Privacy Policy - Woodside Storage

This Privacy Policy explains how Woodside Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, visitors, and other individuals whose information we process in connection with our storage services. This policy applies to all Woodside Storage customers in the area and to anyone engaging with us in relation to a storage unit, enquiry, booking, account, payment, or related service.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection law, including the UK GDPR and the Data Protection Act 2018, where relevant. We only process personal data where we have a valid legal basis and only for purposes that are necessary, proportionate, and secure.

1. What Personal Data We Collect

We may collect and process different categories of personal data depending on how you interact with us. The information we collect may include:

  • Identity data: name, title, date of birth, and similar identifying details.
  • Contact data: address, email address, and telephone number.
  • Account and booking data: storage unit details, booking dates, account references, preferences, and correspondence.
  • Payment data: payment card details, billing records, transaction history, and invoice information.
  • Access and security data: key card usage, access logs, CCTV footage, entry records, and incident reports where applicable.
  • Communication data: records of emails, phone calls, written correspondence, complaints, feedback, and service requests.
  • Technical data: limited device or usage information if you interact with our digital systems, such as IP address or browser details.
  • Verification data: proof of identity, address verification, or other information required for fraud prevention, legal compliance, or contract management.

We generally collect personal data directly from you when you make an enquiry, reserve a unit, sign a contract, make a payment, submit a complaint, or otherwise use our services. In some cases, we may receive data from third parties such as payment providers, insurance partners, fraud prevention services, or legal and regulatory bodies.

2. How We Use Your Data

We use personal data to operate our business and provide storage services. The main purposes for processing include:

  • to register you as a customer and manage your account;
  • to provide access to storage facilities and related services;
  • to process payments, refunds, and billing;
  • to communicate with you about your account, bookings, and service updates;
  • to maintain security, prevent fraud, and protect our premises, staff, and customers;
  • to comply with legal and regulatory obligations;
  • to deal with disputes, complaints, and enforcement of our terms;
  • to improve our services, operations, and customer experience;
  • to keep appropriate business and financial records;
  • to pursue or defend legal claims.

We will not use your data for purposes that are incompatible with those described in this policy unless we notify you or are otherwise permitted by law.

3. Lawful Basis for Processing

We only process personal data where there is a lawful basis under data protection law. Depending on the context, our lawful bases may include:

Contract

We process your personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing bookings, providing access to a unit, collecting payment, and handling contract-related communication.

Legal Obligation

We may process personal data where required to comply with a legal obligation. This may include record-keeping, accounting, tax compliance, fraud prevention, health and safety requirements, and responding to lawful requests from authorities.

Legitimate Interests

We may rely on legitimate interests where it is appropriate and where your interests and fundamental rights do not override those interests. Examples include maintaining security, preventing misuse of services, managing incidents, improving our operations, and defending legal claims. We consider the impact on individuals before relying on this basis.

Consent

In limited situations, we may rely on your consent, for example for certain marketing communications where consent is required. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

4. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, depending on their role. These may include:

  • Payment processors that handle card or electronic payments;
  • IT and cloud service providers that support data storage, software, email, and system administration;
  • Security providers that support CCTV, alarm monitoring, or access control systems;
  • Accountants, auditors, and professional advisers where required for financial, legal, or compliance purposes;
  • Insurance providers where claims or cover arrangements need to be assessed;
  • Debt recovery or legal service providers where necessary to enforce agreements or resolve disputes;
  • Regulators, law enforcement, or public authorities where disclosure is required by law.

When we use processors, they are only permitted to process personal data on our instructions and must implement appropriate security and confidentiality measures. We take reasonable steps to ensure that any third party handling personal data does so in compliance with applicable data protection requirements.

We do not sell personal data. If data is transferred outside the UK or European Economic Area, we will ensure suitable safeguards are in place, such as approved contractual protections or adequacy arrangements, where required by law.

5. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, reporting, and dispute resolution requirements. Retention periods depend on the type of data and why it was collected.

For example:

  • contract and account records are usually kept for the duration of the relationship and for a further period afterwards;
  • payment and tax records may be retained for the period required by law;
  • security and access records are retained for a limited period unless needed for incident investigation or legal purposes;
  • complaints, claims, and correspondence may be retained for as long as necessary to address the issue and defend legal rights.

When personal data is no longer needed, we will securely delete, anonymise, or archive it in line with our retention procedures. We review retention periods periodically to ensure they remain appropriate.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, disclosure, or destruction. These measures may include access controls, secure systems, staff confidentiality obligations, and regular review of our safeguards. While no system can be guaranteed to be completely secure, we work to reduce risks and respond promptly to incidents.

7. Your Rights

Subject to certain conditions and exemptions under data protection law, you may have the following rights in relation to your personal data:

  • Right of access to obtain a copy of the personal data we hold about you;
  • Right to rectification of inaccurate or incomplete data;
  • Right to erasure in certain circumstances, sometimes called the right to be forgotten;
  • Right to restriction of processing in certain situations;
  • Right to object to processing based on legitimate interests, and to direct marketing where applicable;
  • Right to data portability where processing is based on consent or contract and carried out by automated means;
  • Right to withdraw consent where processing is based on consent;
  • Right to complain to the relevant supervisory authority if you believe your data rights have been infringed.

We may need to verify your identity before responding to a rights request. If a request is manifestly unfounded, excessive, or otherwise not required by law, we may refuse it or charge a reasonable fee where permitted. We aim to respond within the legal time limits.

8. Children’s Data

Our storage services are intended for adult customers and business users. We do not knowingly collect personal data from children in the ordinary course of providing our services. If we become aware that we have collected such data without a lawful basis, we will take appropriate steps to delete or protect it.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service-related changes. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

10. Summary of Our Approach

Woodside Storage treats personal data with care and only collects what is needed to provide secure and reliable storage services. We use data on lawful bases such as contract, legal obligation, legitimate interests, and consent where appropriate. We retain data for no longer than necessary, use trusted processors under contractual controls, and respect the rights of individuals under applicable data protection law.

By using Woodside Storage services, you acknowledge that your personal data may be processed as described in this Privacy Policy, subject always to your legal rights and our obligations under applicable law.

Call Now!
Call Now Get a Quote
Woodside Storage

GDPR-compliant Privacy Policy for Woodside Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.