Privacy Policy - Wembleypark Storage

This Privacy Policy explains how Wembleypark Storage collects, uses, stores, shares, and protects personal data in connection with storage services provided to customers in the Wembleypark area. It applies to all Wembleypark Storage customers in the area, including prospective customers, account holders, authorised users, and individuals who communicate with us about our services.

1. Who We Are

Wembleypark Storage is the data controller for the personal data described in this policy. This means we decide why and how personal data is processed for the purpose of providing storage services, managing customer relationships, maintaining security, meeting legal obligations, and improving our operations.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We aim to process personal data lawfully, fairly, and transparently.

2. Personal Data We Collect

We collect only the data needed to operate our storage services effectively and securely. The types of personal data we may collect include:

  • Identity data: name, date of birth, and any other information used to identify you.
  • Contact data: address, email address, telephone number, and billing details.
  • Account data: customer reference numbers, tenancy or rental information, payment history, and service preferences.
  • Verification data: documents or details used to confirm identity or prevent fraud, where required.
  • Access and security data: records of entry, exit, access codes, CCTV images, and security logs.
  • Communication data: messages, enquiries, complaints, and notes from conversations with us.
  • Financial data: payment card information or bank details, where needed for payment processing.
  • Technical data: device and usage information collected through websites, online forms, or digital systems, where applicable.

We do not intentionally collect special category personal data unless it is necessary and lawful to do so. If such data is provided to us accidentally, we will handle it carefully and only keep it where there is a lawful basis.

3. How We Collect Personal Data

We may collect personal data directly from you when you:

  • apply for storage services;
  • enter into or manage a storage agreement;
  • make payments or request invoices;
  • contact us with questions, complaints, or requests;
  • use secure access systems or interact with site security;
  • participate in identity verification or compliance checks.

We may also collect data indirectly from:

  • payment providers and financial institutions;
  • identity verification services;
  • law enforcement, regulators, or legal representatives, where appropriate;
  • security systems such as CCTV and access control systems.

4. Why We Use Personal Data

We use personal data for the following purposes:

  • to provide and manage storage services;
  • to create and maintain customer accounts;
  • to process payments and manage invoices;
  • to verify identity and prevent fraud;
  • to control access and protect our premises, staff, customers, and stored property;
  • to communicate about bookings, renewals, service changes, or customer support;
  • to comply with legal, tax, accounting, and regulatory obligations;
  • to establish, exercise, or defend legal claims;
  • to improve our services, systems, and security arrangements.

We will only use your personal data for the purposes described above or for compatible purposes that you would reasonably expect.

5. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for processing personal data. Wembleypark Storage relies on the following lawful bases:

  • Contract: we process data where it is necessary to enter into or perform a storage agreement with you.
  • Legal obligation: we process data where we must do so to comply with legal or regulatory requirements, including accounting, tax, fraud prevention, and record-keeping obligations.
  • Legitimate interests: we process data for legitimate business purposes, such as security, service improvement, administration, and protecting our property and customers, provided those interests do not override your rights and freedoms.
  • Consent: in limited cases, we may rely on your consent, for example where the law requires it. If we do, you may withdraw consent at any time.

Where we rely on legitimate interests, we ensure that we have considered the impact on your privacy and balanced our interests against your rights.

6. Sharing Your Data and Processors

We may share personal data with trusted third parties who help us run our business. These parties may act as processors, meaning they process personal data on our behalf and only according to our instructions.

Examples of processors and service providers may include:

  • payment processing providers;
  • IT hosting, cloud storage, and software service providers;
  • customer management and communication platforms;
  • security and CCTV system suppliers;
  • identity verification and fraud prevention providers;
  • professional advisers such as accountants, auditors, insurers, and legal advisers.

We may also disclose personal data to other organisations where required by law, including courts, regulators, or law enforcement authorities.

When we use processors, we take steps to ensure they are contractually bound to protect personal data, keep it confidential, and only use it for the specified services. We do not permit processors to use your personal data for their own purposes unless they are independently acting as a controller and have a lawful basis to do so.

7. International Transfers

Where personal data is transferred outside the United Kingdom, we will ensure appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms recognised under data protection law. We will only transfer data where necessary and where suitable protections exist.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including to meet legal, accounting, tax, insurance, and operational requirements.

Retention periods may vary depending on the type of data and the reason for processing. In general:

  • customer account and contract records are kept for the duration of the relationship and for a reasonable period afterwards;
  • payment and accounting records are retained for the period required by law;
  • security records, including access logs and CCTV images, are retained for a limited period unless needed for an incident, investigation, or legal claim;
  • complaints and correspondence may be retained for as long as needed to resolve the issue and support record-keeping.

When data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe manner.

9. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access restrictions, secure storage, password protection, monitoring systems, staff training, and supplier controls.

While no system is completely secure, we work to maintain safeguards that are proportionate to the risk and the type of data we process.

10. Your Rights

You have a number of rights under data protection law. These rights may apply depending on the circumstances and the lawful basis for processing. They include:

  • Right of access: you may request a copy of the personal data we hold about you.
  • Right to rectification: you may ask us to correct inaccurate or incomplete information.
  • Right to erasure: you may request deletion of your personal data in certain situations.
  • Right to restriction: you may ask us to limit how we use your data in certain circumstances.
  • Right to object: you may object to processing based on legitimate interests, and in some cases to direct marketing.
  • Right to data portability: you may request that certain data be provided to you or another controller in a structured format, where applicable.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

These rights are not absolute and may be subject to legal exceptions, particularly where we must keep records to comply with the law or defend legal claims.

11. How to Exercise Your Rights

If you wish to exercise any of your rights, you may make a request using the channels we provide in our customer communications or account materials. We may need to verify your identity before responding.

We aim to respond without undue delay and within the time limits required by law. If your request is complex or numerous, we may extend the response period where permitted.

12. Automated Decision-Making

We do not rely on fully automated decision-making that produces legal or similarly significant effects on customers, unless we notify you and the law allows it. If automated checks are used for fraud prevention, account security, or operational purposes, they will be applied with appropriate human oversight where required.

13. Children’s Data

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children except where required in relation to an adult customer’s account or where the law permits it.

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process data. Any updated version will apply from the date it takes effect. We encourage customers to review this policy periodically.

Summary of Our Commitment

Wembleypark Storage processes personal data responsibly, securely, and only when there is a lawful reason to do so. We collect only what is needed to provide storage services, protect our site and customers, meet legal duties, and manage our business. We retain data for limited periods, use trusted processors under contract, and respect your rights under data protection law.

Call Now!
Call Now Get a Quote
Wembleypark Storage

GDPR-compliant privacy policy for Wembleypark Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.