Privacy Policy - Wandsworth Storage

This Privacy Policy explains how Wandsworth Storage collects, uses, stores, shares, and protects personal data relating to its customers and prospective customers. It applies to all Wandsworth Storage customers in the area, including individuals and businesses using storage services, making enquiries, or otherwise interacting with Wandsworth Storage. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Wandsworth Storage provides storage services to customers in the local area. For the purposes of data protection law, Wandsworth Storage acts as the data controller for the personal data described in this policy. This means we decide why and how personal data is processed for our business operations and customer services.

2. Personal Data We Collect

We may collect and process different categories of personal data depending on your relationship with us and the services you use. The information we collect may include:

  • Identity data such as name, date of birth, and identification details where needed for security or legal compliance.
  • Contact data such as billing address, correspondence address, email address, and telephone number.
  • Account and service data such as storage unit details, booking records, access records, service preferences, and communication history.
  • Payment data such as payment status, transaction references, and limited billing information.
  • Security and access data such as CCTV footage, entry logs, gate access records, and incident reports where relevant.
  • Technical data such as device and browser information if you interact with our digital systems.
  • Correspondence data such as enquiries, complaints, feedback, and other communications.

We generally do not collect special category data unless it is necessary and you have provided it, or unless another lawful reason applies. We ask that you avoid sharing unnecessary sensitive information.

3. How We Collect Personal Data

We may collect personal data directly from you when you complete forms, make bookings, communicate with us, or use our services. We may also collect data automatically through access systems, security systems, and service-related technology. In some cases, we may receive data from third parties such as payment service providers, identity verification providers, insurers, legal advisers, or public authorities where required or permitted by law.

4. Lawful Basis for Processing

We only process personal data when we have a lawful basis to do so. Depending on the activity, our lawful bases may include:

  • Contract - to provide storage services, manage bookings, take payments, and perform our obligations to you.
  • Legal obligation - to comply with tax, accounting, fraud prevention, safety, and regulatory requirements.
  • Legitimate interests - to operate and secure our business, prevent fraud, maintain records, improve services, and manage disputes, provided our interests do not override your rights.
  • Consent - where we rely on your permission for certain optional activities, and you may withdraw consent at any time.

Where we process special category data, we will only do so if an appropriate legal condition under data protection law applies. We do not rely on consent where another lawful basis is more suitable and reliable for the processing involved.

5. How We Use Personal Data

We use personal data for the following purposes:

  • To register and manage customer accounts and storage agreements.
  • To provide access to storage facilities and related services.
  • To process payments, refunds, and billing communications.
  • To verify identity, prevent fraud, and protect the security of our premises and customers.
  • To monitor, investigate, and resolve incidents, complaints, and disputes.
  • To meet legal and regulatory obligations.
  • To improve operational efficiency and service quality.

We will not use your personal data for purposes that are incompatible with the reasons for which it was collected unless we have a lawful basis to do so.

6. Sharing and Processors

We may share personal data with trusted third parties where necessary for service delivery, legal compliance, or business operations. These third parties act as processors when they process data on our behalf and under our instructions. Examples may include:

  • Payment processors that handle card and banking transactions.
  • IT and cloud service providers that host data, manage systems, or support communication tools.
  • Security service providers that operate alarms, CCTV, access control, or monitoring systems.
  • Professional advisers such as accountants, auditors, lawyers, and insurers.
  • Government bodies, regulators, law enforcement, or courts where disclosure is required by law.

We require processors to keep personal data secure, process it only in line with our instructions, and comply with data protection law. Where another organisation acts as an independent controller, it will be responsible for its own privacy practices.

7. International Transfers

Where personal data is transferred outside the UK, we will ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other legally recognised transfer mechanisms. We take reasonable steps to protect your personal data wherever it is processed.

8. Data Retention

We retain personal data only for as long as necessary for the purposes for which it was collected, including any legal, accounting, or reporting obligations. Retention periods vary depending on the type of data and the reason for holding it. In general:

  • Customer and contract records are retained for the duration of the relationship and for a reasonable period afterwards.
  • Payment and accounting records are kept for the period required by tax and financial law.
  • Security logs and CCTV footage are kept only for a limited period unless needed for an investigation or legal claim.
  • Enquiry records may be kept for a shorter period if no contract is entered into.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. Retention is based on necessity, legality, and proportionality.

9. Data Security

We use appropriate technical and organisational measures to safeguard personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access restrictions, secure storage, staff training, encryption where appropriate, and regular review of our security controls. While no system can be guaranteed to be completely secure, we work to maintain a level of protection appropriate to the risks involved.

10. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to request correction of inaccurate or incomplete data.
  • Right to erasure - to request deletion of your data in certain circumstances.
  • Right to restrict processing - to ask us to limit how we use your data in certain situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent - where processing is based on consent, without affecting the lawfulness of prior processing.

You also have the right to raise concerns with the relevant data protection authority if you believe your rights have been infringed. We encourage you to contact us first so that we can try to resolve any issue promptly and fairly.

11. Automated Decision-Making

We do not ordinarily use automated decision-making that produces legal or similarly significant effects. If this changes, we will inform you and explain the logic involved, the significance of the processing, and your rights in relation to it.

12. Marketing Preferences

Where we send marketing communications, we will do so only in line with applicable law. You may have the right to object to direct marketing at any time. If you withdraw consent or object to marketing, we will stop using your data for that purpose.

13. Children

Our services are primarily intended for adults and businesses. We do not knowingly collect personal data from children unless it is necessary for a lawful service arrangement and appropriate safeguards are in place. If we learn that personal data has been collected improperly from a child, we will take appropriate steps to delete or secure it.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data processing practices. The revised version will apply from the date it takes effect. We encourage customers to review this policy periodically so they remain informed about how personal data is handled.

15. Summary of Key Commitments

Our approach to privacy

Wandsworth Storage is committed to processing personal data responsibly, securely, and transparently. We collect only what we need, use it for clear purposes, keep it only as long as necessary, and share it only with trusted recipients or where required by law. We respect the rights of all customers in the area and aim to handle every privacy request carefully and in accordance with GDPR principles.

This policy applies to all Wandsworth Storage customers in area.

Call Now!
Call Now Get a Quote
Wandsworth Storage

GDPR-compliant Privacy Policy for Wandsworth Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.