Privacy Policy - Waddon Storage

Waddon Storage is committed to protecting the privacy and personal data of all customers in the area. This Privacy Policy explains how we collect, use, store, share, and protect personal information, and sets out the rights available to individuals under the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy applies to all Waddon Storage customers in area, including current, former, and prospective customers, as well as anyone who interacts with our services.

1. Who we are

Waddon Storage provides storage-related services to individuals and businesses. For the purposes of data protection law, Waddon Storage is the data controller for the personal information described in this Privacy Policy. This means we determine why and how your personal data is processed. We take our responsibility seriously and aim to handle personal data lawfully, fairly, and transparently.

2. Personal data we collect

We may collect and process the following categories of personal data:

  • Identity data such as your name, title, and any identification information required for verification.
  • Contact data such as your postal address, email address, and telephone number.
  • Account and contract data such as booking details, storage unit references, payment status, service agreements, and communication preferences.
  • Financial data such as payment card details, bank information, billing records, and transaction history.
  • Usage data such as access records, service usage, and interactions with our staff or systems.
  • Security data such as CCTV images, access logs, incident reports, and other information collected for safety and crime prevention.
  • Correspondence data such as records of emails, letters, telephone calls, complaints, and requests.
  • Technical data such as device identifiers and IP-related information where relevant to the operation and security of our services.

We generally do not seek to collect special category personal data, such as information relating to health, religion, or ethnicity. If such data is provided to us voluntarily, we will only process it where a lawful basis exists and where necessary for a specific purpose.

3. How we collect personal data

We collect personal data in several ways:

  • Directly from you when you complete forms, make enquiries, sign agreements, or communicate with us.
  • Automatically when you use our services, access our premises, or interact with our systems.
  • From third parties such as payment providers, identity verification services, insurers, debt recovery services, and legal or regulatory bodies where appropriate.

Where we collect information from third parties, we only do so when the law allows it and when the information is needed for a legitimate business or legal purpose.

4. Why we use your personal data

We use personal data for the following purposes:

  • To provide storage services and manage your account or booking.
  • To verify identity and prevent fraud.
  • To process payments and manage invoicing.
  • To communicate with you about your service, account, or contractual matters.
  • To ensure site safety, protect property, and prevent unlawful activity.
  • To maintain accurate business records and comply with legal obligations.
  • To handle complaints, disputes, or claims.
  • To improve our services, systems, and operational efficiency.

We only use personal data where we have a valid reason to do so and where the processing is necessary for a clearly defined purpose.

5. Lawful basis for processing

Under UK GDPR, we must have a lawful basis to process your personal data. Depending on the activity, we rely on one or more of the following:

  • Contract: processing is necessary to enter into or perform a storage agreement with you.
  • Legal obligation: processing is necessary to meet tax, accounting, fraud prevention, health and safety, or other legal requirements.
  • Legitimate interests: processing is necessary for our legitimate business interests, such as managing operations, securing premises, maintaining records, and preventing crime, provided these interests do not override your rights and freedoms.
  • Consent: where required by law, for example for certain marketing activities or specific optional uses of personal data.

Where we rely on legitimate interests, we assess the impact on your privacy and ensure the processing is proportionate and necessary. Where we rely on consent, you may withdraw it at any time.

6. Sharing your data and processors

We may share personal data with trusted third-party service providers who act as processors on our behalf. These processors are only permitted to process personal data according to our instructions and must implement appropriate security measures. Typical processors may include:

  • IT and cloud hosting providers.
  • Payment processing providers.
  • Identity verification and fraud prevention services.
  • Security and CCTV system providers.
  • Accountancy, auditing, and record-management providers.
  • Legal, insurance, and debt recovery advisers where necessary.

We may also disclose personal data to independent controllers where required, including law enforcement agencies, courts, regulators, insurers, or professional advisers. We will only do this where it is lawful and necessary.

We do not sell your personal data.

7. International transfers

If any of our processors store or access personal data outside the UK, we will take appropriate steps to ensure that the data is protected to a level required by applicable law. This may include the use of approved contractual safeguards or other lawful transfer mechanisms.

8. Data retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting obligations. Retention periods depend on the type of data and the reason for processing.

  • Contract and account records are generally kept for the period of the customer relationship and for a reasonable period afterwards to address disputes or claims.
  • Financial and tax records are typically retained for the period required by law.
  • Security records such as CCTV footage and access logs are retained only for as long as needed for safety, incident handling, and crime prevention.
  • Correspondence and complaint records are retained for a period appropriate to the matter and any follow-up obligations.

When personal data is no longer needed, we securely delete, anonymise, or destroy it.

9. Data security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access controls, secure systems, staff training, monitoring, and physical security measures. While no system can be guaranteed completely secure, we work continuously to reduce risks and protect information.

10. Your rights

As a data subject, you have rights under UK GDPR. These include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit processing in certain cases.
  • Right to data portability – to receive certain data in a structured, commonly used format.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed.

11. Automated decision-making

We do not make decisions about customers based solely on automated processing that produce legal or similarly significant effects, unless we are permitted to do so by law and have informed you appropriately. If that ever changes, we will update this policy.

12. Children’s data

Our services are not directed at children, and we do not knowingly collect personal data from children unless it is required in connection with a lawful service arrangement and the necessary legal basis is present.

13. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or security changes. Any revised version will apply from the date it is issued. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

Final statement

Waddon Storage is dedicated to handling personal data responsibly and in accordance with applicable data protection law. This Privacy Policy is intended to provide clear information about our practices and to support the rights and expectations of all Waddon Storage customers in area. If you remain concerned about how your data is used, please remember that you may exercise your rights at any time, subject to legal limits and legitimate business requirements.

Call Now!
Call Now Get a Quote
Waddon Storage

GDPR-compliant Privacy Policy for Waddon Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.