Privacy Policy - Westhampstead Storage

This Privacy Policy explains how Westhampstead Storage collects, uses, stores, shares, and protects personal data in connection with our storage services. It applies to all Westhampstead Storage customers in the area, including individuals and business customers who use our storage facilities, related services, or make enquiries about our services. We are committed to handling personal information in a lawful, fair, and transparent manner in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Westhampstead Storage is a storage service provider offering secure storage solutions for local customers. For the purposes of data protection law, we act as a data controller when we determine how and why personal data is collected and used in connection with our services.

2. Personal Data We Collect

We collect only the data we need to operate our services, manage customer accounts, meet legal obligations, and improve security and service quality. The types of personal data we may collect include:

  • Identity data such as name, title, and date of birth where needed for verification.
  • Contact data such as postal address, email address, and telephone number.
  • Account and service data such as storage unit details, booking information, access records, payment status, and communication history.
  • Financial data such as billing details and payment confirmations. We do not normally store full card details if a third-party payment provider processes the payment.
  • Verification data such as copies of identification documents where required to prevent fraud, satisfy legal obligations, or confirm identity.
  • Security and access data such as CCTV footage, access logs, gate entries, and incident reports.
  • Technical data such as device or browser information if you interact with digital systems used to manage our services.

We generally collect personal data directly from you when you make an enquiry, sign an agreement, use our services, make a payment, or contact us. In some cases, we may receive information from third parties such as payment providers, referencing services, insurers, legal representatives, or public authorities where permitted by law.

3. Why We Use Your Data

We use personal data for the following purposes:

  • to provide storage services and manage your customer relationship;
  • to verify identity and protect against fraud or misuse;
  • to process bookings, payments, renewals, and cancellations;
  • to communicate service updates and respond to enquiries;
  • to maintain safety, security, and access control at our facilities;
  • to comply with legal, accounting, tax, and regulatory obligations;
  • to resolve disputes, enforce agreements, and protect our legal rights;
  • to improve our operations, systems, and customer experience.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and, where needed, we notify you appropriately.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process your personal data. Depending on the context, we rely on one or more of the following:

Contract

We process data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing your unit, processing payments, and providing customer support.

Legal Obligation

We may process data where necessary to meet legal requirements, such as tax recordkeeping, anti-fraud measures, and compliance with law enforcement or regulatory requests.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include securing our premises, preventing fraud, maintaining records, improving services, and enforcing our terms. Where we rely on legitimate interests, we ensure the processing is proportionate and relevant.

Consent

In limited cases, we may rely on your consent, for example where it is required for specific optional communications or certain uses of data not otherwise covered by another lawful basis. If we rely on consent, you may withdraw it at any time.

5. Sharing Your Data and Processors

We may share personal data with trusted third parties where necessary to operate our business, provide our services, and comply with the law. These third parties may act as data processors or independent controllers.

Processors are service providers who process personal data on our behalf and only according to our instructions. Examples may include:

  • payment processing providers;
  • IT and cloud storage providers;
  • customer relationship and booking system providers;
  • security and CCTV system providers;
  • accounting and bookkeeping service providers;
  • document storage or destruction providers;
  • maintenance and facilities management contractors.

Where a third party acts as an independent controller, it will be responsible for its own privacy practices. We only disclose data to such parties where there is a lawful basis and a genuine business need.

We may also disclose personal data to law enforcement, courts, insurers, professional advisers, or regulators where required or permitted by law. If our business is involved in a reorganisation, transfer, or sale, personal data may be disclosed as part of that transaction, subject to appropriate safeguards.

6. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, including to meet legal, accounting, tax, insurance, and dispute-resolution requirements. The exact retention period depends on the type of information and the reason for holding it.

As a general approach:

  • customer and contract records are retained for the duration of the service relationship and for a reasonable period afterwards;
  • financial and tax records are kept in line with statutory retention requirements;
  • security records, such as CCTV footage and access logs, are retained for the shortest period necessary for safety and incident management unless a longer period is required for investigation or legal proceedings;
  • enquiry records are retained only as long as needed to manage the enquiry and follow-up communications.

When data is no longer needed, we securely delete, anonymise, or destroy it.

7. Your Rights

Subject to certain legal conditions and exceptions, you have the following rights under data protection law:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format, where applicable.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

Please note that some rights may not apply in all situations. For example, we may need to retain certain information to comply with legal obligations or to defend legal claims.

If you wish to exercise any of these rights, you may submit a request using the appropriate channels provided by our service team. We may need to verify your identity before responding. We aim to respond within one month, although this may be extended where requests are complex or numerous.

8. Security of Your Data

We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, secure storage, encryption where appropriate, staff confidentiality obligations, and restricted access to sensitive records.

While we take reasonable steps to protect personal data, no system can be guaranteed to be completely secure. If a personal data breach occurs that is likely to result in a risk to your rights and freedoms, we will handle it in accordance with applicable law.

9. International Transfers

If any of our service providers process data outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect your personal data. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms where required.

10. Children’s Data

Our storage services are intended for adults. We do not knowingly collect personal data from children except where it is necessary and lawful, such as where a parent or guardian provides relevant information in connection with a contract or enquiry. If we become aware that we have collected information unlawfully from a child, we will take steps to delete it.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data protection practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how we handle personal data.

12. Summary of Our Commitment

Westhampstead Storage is committed to protecting the privacy of our customers and handling personal data responsibly. We collect only the information needed to deliver our services, we process data on a lawful basis, we retain it only for as long as necessary, and we share it only with trusted processors or when required by law. We also respect your rights and aim to be transparent about how your information is used.

This policy applies to all Westhampstead Storage customers in the area and is designed to support a secure, lawful, and respectful service relationship.

Call Now!
Call Now Get a Quote
Westhampstead Storage

GDPR-compliant privacy policy for Westhampstead Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.