Privacy Policy - Walthamstowvillage Storage

Walthamstowvillage Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our storage services. It applies to all Walthamstowvillage Storage customers in the area, including prospective customers, current customers, former customers, and individuals who enquire about our services.

We process personal data in accordance with the UK GDPR and the Data Protection Act 2018. We aim to be transparent about what information we collect, why we collect it, and how long we keep it.

1. Information We Collect

We may collect personal data directly from you, from your use of our services, or from third parties where permitted by law. The information we collect depends on the nature of your relationship with us and the services you use.

Personal Data You Provide

  • Identity details such as your name and title.
  • Contact details such as address, email address, and telephone number.
  • Account and contract details relating to your storage agreement.
  • Payment information such as billing records and payment status. We do not store card security codes.
  • Access and security information such as identification documents where needed for verification.
  • Correspondence including emails, messages, complaints, and service requests.

Information We Collect Automatically

  • Usage records connected to your storage unit or account.
  • Security and access logs, where applicable.
  • Technical information such as device identifiers, IP address, browser type, and timestamps if you interact with digital systems.

We only collect special category data, such as health information, if it is strictly necessary and you have chosen to provide it or law requires it. In most cases, we do not seek such information.

2. How We Use Personal Data

We use personal data to manage our relationship with you and to operate our storage services safely and efficiently. The main purposes include:

  • creating and managing customer accounts;
  • providing storage services and administering contracts;
  • processing payments, refunds, and account balances;
  • verifying identity and preventing fraud;
  • maintaining security, including access control and incident investigation;
  • responding to enquiries, complaints, and service issues;
  • meeting legal, tax, accounting, and regulatory obligations;
  • improving our services, systems, and customer experience;
  • exercising or defending legal claims where necessary.

We do not use your personal data in ways that are incompatible with the purposes described in this policy unless we have your consent or another lawful basis under data protection law.

3. Lawful Basis for Processing

We must have a lawful basis to process your personal data. Depending on the situation, we rely on one or more of the following:

Contract

We process data where it is necessary to enter into or perform a contract with you. This includes setting up your account, providing access to your storage unit, and handling billing and service administration.

Legal Obligation

We process data where needed to comply with legal duties, including accounting records, tax requirements, fraud prevention obligations, and responding to lawful requests from authorities.

Legitimate Interests

We may process data where it is in our legitimate interests, provided your rights and freedoms do not override those interests. Examples include maintaining security, preventing misuse, improving our services, and defending legal claims. We always consider whether the processing is necessary and proportionate.

Consent

In limited cases, we may rely on your consent, for example where specific optional communications or processing activities require it. Where we rely on consent, you may withdraw it at any time.

Vital Interests

In rare circumstances, we may process data to protect someone’s life or physical safety.

4. Sharing and Processors

We may share personal data with trusted third parties who help us deliver services. These parties act as processors when they process data on our behalf and under our instructions, or as independent controllers where they determine their own purposes.

Typical categories of processors and recipients include:

  • Payment processors for handling secure payments and refunds.
  • IT and cloud service providers for hosting systems, storage, and data backup.
  • Security service providers supporting monitoring, access control, or incident response.
  • Administrative service providers assisting with record keeping or customer communications.
  • Professional advisers such as accountants, insurers, or legal advisers.
  • Public authorities where disclosure is required by law or necessary for legal claims.

All processors are selected carefully and must provide appropriate safeguards for personal data. We require them to process data only on our instructions, keep it confidential, and implement suitable technical and organisational measures.

We do not sell your personal data. We also do not share it for purposes unrelated to our services unless permitted by law or with your consent.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, and reporting obligations.

Retention periods vary depending on the type of data and the reason for processing. For example:

  • customer and contract records are retained for the duration of the contract and for a reasonable period after it ends;
  • financial and tax records are retained for periods required by law;
  • security logs are kept only as long as necessary for safety, incident management, and operational purposes;
  • correspondence and complaints may be retained while we resolve the matter and for a further period if needed for legal protection.

When personal data is no longer required, we will delete it or anonymise it securely. If deletion is not immediately possible, for example because of legal or technical constraints, we will restrict access and store it safely until deletion is feasible.

6. Data Security

We use appropriate security measures designed to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption, secure backups, staff confidentiality obligations, and regular review of our systems and procedures.

No system is completely secure, but we work to maintain a level of protection appropriate to the risks associated with the data we process.

7. Your Rights

Under data protection law, you have rights in relation to your personal data. These rights may be subject to legal conditions and exemptions, and they do not apply in every situation.

Your Rights Include

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – you may request deletion of your data in certain circumstances.
  • Right to restriction – you may ask us to limit the way we use your data in certain cases.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability – you may request certain data in a structured, commonly used format.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

If you exercise any of these rights, we may need to verify your identity before responding. We will respond within the time limits required by law.

You also have the right to complain to the relevant data protection authority if you believe your rights have been infringed. We encourage you to raise concerns with us first so we can address them directly.

8. International Transfers

If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place to protect it. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law.

9. Children’s Data

Our services are intended for adults. We do not knowingly collect personal data from children unless it is necessary in connection with a lawful customer arrangement and appropriate safeguards are in place.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, or business practices. The latest version will apply from the date it is published or otherwise communicated. We encourage customers to review it periodically.

11. Summary of Key Principles

  • We collect only the data needed to run our storage services lawfully and securely.
  • We rely on lawful bases such as contract, legal obligation, legitimate interests, and consent where applicable.
  • We share data only with trusted processors and other parties where necessary and lawful.
  • We retain data only for as long as required.
  • We respect your rights and provide ways to exercise them under GDPR.

This Privacy Policy is intended to ensure transparency and accountability for all Walthamstowvillage Storage customers in the area. By using our services, you acknowledge that your personal data may be processed as described above, in line with applicable data protection laws.

Call Now!
Call Now Get a Quote
Walthamstowvillage Storage

GDPR-compliant privacy policy for Walthamstowvillage Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.