Privacy Policy - Northwoolwich Storage

This Privacy Policy explains how Northwoolwich Storage collects, uses, shares, stores, and protects personal data relating to customers, prospective customers, visitors, and other individuals whose information we process in connection with our storage services. This policy applies to all Northwoolwich Storage customers in the area and is intended to provide clear information about our practices in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Northwoolwich Storage provides storage services for individuals and businesses. For the purposes of data protection law, we act as a data controller for the personal data we collect and use to manage our services, accounts, operations, and legal obligations.

2. Personal Data We Collect

We collect only the information that is necessary for operating our storage services and meeting legal requirements. Depending on your relationship with us, we may collect:

  • Identity data such as your name, date of birth, and identification details used to verify your identity.
  • Contact data such as your address, email address, and telephone number.
  • Account and contract data such as booking details, storage unit information, payment status, and service preferences.
  • Financial data such as payment card details or bank payment information, where needed for billing and refunds.
  • Access and security data such as entry logs, key or access code records, CCTV footage, and incident reports.
  • Communications data such as emails, messages, complaints, enquiries, and notes from calls or service interactions.
  • Technical data where relevant, such as device or browser information if you interact with our digital systems.

We do not intentionally collect special category data unless it is provided by you or required in exceptional circumstances, for example where it is necessary to handle an incident or legal claim. If such data is processed, we will only do so where a lawful condition under data protection law applies.

3. How We Use Your Data

We use personal data for the following purposes:

  • To create and manage customer accounts and storage agreements.
  • To verify identity and prevent fraud.
  • To provide access to storage facilities and maintain security.
  • To process payments, refunds, deposits, and billing.
  • To communicate with you about your service, booking, or account.
  • To respond to enquiries, complaints, or service requests.
  • To maintain records, investigate incidents, and enforce terms.
  • To comply with legal, tax, accounting, insurance, and regulatory obligations.
  • To protect our business, staff, customers, and property.

We only use your personal data where we have a valid legal basis and where the use is fair, necessary, and proportionate.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for each processing activity. Northwoolwich Storage relies on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes opening your account, providing access to storage, taking payment, and managing your service.

Legal Obligation

We may process data to comply with laws and regulations, including tax, accounting, fraud prevention, health and safety, and lawful requests from authorities.

Legitimate Interests

We may use personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include managing operations, securing facilities, preventing crime, maintaining records, and defending legal claims. When we rely on this basis, we assess the potential impact on your privacy and ensure appropriate safeguards are in place.

Consent

In limited cases, we may rely on your consent, for example for optional communications or where required by law. If we use consent, you can withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests

In rare situations, we may process data to protect someone’s life or physical safety, for example in an emergency.

5. Sharing Your Personal Data

We may share your personal data with selected third parties, but only where necessary and subject to appropriate confidentiality and data protection safeguards. These may include:

  • Payment service providers who help us process card or bank payments.
  • IT and hosting providers that support our systems, records, and security tools.
  • Security providers such as CCTV, alarm, or access control service partners.
  • Professional advisers including accountants, insurers, auditors, and legal advisers.
  • Regulators, law enforcement, and public authorities where disclosure is required by law or is necessary to protect rights, safety, or property.
  • Debt recovery or dispute resolution providers where required to manage unpaid balances or legal matters.

We do not sell your personal data. If personal data is transferred outside the UK, we will ensure that suitable safeguards are in place, such as an adequacy decision or approved contractual protections.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting obligations. Retention periods may vary depending on the type of information and the reason for processing.

  • Customer and contract records are generally kept for the duration of the service relationship and for a reasonable period afterwards.
  • Payment and invoicing records are retained for the period required by tax and accounting law.
  • Security records such as access logs and CCTV footage are kept for a limited period unless needed longer for investigation, insurance, or legal reasons.
  • Complaint and incident records are retained as long as necessary to resolve disputes and meet legal obligations.

When data is no longer needed, it is securely deleted, anonymised, or destroyed.

7. Processors and Service Providers

We may appoint third-party service providers to process personal data on our behalf. These parties act as processors and are only permitted to use the data in accordance with our instructions and applicable law. We require processors to implement appropriate technical and organisational measures to protect personal data.

Examples of processor services may include:

  • Secure data storage and cloud services.
  • Payment processing and transaction management.
  • Customer account management systems.
  • Security monitoring and access control support.
  • Administrative, communications, or document management services.

We review our processors to ensure they provide suitable privacy, confidentiality, and security protections.

8. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to certain conditions or exemptions. They include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive some data in a structured, commonly used format where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve them promptly.

9. Data Security

We take the security of personal data seriously and use appropriate measures to protect it against unauthorised access, disclosure, alteration, loss, or destruction. These measures may include access restrictions, secure storage, staff training, and monitoring of systems and facilities. While no system can be guaranteed completely secure, we work to reduce risk and respond appropriately to incidents.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, our services, or our data handling practices. Any updates will be effective when published or otherwise communicated to customers where necessary. We encourage you to review this policy periodically so you remain informed about how we use personal data.

Last updated: This policy is intended to provide a clear and fair explanation of how Northwoolwich Storage handles personal data for customers in the area.

Call Now!
Call Now Get a Quote
Northwoolwich Storage

GDPR-compliant Privacy Policy for Northwoolwich Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.