTV footage are kept only as long as needed for safety, incident investigation, and security purposes.
  • Correspondence and support records are retained for as long as necessary to handle the issue and maintain appropriate records.

When data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and system safeguards. While we take data security seriously, no system can be guaranteed to be completely secure.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the circumstances of the processing.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – you can ask us to delete your data in certain circumstances.
  • Right to restriction – you can ask us to restrict how we use your data in certain cases.
  • Right to object – you can object to processing based on legitimate interests, and in some cases to direct marketing.
  • Right to data portability – you can request that certain data be provided to you or another organisation in a usable format.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits required by law unless an extension is permitted.

10. Automated Decision-Making

We do not normally use fully automated decision-making that produces legal or similarly significant effects. If this changes, we will ensure that any such processing is lawful and that you are provided with the relevant information and safeguards.

11. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place so that the data remains protected to an equivalent standard. This may include the use of recognised transfer mechanisms and contractual protections.

12. Children

Our services are intended for adult customers and business users. We do not knowingly collect personal data from children unless it is necessary in connection with lawful services or obligations and is handled appropriately.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or the way we process personal data. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is used.

14. Further Information

If you have concerns about how your personal data is handled, you may raise them with us and, where relevant, with the UK data protection authority. We will always aim to handle personal data with care, transparency, and respect, and to ensure that all processing is limited to what is necessary for delivering storage services safely and lawfully.

By using Westwickham Storage services, customers in the area acknowledge that their personal data may be processed in accordance with this Privacy Policy.

Call Now!
Call Now Get a Quote
Westwickham Storage

GDPR-compliant Privacy Policy for Westwickham Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.