Privacy Policy - Woodlands Storage

Woodlands Storage is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our storage services, make an enquiry, enter into a storage agreement, or interact with us in any other way. This policy applies to all Woodlands Storage customers in area, including prospective customers, current customers, former customers, and anyone acting on behalf of a customer.

1. Personal Data We Collect

We collect only the personal data that is necessary for providing our services, managing our business, and meeting our legal obligations. Depending on your relationship with us, we may collect the following categories of information:

  • Identity data: name, date of birth, and identification details where required for verification.
  • Contact data: postal address, email address, and telephone number.
  • Account and contract data: storage unit number, booking details, contract dates, payment status, and account history.
  • Financial data: billing information, payment method details, and transaction records. We do not intentionally store full card information where a payment provider processes it on our behalf.
  • Security and access data: records of entry, access logs, CCTV footage, and incident reports where applicable.
  • Communications data: messages, complaint details, service requests, and any correspondence you send to us.
  • Technical data: limited device and usage data if you interact with our systems online or through digital services.

We may also receive personal data from third parties such as payment providers, credit reference agencies, legal advisers, insurers, or public authorities where permitted by law. We will only collect such information when it is relevant to our services or required for compliance, fraud prevention, or security.

2. How We Use Your Personal Data

We use personal data for specific and legitimate purposes, including:

  • setting up and managing storage agreements;
  • processing payments and managing accounts;
  • verifying identity and preventing fraud;
  • providing customer support and responding to enquiries;
  • monitoring site security and protecting property;
  • maintaining business records and legal compliance;
  • handling disputes, complaints, and claims;
  • improving our services and internal operations.

We will not use personal data for purposes that are incompatible with the reasons for which it was collected, unless we have a lawful basis to do so and it is otherwise permitted by applicable law.

3. Lawful Basis for Processing

Under the GDPR, we must have a lawful basis to process personal data. Woodlands Storage relies on the following lawful bases, depending on the context:

Contract

We process your data where it is necessary to enter into or perform our storage contract with you. This includes managing bookings, providing access to your unit, billing, and service administration.

Legal obligation

We process certain data to comply with laws and regulations, including accounting, tax, fraud prevention, security obligations, and responses to lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided your rights and interests do not override those interests. This may include securing our premises, preventing misuse, maintaining records, improving services, and defending legal claims.

Consent

Where we rely on your consent, we will ask for it clearly and separately. You may withdraw consent at any time, although this will not affect the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, where necessary for the purposes described in this policy. We require all processors to handle personal data securely, lawfully, and only according to our instructions where they are acting as processors.

Typical categories of processors and recipients may include:

  • Payment processors: to process card or electronic payments securely.
  • IT and hosting providers: to store and support our systems and data.
  • Security providers: including alarm monitoring, access control, and CCTV support services.
  • Accounting and bookkeeping providers: to manage financial records and reporting.
  • Professional advisers: such as legal advisers, insurers, auditors, and consultants.
  • Debt recovery or dispute resolution providers: where necessary to manage unpaid accounts or legal claims.
  • Public authorities: where disclosure is required by law or lawful request.

We do not sell personal data. If we transfer personal data outside the United Kingdom or European Economic Area, we will ensure appropriate safeguards are in place to protect it, such as an adequacy decision, standard contractual clauses, or equivalent protections permitted by law.

5. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including for legal, accounting, tax, and security reasons. The exact retention period depends on the type of data and the reason it is held.

  • Contract and account records: retained for the duration of the storage agreement and for a reasonable period afterwards.
  • Financial and tax records: retained for the period required by law.
  • Security logs and CCTV: retained for a limited period unless needed for an investigation, claim, or legal requirement.
  • Communications and support records: kept as long as needed to deal with the enquiry, complaint, or dispute.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, secure storage, staff training, restricted permissions, and regular review of our systems and procedures. While no system can be guaranteed completely secure, we take data protection seriously and work to reduce risk as far as reasonably possible.

7. Your Rights Under GDPR

You have a number of rights in relation to your personal data. Subject to legal limits and exemptions, these rights include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete data.
  • Right to erasure: you may ask us to delete your data in certain circumstances.
  • Right to restriction: you may ask us to limit the way we use your data in certain cases.
  • Right to data portability: you may ask for certain data in a structured, commonly used format.
  • Right to object: you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

If you wish to exercise any of these rights, we may need to verify your identity before responding. We will respond within the timeframes required by applicable law, usually within one month, unless the request is particularly complex or numerous.

8. Complaints and Supervisory Authority

If you are unhappy with how we handle your personal data, you should raise the issue with us first so we can try to resolve it. You also have the right to lodge a complaint with the relevant data protection authority if you believe your data protection rights have been breached. We encourage you to contact us before doing so, as many concerns can be resolved quickly and informally.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or operational practices. Any updated version will apply from the date it is published or otherwise made available. We encourage you to review this policy periodically so you remain informed about how we protect your personal data.

10. General Statement

This Privacy Policy is intended to ensure that personal data is handled fairly, transparently, and lawfully. We are committed to using only the data necessary to provide secure and reliable storage services. By using Woodlands Storage, you acknowledge that your personal data may be processed in accordance with this policy and applicable data protection law.

Woodlands Storage values trust, privacy, and accountability. We aim to keep your information accurate, secure, and used only for legitimate business and legal purposes.

Call Now!
Call Now Get a Quote
Woodlands Storage

GDPR-compliant privacy policy for Woodlands Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.