Privacy Policy - Wanstead Storage

This Privacy Policy explains how Wanstead Storage collects, uses, stores, shares, and protects personal data. It applies to all Wanstead Storage customers in the area, including prospective customers, current customers, former customers, and anyone who interacts with us in connection with storage services, bookings, payments, enquiries, or site access.

We are committed to handling personal data in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy describes the categories of data we collect, the legal bases we rely on, how long we keep data, the third parties that may process data on our behalf, and the rights available to individuals.

1. Information We Collect

We collect only the personal data needed to operate our storage services, manage our customer relationships, and meet our legal and business obligations. The information we may collect includes:

  • Identity details such as your name, title, and date of birth where needed for verification.
  • Contact details such as billing address, correspondence address, email address, and telephone number.
  • Account and booking information such as storage unit details, rental dates, access records, and customer references.
  • Payment information such as payment status, transaction records, invoices, and partial card details processed by secure payment providers.
  • Security and access information such as CCTV footage, entry logs, gate access records, and incident reports where applicable.
  • Communications such as emails, letters, call notes, complaint records, and service-related messages.
  • Technical data when you use digital systems linked to our services, including device identifiers, IP address, and system logs.

We normally collect personal data directly from you when you enquire about a unit, sign a storage agreement, make a payment, visit the site, or contact us about your account. In some cases, we may also receive information from third parties, such as payment processors, insurers, identity verification providers, debt recovery agencies, or law enforcement authorities where lawful and appropriate.

2. How We Use Personal Data

We use personal data for the following purposes:

  • To provide storage services and manage your account.
  • To process bookings, renewals, cancellations, payments, and refunds.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To communicate with you about your storage unit, invoices, service notices, and support requests.
  • To maintain security, monitor site access, and protect people and property.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.
  • To handle complaints, resolve disputes, and enforce contractual terms where necessary.
  • To improve our services, administration, and internal operations.

We only use your personal data where we have a valid legal ground to do so. We do not sell personal data. We do not use personal data for unrelated purposes unless we are allowed to do so by law and have informed you where required.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. Depending on the circumstances, Wanstead Storage may rely on one or more of the following bases:

Performance of a Contract

We process personal data where it is necessary to enter into or perform our storage agreement with you. This includes setting up your account, managing access to your unit, processing payments, and providing customer support connected to the contract.

Legal Obligation

We may process and retain certain records because the law requires it. This includes accounting records, tax documents, and information needed to comply with lawful requests from authorities or to meet safety and security obligations.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, CCTV monitoring, fraud prevention, safeguarding property, maintaining internal records, and improving our services. When we rely on legitimate interests, we assess the impact on privacy and apply appropriate safeguards.

Consent

In limited cases, we may rely on your consent, for example where it is required for certain optional communications or specific uses of data not covered by another lawful basis. Where consent is used, you may withdraw it at any time, and we will stop the relevant processing unless another lawful basis applies.

4. Retention of Personal Data

We keep personal data only for as long as necessary for the purpose it was collected, including to meet legal, accounting, security, and operational requirements. Retention periods vary depending on the type of information and the reason for processing.

In general:

  • Customer account and contract records are retained for the duration of the storage relationship and for a reasonable period afterwards to deal with enquiries, disputes, or legal claims.
  • Payment and invoicing records are retained for the period required by tax and accounting law.
  • Security records such as CCTV footage and access logs are retained for a limited period unless an incident requires longer retention for investigation or legal action.
  • Communication records are retained as long as needed to manage the matter and maintain accurate business records.

When data is no longer needed, we will securely delete, anonymise, or destroy it. We review retention periods regularly to make sure data is not kept longer than necessary.

5. Processors and Data Sharing

We may share personal data with trusted third parties who act as data processors or independent controllers, but only where necessary and subject to appropriate data protection safeguards. These may include:

  • Payment service providers who process transactions securely.
  • IT and cloud service providers who host systems, store records, or support communications.
  • Security providers who assist with access control, alarms, and CCTV systems.
  • Professional advisers such as accountants, auditors, legal advisers, and insurers.
  • Debt recovery or credit reference partners where lawful and necessary to manage unpaid accounts.
  • Public authorities, regulators, or law enforcement where we are required or permitted to disclose information by law.

Where a third party acts as a processor, it may only process personal data on our instructions and must implement appropriate technical and organisational security measures. We do not permit processors to use your data for their own independent purposes unless they are acting as separate controllers and have their own lawful basis.

6. International Transfers

If any service provider processes personal data outside the UK, we will take steps to ensure an adequate level of protection. This may include using approved contractual safeguards or relying on adequacy regulations where available. We will only transfer data where lawful and necessary for the relevant service.

7. Security of Personal Data

We use appropriate measures to protect personal data against accidental loss, unlawful access, misuse, alteration, or disclosure. These measures may include access controls, secure storage, encryption, staff confidentiality obligations, and system monitoring. While no system can be guaranteed to be completely secure, we work to reduce risks and respond promptly to incidents.

8. Your Rights

Individuals have rights in relation to their personal data. Subject to legal conditions and exemptions, you may have the right to:

  • Access your personal data and receive a copy of the information we hold about you.
  • Rectification of inaccurate or incomplete personal data.
  • Erasure of your personal data in certain circumstances.
  • Restriction of processing in certain situations.
  • Object to processing based on legitimate interests or direct marketing, where applicable.
  • Data portability for information you provided to us and that we process by automated means under certain lawful bases.
  • Withdraw consent where processing is based on consent.

You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) if you believe your data protection rights have been infringed. We encourage you to contact us first so we can try to resolve any concerns quickly and fairly.

9. Children’s Data

Our services are intended for adults and business users. We do not knowingly collect personal data from children except where it is necessary in exceptional circumstances and lawful to do so. If we learn that we have collected data from a child without a valid basis, we will take appropriate steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or the way we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how their information is handled.

11. Summary of Our Commitment

Wanstead Storage is committed to protecting personal data and respecting privacy rights. We collect only what we need, use it for clear and lawful purposes, keep it for no longer than necessary, and share it only with trusted parties under proper safeguards. By applying this policy to all Wanstead Storage customers in the area, we aim to provide a consistent and transparent approach to data protection.

This policy is intended to inform customers about our privacy practices in plain language and to demonstrate our compliance with applicable data protection law.

Call Now!
Call Now Get a Quote
Wanstead Storage

GDPR-compliant Privacy Policy for Wanstead Storage covering collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.