Privacy Policy - Willesden Storage

Effective date: This Privacy Policy applies to all Willesden Storage customers in the area and explains how we collect, use, store, share, and protect personal data in accordance with the UK GDPR and the Data Protection Act 2018.

1. Introduction

Willesden Storage is committed to protecting the privacy of customers, prospective customers, visitors, and any other individuals whose personal data we process. This Privacy Policy explains what information we collect, why we collect it, the lawful basis we rely on, how long we keep it, who we share it with, and what rights you have over your personal data.

We aim to process personal data fairly, lawfully, and transparently. We also take appropriate technical and organisational measures to keep personal data secure and to prevent unauthorised access, loss, misuse, or disclosure.

2. Data We Collect

We collect only the information that is necessary for providing storage services, managing accounts, meeting legal obligations, and operating our business. Depending on your relationship with us, we may collect the following categories of personal data:

  • Identity information: name, title, date of birth, and identification details where required for verification.
  • Contact information: address, email address, telephone number, and billing details.
  • Account information: storage unit number, booking details, service preferences, payment status, and communication records.
  • Financial information: payment card details or bank details, where relevant for processing payments through secure payment providers.
  • Verification information: copies or records of identity documents when needed to confirm identity or prevent fraud.
  • Usage information: access logs, entry and exit records, dates and times of visits, and interactions with our services.
  • Technical information: limited device, browser, or security information if you access any digital systems we use for account management.
  • Communications: enquiries, complaints, feedback, and any correspondence relating to your storage services.

We may also receive personal data from third parties, such as payment processors, identity verification providers, credit reference or fraud prevention services, or authorised representatives acting on your behalf.

3. How We Use Your Data

We use personal data for the following purposes:

  • to provide self-storage services and manage your storage account;
  • to process bookings, payments, deposits, invoices, and account administration;
  • to verify identity and prevent fraud, misuse, or unauthorised access;
  • to communicate with you about your account, service updates, and operational matters;
  • to maintain security, including access control and incident investigation;
  • to comply with legal, regulatory, tax, accounting, and insurance obligations;
  • to handle disputes, recover outstanding amounts, and enforce contractual rights;
  • to improve our services, systems, processes, and customer experience;
  • to defend or establish legal claims where necessary.

We do not sell your personal data.

4. Lawful Basis for Processing

We only process personal data when we have a lawful basis under data protection law. The main lawful bases we rely on are set out below.

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes creating your account, providing storage space, managing access, processing payments, and responding to service-related requests.

Legal Obligation

We may process personal data to comply with legal obligations, including tax requirements, accounting rules, fraud prevention obligations, and lawful requests from public authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This may include maintaining site security, preventing fraud, managing business operations, improving services, and recovering debts. When relying on legitimate interests, we assess the impact on your privacy and apply safeguards where appropriate.

Consent

In limited cases, we may rely on your consent, for example where it is required for certain optional communications or uses of data. If we rely on consent, you can withdraw it at any time. Withdrawal will not affect processing carried out before consent was withdrawn.

5. Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, only where necessary and subject to appropriate data protection safeguards.

Our processors may include:

  • Payment processors: to process card or bank payments securely.
  • IT and cloud service providers: to host systems, store data, and support secure communications.
  • Security and access control providers: to manage site security, CCTV systems, alarms, or entry systems where used.
  • Identity verification and fraud prevention providers: to help confirm identity and reduce risk.
  • Accounting, audit, and business service providers: to support financial administration and legal compliance.
  • Debt recovery or legal service providers: where required to enforce agreements or resolve disputes.

We may also disclose personal data to law enforcement, regulators, insurers, courts, or other authorities where required or permitted by law.

Where a third party processes data on our behalf, they are required to act under a written agreement and only process data according to our instructions, with appropriate security measures in place. If a third party acts as an independent controller, they are responsible for informing you about their own processing.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including to satisfy legal, accounting, insurance, and reporting requirements.

  • Active customer records: kept for the duration of the storage agreement and any related administration.
  • Financial and tax records: typically retained for the period required by law or accounting rules.
  • Security and access records: retained for as long as needed for safety, incident management, or investigation purposes.
  • Complaints and dispute records: retained for the time needed to resolve the matter and protect our legal position.

When personal data is no longer needed, we will securely delete it, anonymise it, or otherwise ensure it is disposed of safely.

7. Data Security

We use appropriate safeguards to protect personal data against accidental loss, destruction, unauthorised access, alteration, or disclosure. These measures may include access controls, password protections, staff training, secure storage, and supplier due diligence. However, no system can be guaranteed to be completely secure, and we encourage you to keep your own account details safe.

8. Your Rights

Under data protection law, you have certain rights regarding your personal data. These rights may be subject to conditions and exemptions, depending on the circumstances.

  • Right of access: you can request a copy of the personal data we hold about you.
  • Right to rectification: you can ask us to correct inaccurate or incomplete data.
  • Right to erasure: in some cases, you can ask us to delete your personal data.
  • Right to restrict processing: you can ask us to limit how we use your data in certain situations.
  • Right to object: you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability: you can request certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to raise concerns about how we handle your data. If you believe your data protection rights have been violated, you may contact the relevant data protection authority. We encourage you to contact us first so we can try to resolve any concerns directly.

9. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary in exceptional circumstances and permitted by law. If we become aware that we have collected a child’s personal data without an appropriate lawful basis, we will take steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data processing practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

11. Scope of This Policy

This Privacy Policy applies to all Willesden Storage customers in the area, including individuals and businesses using our storage services, related administration, and associated support activities. By using our services, you acknowledge that your personal data will be processed in accordance with this policy and applicable data protection laws.

Summary of our approach: we collect only necessary personal data, process it on a lawful basis, share it only with trusted processors or where required by law, retain it for limited periods, and respect your rights under data protection legislation.

Call Now!
Call Now Get a Quote
Willesden Storage

GDPR-compliant privacy policy for Willesden Storage covering data collection, lawful basis, retention, processors, user rights, and scope for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.