Privacy Policy - Wormwoodscrubs Storage

Wormwoodscrubs Storage is committed to protecting the privacy and personal data of all customers. This Privacy Policy explains how we collect, use, store, share, and protect personal information in connection with our storage services. It applies to all Wormwoodscrubs Storage customers in the area, including current, prospective, and former customers, as well as individuals who interact with us in relation to storage bookings, account management, billing, and service administration.

1. Who We Are

For the purposes of data protection law, Wormwoodscrubs Storage acts as the data controller for personal information collected and used in the course of providing storage services. This means we determine the purposes and means of processing personal data. We are responsible for ensuring that personal data is handled in a lawful, fair, and transparent manner.

2. Personal Data We Collect

We collect only the personal data that is necessary for operating our services, fulfilling our contractual obligations, and meeting legal and regulatory requirements. The types of information we may collect include:

  • Identity details such as name, title, and date of birth where required for verification.
  • Contact details such as postal address, email address, and telephone number.
  • Account and booking details including storage unit selection, contract information, move-in and move-out dates, and payment records.
  • Financial information such as billing details, transaction history, and limited payment-related data needed to process fees and deposits.
  • Access and security information such as entry logs, key or access records, CCTV footage where used, and incident reports.
  • Communication records including correspondence with us by phone, email, or written communication.
  • Verification information where we are required to confirm identity, address, or authority to act on behalf of another person.

We normally collect information directly from you when you enquire about, reserve, or use our storage services. We may also receive information from third parties where necessary, for example payment service providers, identity verification services, insurers, legal advisers, or public authorities.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To register and manage customer accounts and storage agreements.
  • To provide access to storage units and related services.
  • To process payments, refunds, deposits, and outstanding balances.
  • To verify identity and prevent fraud or misuse of our services.
  • To communicate about account matters, service updates, and operational notices.
  • To maintain site security, protect our property, and safeguard customers, staff, and visitors.
  • To comply with legal obligations, including tax, accounting, and regulatory requirements.
  • To establish, exercise, or defend legal claims where necessary.

We will not use your personal data for purposes that are incompatible with those stated in this policy unless we have a lawful reason to do so.

4. Lawful Basis for Processing

We only process personal data where we have a lawful basis under applicable data protection law, including the UK GDPR and the Data Protection Act 2018. Depending on the circumstances, our processing may rely on one or more of the following bases:

Contract

We process personal data where it is necessary to enter into or perform our storage agreement with you. This includes managing reservations, providing access to your unit, handling billing, and supporting customer account administration.

Legal Obligation

We may process personal data where necessary to comply with legal obligations, such as accounting requirements, tax laws, safety obligations, fraud prevention rules, and lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. These interests may include protecting our premises, preventing theft or damage, maintaining service quality, managing business operations, and defending legal claims. When relying on legitimate interests, we assess the impact on individuals and take appropriate safeguards.

Consent

In limited cases, we may rely on your consent, for example where required for optional communications or certain uses of information not covered by another lawful basis. Where we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Data Sharing and Processors

We may share personal data with trusted third parties who help us operate our business. These third parties act either as processors or, in some situations, as independent controllers. We require processors to handle personal data only on our instructions and to implement appropriate security measures.

Examples of processors and service providers may include:

  • Payment processors that handle card or electronic payment transactions.
  • IT and cloud service providers that host systems, maintain records, or support secure communications.
  • Security service providers that assist with alarms, monitoring, access control, or CCTV management.
  • Professional advisers such as accountants, insurers, auditors, and legal advisers where required.
  • Maintenance and facilities contractors where access is needed to perform necessary works.

We may also disclose personal data to law enforcement agencies, courts, regulators, or other public bodies where required by law or where necessary to protect our rights, customers, staff, or property. If personal data is transferred outside the United Kingdom or European Economic Area, we will ensure appropriate safeguards are in place, such as standard contractual clauses or equivalent legal protections.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, and reporting requirements. Retention periods vary depending on the type of data and the reason it is held.

In general:

  • Customer account and contract records are kept for the duration of the agreement and for a reasonable period afterwards.
  • Financial and transaction records are retained for the period required by tax and accounting law.
  • Security logs, access records, and incident reports are kept for as long as needed for safety, security, and dispute resolution.
  • Enquiry records and communications may be retained for service management and evidence of transactions or decisions.

When personal data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against accidental loss, unauthorised access, alteration, disclosure, or destruction. These measures may include access controls, restricted permissions, secure storage, staff confidentiality obligations, and monitoring of relevant systems. While no system can be guaranteed as completely secure, we review our safeguards regularly and aim to maintain a level of security appropriate to the risks involved.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be subject to conditions or exemptions depending on the circumstances.

  • Right of access - you may request confirmation of whether we process your personal data and obtain a copy of that data.
  • Right to rectification - you may ask us to correct inaccurate or incomplete information.
  • Right to erasure - you may request deletion of your data in certain circumstances.
  • Right to restrict processing - you may ask us to limit how we use your data in certain cases.
  • Right to data portability - you may request certain data in a structured, commonly used format where applicable.
  • Right to object - you may object to processing based on legitimate interests or to direct marketing where applicable.
  • Right to withdraw consent - where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the relevant supervisory authority if you believe your data protection rights have been infringed. We encourage you to raise concerns with us first so that we can try to resolve the matter promptly and fairly.

9. Children and Vulnerable Individuals

Our storage services are intended for adults and business users. We do not knowingly collect personal data from children unless it is provided by a parent, guardian, or authorised representative for a legitimate service-related purpose. Where we process information relating to vulnerable individuals, we take additional care to ensure that the processing is lawful, necessary, and proportionate.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, service arrangements, or data processing practices. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically to stay informed about how we protect personal data.

11. Summary of Our Commitments

Wormwoodscrubs Storage will collect only the personal data needed to provide storage services, use it for clear and lawful purposes, retain it only for as long as necessary, and protect it with appropriate safeguards. We will use processors carefully, keep data secure, and respect the rights of all customers in the area.

This Privacy Policy is intended to be clear, fair, and compliant with applicable data protection law.

Call Now!
Call Now Get a Quote
Wormwoodscrubs Storage

GDPR-compliant Privacy Policy for Wormwoodscrubs Storage covering data collection, lawful basis, retention, processors, user rights, and applicability to all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.