Privacy Policy - Wallington Storage

This Privacy Policy explains how Wallington Storage collects, uses, stores, shares, and protects personal data. It applies to all Wallington Storage customers in the area, including prospective customers, current customers, former customers, and any individuals who interact with us in connection with storage services, payments, account administration, and site operations.

1. Scope of this Policy

This policy applies where we act as a data controller for personal data relating to our storage services. It covers information collected through in-person interactions, telephone communication, email correspondence, paper forms, online forms, account records, service agreements, payment processes, security systems, and operational activities connected with our business.

We are committed to handling personal data in accordance with the UK GDPR and the Data Protection Act 2018. We aim to process data fairly, lawfully, transparently, and only for legitimate business purposes.

2. Information We Collect

We may collect and process the following categories of personal data:

  • Identity information: name, date of birth, and similar identifying details.
  • Contact information: postal address, billing address, email address, and phone number.
  • Account information: customer reference numbers, service history, storage unit details, and contract records.
  • Payment information: payment card details, bank account information, transaction records, invoices, and payment status.
  • Verification information: copies of identity documents or proof of address where required for fraud prevention, compliance, or account setup.
  • Access and security information: records of site access, key or code use, CCTV images, incident reports, and security logs.
  • Communication records: emails, calls, messages, complaints, queries, and correspondence relating to services.
  • Technical data: device and usage data where applicable to digital systems, such as IP address or access logs.

We generally collect personal data directly from you. In some cases, we may receive information from third parties such as payment providers, fraud prevention services, legal advisers, insurers, debt recovery providers, or public authorities.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to register and manage your storage account;
  • to provide storage services and administer contracts;
  • to process payments, refunds, and outstanding balances;
  • to verify identity and prevent fraud;
  • to manage access to storage facilities and protect site security;
  • to respond to enquiries, complaints, and service requests;
  • to comply with legal, regulatory, tax, and accounting obligations;
  • to enforce agreements, resolve disputes, and protect our legal rights;
  • to monitor and improve our services and business operations;
  • to support insurance, risk management, and incident investigation.

We only process personal data where we have a valid legal reason to do so and where the use is necessary and proportionate for the relevant purpose.

4. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for each use of personal data. The lawful bases we rely on include:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes account setup, storage unit allocation, billing, service delivery, and customer support.

Legal Obligation

We may process personal data where necessary to comply with legal requirements, including tax laws, accounting rules, fraud prevention duties, record-keeping obligations, and lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided that your rights and freedoms do not override those interests. Examples include business administration, security monitoring, service improvement, debt recovery, and safeguarding our premises and property.

Consent

In limited cases, we may rely on consent, for example for certain optional communications or specific uses of data that are not covered by another lawful basis. Where we rely on consent, you may withdraw it at any time.

5. Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, where necessary for the purposes described above. These may include:

  • payment processors and banking service providers;
  • IT and cloud service providers;
  • software platforms used for account management, invoicing, or communications;
  • CCTV, security, and access control system providers;
  • professional advisers such as accountants, insurers, auditors, and lawyers;
  • debt recovery or credit management providers;
  • regulators, law enforcement bodies, courts, and public authorities where required by law.

Where a third party acts as a processor, they only process personal data on our instructions and are contractually required to protect it, use it only for agreed purposes, and apply appropriate technical and organisational safeguards.

We do not sell personal data. If any transfer outside the UK were required, we would ensure appropriate safeguards are in place in line with applicable data protection law.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, or for as long as required by law. Retention periods vary depending on the type of data and the reasons for processing it.

  • Contract and account records are typically kept for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records may be retained for several years to meet legal and accounting obligations.
  • Security records and CCTV footage are usually kept for a limited time unless needed for investigation, insurance, or legal proceedings.
  • Correspondence and complaints may be retained for as long as needed to manage the issue and document outcomes.

When data is no longer required, we will securely delete, anonymise, or destroy it in line with our retention and disposal procedures.

7. Data Security

We use appropriate security measures to protect personal data against unauthorised access, loss, misuse, disclosure, alteration, or destruction. These measures may include access controls, password protection, secure storage, restricted user permissions, staff training, and monitoring of systems where appropriate.

While no system can be guaranteed to be completely secure, we work to reduce risk and maintain reasonable safeguards that are proportionate to the nature of the data we process.

8. Your Rights

Depending on the circumstances and applicable law, you may have the following rights regarding your personal data:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain situations.
  • Right to restriction: to ask us to limit processing in certain circumstances.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

You also have the right to raise concerns with the UK Information Commissioner’s Office if you believe your data protection rights have been breached. We encourage you to contact us first so we can try to resolve any issue promptly.

9. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children unless it is necessary in a specific lawful context, such as an emergency contact or legal requirement. If we become aware that we have collected data from a child without a valid reason, we will take appropriate steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data processing practices. Any updated version will apply from the date it is made available. We encourage customers to review it periodically so they remain informed about how their data is handled.

11. Fair Processing Statement

We process personal data only to the extent needed to run our storage business effectively and responsibly. Our approach is based on transparency, accountability, and respect for individual rights. If you use Wallington Storage services, your data will be handled in accordance with this Privacy Policy and applicable data protection law.

By using Wallington Storage services, you acknowledge that your personal data may be processed as described in this policy for the purposes of providing secure and lawful storage services.

Call Now!
Call Now Get a Quote
Wallington Storage

GDPR-compliant Privacy Policy for Wallington Storage covering data collection, lawful basis, retention, processors, user rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.