Privacy Policy - Winchmorehill Storage

Winchmorehill Storage is committed to protecting the privacy and personal data of all customers, prospective customers, visitors, and other individuals whose information we process. This Privacy Policy explains how we collect, use, store, share, and protect personal data in connection with our storage services and related operations. It applies to all Winchmorehill Storage customers in the area, as well as anyone who interacts with us in relation to our services.

1. Who We Are

For the purposes of applicable data protection law, Winchmorehill Storage acts as a data controller when we determine the purposes and means of processing personal data. This means we are responsible for ensuring that personal data is handled lawfully, fairly, and transparently.

We take our obligations under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018 seriously. We only process personal data where we have a valid legal reason to do so.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, date of birth, and identification details where needed for verification.
  • Contact details such as address, email address, and telephone number.
  • Account and service information including storage unit details, booking records, tenancy or rental information, and payment status.
  • Financial information such as billing details and transaction records. We do not normally store full payment card details where these are handled by payment processors.
  • Security and access information such as entry logs, CCTV records, key or access control records, and incident reports.
  • Communications including emails, messages, complaint records, and customer support interactions.
  • Technical information where relevant, such as IP address or device data if you use any online services we provide.

We usually collect personal data directly from you when you enquire about, reserve, or use our storage services. In some cases, we may also receive information from third parties such as payment service providers, credit reference agencies, insurers, contractors, or public authorities where permitted by law.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To provide storage services and manage customer accounts.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To process payments, invoices, refunds, and related administrative tasks.
  • To communicate with you about your account, contract, or service changes.
  • To maintain site security, protect property, and support incident management.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.
  • To handle disputes, complaints, and claims.
  • To improve our services, operations, and customer experience.

We will not use your personal data for purposes that are incompatible with the reasons we collected it, unless we have a valid legal basis and have informed you where necessary.

4. Lawful Basis for Processing

We only process personal data when we have a lawful basis under data protection law. Depending on the circumstances, our lawful bases may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as setting up a storage agreement, managing your account, collecting payment, or delivering related services.

Legal Obligation

We may process data where needed to comply with laws and regulations, including record-keeping, tax, accounting, fraud prevention, and lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided these interests are not overridden by your rights and freedoms. Examples include protecting our premises, preventing fraud, monitoring operational performance, and managing customer communications.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications or specific types of processing where required by law. Where we rely on consent, you may withdraw it at any time.

5. Sharing and Processors

We may share personal data with trusted third parties where necessary to operate our business and provide services. These third parties act either as independent controllers or as processors acting on our instructions.

Typical processors may include:

  • IT and software providers who host, maintain, or secure our systems.
  • Payment processors who handle card or electronic payments securely.
  • Security providers who support CCTV, alarm, monitoring, or access control systems.
  • Professional advisers such as accountants, auditors, insurers, and legal advisers.
  • Maintenance and operational contractors who help manage the storage site and related facilities.

We require processors to protect personal data, process it only on our instructions, and maintain appropriate technical and organisational security measures. We do not sell personal data.

We may also disclose personal data where necessary to law enforcement, courts, regulators, or other public bodies when required by law or to protect our rights, customers, staff, or property.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, contractual, or security requirements. Retention periods depend on the type of information and why it is held.

As a general approach:

  • Customer account and contract records are retained for the period of the service relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security records, such as CCTV footage or access logs, are retained for a limited period unless needed for an investigation or legal matter.
  • Correspondence and complaint records are retained for as long as necessary to manage the issue and support our legal obligations.

When personal data is no longer required, it will be securely deleted, anonymised, or destroyed.

7. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access controls, staff training, secure storage, password protection, system monitoring, and supplier due diligence.

While we work hard to protect personal data, no system can be guaranteed to be completely secure. If a personal data breach occurs, we will assess it promptly and, where required, notify the relevant authority and affected individuals in accordance with the law.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. Subject to applicable conditions and exemptions, these may include:

  • Right of access - to request a copy of the personal data we hold about you.
  • Right to rectification - to ask us to correct inaccurate or incomplete data.
  • Right to erasure - to request deletion of your personal data in certain circumstances.
  • Right to restriction - to ask us to limit how we use your data in certain situations.
  • Right to object - to object to processing based on legitimate interests or direct marketing.
  • Right to data portability - to request that certain data be provided to you or another controller in a structured format.
  • Right to withdraw consent - where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant data protection authority if you believe your personal data has not been handled correctly. We encourage you to contact us first so we can try to resolve any concern promptly and fairly.

9. Automated Decision-Making

Winchmorehill Storage does not normally make decisions about you based solely on automated processing that produce legal or similarly significant effects. If this changes, we will provide appropriate information about the logic involved and your rights.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically to remain informed about how we handle personal data.

11. Summary of Key Principles

In summary, Winchmorehill Storage processes personal data lawfully, fairly, and transparently. We collect only what we need, use it for clear and legitimate purposes, keep it only as long as necessary, and share it only with trusted processors or others where required by law. We respect the rights of all individuals whose data we process and are committed to maintaining a high standard of privacy protection for all Winchmorehill Storage customers in area.

Call Now!
Call Now Get a Quote
Winchmorehill Storage

GDPR-compliant Privacy Policy for Winchmorehill Storage covering data collection, lawful basis, retention, processors, and user rights.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.