Privacy Policy - Woodfordgreen Storage

This Privacy Policy explains how Woodfordgreen Storage collects, uses, stores, shares, and protects personal data. It applies to all Woodfordgreen Storage customers in the area, including prospective customers, current customers, former customers, and individuals who communicate with us in connection with our storage services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

1. Who We Are

Woodfordgreen Storage provides storage-related services to individuals and businesses. In providing these services, we act as a data controller for the personal data we collect and use for our own purposes. This means we determine how and why personal data is processed.

We recognise the importance of privacy and aim to process personal data fairly, lawfully, and transparently.

2. Personal Data We Collect

We collect only the personal data that is necessary for the operation and administration of our services. The categories of data we may collect include:

  • Identity data: name, title, date of birth, and, where applicable, business name or company details.
  • Contact data: address, email address, telephone number, and other communication details.
  • Account and contract data: storage agreement details, service preferences, billing records, and transaction history.
  • Verification data: identification documents or proof of address where needed for identity checks, fraud prevention, or legal compliance.
  • Payment data: payment status, payment method references, and invoice information. We do not necessarily store full card details if payment is processed securely by a third party.
  • Usage data: information related to access, service use, correspondence, and operational records.
  • Technical data: limited device or system information when you interact with our digital systems, where applicable.

We may also collect personal data from third parties where lawful and appropriate, for example from payment providers, identity verification services, or individuals authorised to act on a customer’s behalf.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide and manage storage services;
  • to enter into and administer customer contracts;
  • to verify identity and prevent fraud;
  • to process payments and issue invoices or receipts;
  • to communicate about service matters, account updates, and operational issues;
  • to maintain records and manage customer support requests;
  • to comply with legal and regulatory obligations;
  • to protect our premises, systems, staff, customers, and property;
  • to establish, exercise, or defend legal claims;
  • to improve our services and internal processes.

We do not use personal data for purposes that are incompatible with the reasons for which it was collected unless we have a lawful basis to do so.

4. Lawful Basis for Processing

Under GDPR, we must have a lawful basis for each processing activity. Depending on the context, Woodfordgreen Storage may rely on one or more of the following lawful bases:

  • Contract: processing is necessary to enter into or perform our storage agreement with you, including account management, service delivery, and billing.
  • Legal obligation: processing is necessary to comply with laws, regulations, tax requirements, accounting obligations, or lawful requests from public authorities.
  • Legitimate interests: processing is necessary for our legitimate business interests, such as fraud prevention, protecting our property, improving services, managing risk, and maintaining secure operations, provided those interests are not overridden by your rights and freedoms.
  • Consent: where required, we may rely on your consent, for example for certain optional communications or specific processing activities. You may withdraw consent at any time where consent is the lawful basis.
  • Vital interests: in rare cases, processing may be necessary to protect someone’s life or wellbeing.

Where we rely on legitimate interests, we assess the impact on your privacy and only process data where necessary and proportionate.

5. Sharing Personal Data and Processors

We may share personal data with third parties where this is necessary for service delivery, legal compliance, security, or business administration. These third parties may act as processors or, in some circumstances, as independent controllers.

Our processors may include:

  • IT and hosting providers: for secure storage, system support, and data processing infrastructure;
  • payment processors: for handling payments and related financial transactions;
  • identity verification or fraud prevention providers: where checks are required for security or compliance;
  • accounting and administrative service providers: for invoicing, bookkeeping, and records management;
  • security and CCTV service providers: where such systems are used to protect the site and its users;
  • professional advisers: including legal, insurance, or audit advisers where necessary;
  • authorities and regulators: where disclosure is required by law or a lawful request.

All processors are required to handle personal data securely, only on our instructions, and in accordance with data protection law. We do not sell personal data.

6. International Transfers

If any processor or service provider is located outside the United Kingdom, we will take appropriate steps to ensure that your personal data is protected to a standard equivalent to that required under UK GDPR. This may include using adequacy regulations, standard contractual clauses, or other lawful safeguards.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, tax, and operational requirements. Retention periods vary according to the type of data and the reason for processing.

In general:

  • customer contract and account records are kept for the duration of the service relationship and for a reasonable period afterwards;
  • financial and tax records are retained for the period required by applicable law;
  • identity verification records are retained only as long as needed for compliance and fraud prevention;
  • correspondence and support records are retained for as long as necessary to resolve issues and maintain accurate records;
  • security records, including access logs or CCTV-related records where applicable, are retained in line with our security and legal obligations.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

8. Your Rights Under GDPR

You have a number of rights in relation to your personal data. Subject to legal limits and exemptions, these may include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may request deletion of your data in certain circumstances.
  • Right to restriction: you may ask us to limit processing in certain situations.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to data portability: you may request transfer of certain data to you or another organisation, where technically feasible and legally applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise any concerns with us first so we can try to resolve them promptly.

9. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, alteration, or disclosure. These measures may include access controls, secure storage, staff confidentiality obligations, and regular review of our procedures.

While no system can be guaranteed to be completely secure, we take privacy and security seriously and work to reduce risk wherever reasonably possible.

10. Children’s Data

Our services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is necessary and lawful in exceptional circumstances, such as where a parent or guardian provides information on a child’s behalf in relation to a lawful arrangement.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, operational practices, or service arrangements. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to stay informed about how personal data is handled.

12. Summary of Our Commitment

Woodfordgreen Storage processes personal data only when necessary, lawfully, and fairly. We collect information to provide storage services, maintain security, manage accounts, and meet legal obligations. We retain data only for as long as needed, use trusted processors under proper safeguards, and respect your rights under GDPR. This policy applies to all Woodfordgreen Storage customers in area and is intended to provide clear, transparent information about how we handle personal data.

Call Now!
Call Now Get a Quote
Woodfordgreen Storage

GDPR-compliant privacy policy for Woodfordgreen Storage covering data collection, lawful bases, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.