Privacy Policy - Upperwalthamstow Storage

This Privacy Policy explains how Upperwalthamstow Storage collects, uses, shares, stores, and protects personal data. It applies to all Upperwalthamstow Storage customers in the area, including prospective customers, current customers, former customers, and any individuals who communicate with us in connection with storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that personal data may be processed as described in this policy. We encourage you to read this notice carefully so that you understand how your information is treated.

1. Personal Data We Collect

We only collect personal data that is relevant and necessary for the provision, administration, and protection of our storage services. Depending on your relationship with us, we may collect the following categories of information:

  • Identity information: name, date of birth, and proof of identity where needed for verification.
  • Contact information: address, email address, and telephone number.
  • Account and contract details: service preferences, unit allocation, rental dates, invoices, payment status, and correspondence relating to your storage agreement.
  • Payment information: billing details and payment records. Card data is handled through secure payment systems and is not stored unless necessary for transaction processing.
  • Access and security information: key, access code, entry logs, CCTV footage, and records of site access where applicable.
  • Communications: emails, messages, complaint records, and notes of phone conversations.
  • Technical data: limited device or usage information if you interact with any digital systems we use for administration or security.

We do not seek to collect special category personal data unless it is strictly necessary and legally permitted. If such data is ever provided to us, we will treat it with extra care and only process it where a lawful basis exists.

2. How We Use Personal Data

We use personal data for the following purposes:

  • to set up and manage storage agreements;
  • to verify identity and prevent fraud;
  • to communicate about bookings, payments, service updates, and account matters;
  • to maintain security at our premises and protect property;
  • to manage access control and monitor site use;
  • to issue invoices, process payments, and maintain financial records;
  • to handle complaints, disputes, and legal claims;
  • to comply with legal and regulatory obligations; and
  • to improve our operations, systems, and customer service.

We use personal data only for clear and legitimate purposes. We do not use customer data in ways that are incompatible with the reasons it was originally collected.

3. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for every type of processing activity. Depending on the circumstance, we rely on one or more of the following lawful bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your storage unit, managing payments, and administering your account.

Legal obligation

We may process information where required to comply with the law, such as tax, accounting, fraud prevention, safety, or regulatory requirements.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, CCTV monitoring, service improvement, debt recovery, and preventing misuse of our facilities. We always consider whether our legitimate interests are appropriate and proportionate.

Consent

In limited cases, we may rely on your consent, for example where it is required for optional communications or specific processing activities. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties that help us operate our business. These third parties act as processors or, in some cases, independent controllers. We ensure that appropriate data protection safeguards are in place before sharing any personal data.

Typical processors and service providers may include:

  • Payment providers: to process card and online payments securely.
  • Accounting and invoicing systems: to manage records, billing, and tax compliance.
  • IT and cloud service providers: to host emails, backups, databases, and administrative systems.
  • Security providers: to support access control, alarm systems, and CCTV storage.
  • Professional advisers: such as legal, audit, insurance, or compliance advisers where necessary.

We may also disclose personal data where required by law, to courts, law enforcement, regulators, insurers, or other authorities. If a business transfer or restructuring occurs, personal data may be transferred as part of that transaction, subject to appropriate confidentiality and protection measures.

We do not sell customer personal data.

5. Retention of Personal Data

We retain personal data only for as long as it is necessary for the purpose for which it was collected, including for legal, accounting, or reporting obligations. Retention periods may vary depending on the type of data and the reason for processing.

As a general rule:

  • contract and account records are kept for the duration of the customer relationship and for a reasonable period afterward;
  • financial and tax records are retained for the period required by law;
  • security records, including CCTV footage, are kept for a limited period unless needed for an investigation or legal claim;
  • correspondence and complaint records are retained as long as needed to resolve the matter and for record-keeping purposes.

When personal data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you.

6. Data Security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, disclosure, alteration, or destruction. These measures may include access restrictions, secure storage, password protection, encryption where appropriate, staff confidentiality obligations, and regular review of security practices.

However, no system can be guaranteed to be completely secure. We therefore take reasonable steps to reduce risks and respond promptly if an incident occurs.

7. International Transfers

If any personal data is transferred outside the United Kingdom, we will ensure that adequate safeguards are in place in accordance with data protection law. This may include approved contractual protections or transfers to countries recognised as providing an adequate level of protection.

8. Your Rights

Subject to certain conditions and exemptions under data protection law, you have the following rights in relation to your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete information.
  • Right to erasure: to ask for your data to be deleted in certain circumstances.
  • Right to restriction: to request limited processing in specific situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format, where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been breached. We encourage you to raise concerns with us first so that we can try to resolve the matter promptly.

9. Children’s Data

Our storage services are not directed at children, and we do not knowingly collect personal data from children except where it is necessary for lawful business administration and supported by appropriate legal grounds.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or operational requirements. Any updated version will apply from the date it is published or otherwise communicated. We recommend reviewing this policy periodically to stay informed about how we process personal data.

Privacy, trust, and lawful processing are central to how Upperwalthamstow Storage operates. We are committed to handling personal data responsibly, minimising unnecessary collection, and respecting the rights of every customer in the area.

Call Now!
Call Now Get a Quote
Upperwalthamstow Storage

GDPR-compliant Privacy Policy for Upperwalthamstow Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.