Privacy Policy - Welling Storage

Welling Storage is committed to protecting the privacy and personal data of all customers in our area. This Privacy Policy explains how we collect, use, store, share, and protect personal information when you use our storage services, make enquiries, or otherwise interact with us. It applies to all Welling Storage customers in area, including current, former, and prospective customers.

1. Who We Are

For the purposes of data protection law, Welling Storage acts as the data controller in relation to personal data we collect and process for our own business purposes. This means we determine why and how your personal data is used. We are committed to handling personal information lawfully, fairly, and transparently, in line with applicable data protection legislation, including the UK GDPR and the Data Protection Act 2018.

2. Personal Data We Collect

We collect only the information that is necessary to provide storage services, manage our relationship with you, meet legal obligations, and operate our business effectively. The types of personal data we may collect include:

  • Identity details such as your name and title.
  • Contact details such as address, email address, and telephone number.
  • Account and transaction details such as booking records, payment status, invoices, and service history.
  • Identification documents where required to verify identity, prevent fraud, or comply with legal obligations.
  • Access and security information such as entry logs, CCTV recordings, alarm records, and site visit information.
  • Correspondence including emails, letters, calls, complaints, and service requests.
  • Technical information if you interact with digital systems, such as device identifiers or usage data.

We do not intentionally collect special category data unless it is necessary and permitted by law, for example if you choose to share information relevant to a support request or legal matter.

3. How We Collect Data

We may collect personal data directly from you when you:

  • complete a booking or enquiry;
  • sign a contract or provide identity documents;
  • make payments or request billing information;
  • contact us for support;
  • visit or access our storage facilities;
  • respond to communications from us.

We may also receive data from third parties where lawful and appropriate, such as payment providers, fraud-prevention services, credit reference agencies, law enforcement, insurers, or legal advisers. Where permitted, we may also collect information through security systems and site monitoring.

4. Why We Use Your Personal Data

We use your data for the following purposes:

  • to provide and manage storage services;
  • to verify identity and prevent fraud;
  • to process payments, refunds, and account administration;
  • to communicate about bookings, access, notices, and service changes;
  • to handle customer support, complaints, and disputes;
  • to maintain site security and protect property;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to establish, exercise, or defend legal claims;
  • to improve our services and operational efficiency.

We will only use personal data for the purposes described above or for compatible purposes permitted by law.

5. Lawful Basis for Processing

We process personal data only where we have a valid lawful basis under the UK GDPR. Depending on the context, the lawful basis may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you, such as managing your storage account, providing access, and handling billing.

Legal obligation

We may process data to comply with legal requirements, including accounting, tax, fraud prevention, health and safety, and regulatory obligations.

Legitimate interests

We may process data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. This may include site security, record keeping, service improvement, debt recovery, and prevention of misuse.

Consent

In limited cases, we may rely on your consent, for example where required for specific optional communications or certain uses of data. Where we rely on consent, you may withdraw it at any time.

Vital interests and public task

These bases are unlikely to apply in most storage-related situations, but may be used where required by law or in emergencies.

6. Sharing and Processors

We may share personal data with trusted third parties, but only when necessary and under appropriate safeguards. These third parties may act as processors or independent controllers depending on the service provided.

Examples of processors may include:

  • IT and cloud service providers that host or maintain our systems;
  • payment processing providers that handle card or electronic payments;
  • customer relationship and communication platforms;
  • security and CCTV service providers;
  • document storage and administrative support providers;
  • professional advisers such as accountants, auditors, and legal advisers acting on our behalf.

We may also disclose personal data to law enforcement, courts, regulators, insurers, or other parties where required or permitted by law. We do not sell personal data.

All processors are required to act only on our instructions, protect personal data appropriately, and comply with confidentiality and security obligations. We take reasonable steps to ensure that any data sharing is limited to what is necessary.

7. International Transfers

If personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We will only transfer data where necessary and where suitable protections are available.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, tax, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

In general:

  • Customer account and contract records are retained for the duration of the relationship and for a period afterward to manage claims and legal obligations.
  • Financial and transaction records are retained for the period required by tax and accounting law.
  • Security records such as access logs and CCTV may be retained for a shorter period unless needed for investigation or legal purposes.
  • Enquiry and correspondence records are kept for as long as necessary to respond to your request and maintain appropriate business records.

When data is no longer needed, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.

9. Security of Personal Data

We take the protection of personal data seriously and use reasonable technical and organisational measures to safeguard information against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, and monitoring procedures. While no system can be guaranteed completely secure, we work to maintain a level of protection appropriate to the risks involved.

10. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may apply depending on the lawful basis for processing and the specific circumstances. They include:

  • Right of access – to request a copy of your personal data.
  • Right to rectification – to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restrict processing – to limit how we use your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data rights have been infringed. We encourage you to raise concerns with us first so we can try to resolve the issue.

11. Automated Decision-Making

We do not normally use fully automated decision-making that produces legal or similarly significant effects. If this changes, we will inform you and provide the relevant information required by law. Any profiling or automated checks we use will be limited, proportionate, and subject to appropriate safeguards.

12. Children

Our storage services are intended for adults and businesses. We do not knowingly collect personal data from children in the course of ordinary service delivery. If we become aware that a child’s personal data has been collected in error, we will take appropriate steps to delete or protect it in accordance with the law.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how we protect personal data.

14. Summary of Key Principles

In summary, Welling Storage only processes personal data where there is a lawful reason to do so, keeps it for no longer than necessary, uses processors carefully, and respects your rights under data protection law. Our aim is to handle customer information with fairness, transparency, and accountability at every stage.

By using Welling Storage services, you acknowledge that this Privacy Policy applies to all Welling Storage customers in area.

Call Now!
Call Now Get a Quote
Welling Storage

GDPR-compliant privacy policy for Welling Storage covering data collection, lawful basis, retention, processors, rights, and scope.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.