Privacy Policy - Westminster Storage

This Privacy Policy explains how Westminster Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, visitors, suppliers, and other individuals whose information we process. It applies to all Westminster Storage customers in area and to any person who interacts with our services in that area. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with applicable data protection law, including the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Westminster Storage provides storage-related services and associated customer support. In order to operate our business effectively, we may need to process personal data about individuals who use our services, enquire about them, manage accounts, make payments, and communicate with us. We only process personal data where we have a valid legal basis and where doing so is necessary for a legitimate business purpose or to meet legal obligations.

2. Personal Data We Collect

We may collect and process different categories of personal data depending on the nature of your interaction with us. The information we collect may include:

  • Identity details such as your name, title, and date of birth where needed.
  • Contact details such as address, email address, and telephone number.
  • Account information including customer reference details, storage unit records, service preferences, and correspondence history.
  • Payment and billing data such as invoice details, payment status, and limited financial information required to process transactions.
  • Verification information used to confirm identity, prevent fraud, and meet security or compliance requirements.
  • Usage information relating to how you use our services, including access logs, service requests, and support interactions.
  • Technical information where relevant, such as device type, browser information, and basic online interaction data.
  • Communications data including emails, messages, notes from calls, complaints, and any other records of correspondence.

We generally collect personal data directly from you when you make an enquiry, enter into an agreement, provide identification details, submit a payment, or contact us. We may also receive information from third parties where necessary for payment processing, compliance checks, fraud prevention, or service administration.

3. How We Use Personal Data

We use personal data only for specified, explicit, and legitimate purposes. These purposes may include:

  • setting up and managing customer accounts;
  • providing storage services and related support;
  • processing payments, fees, and refunds;
  • communicating with you about your account or our services;
  • verifying identity and protecting against fraud or misuse;
  • maintaining records for administrative, accounting, and audit purposes;
  • meeting legal, regulatory, and contractual obligations;
  • resolving disputes and enforcing agreements;
  • improving our services, operations, and customer experience;
  • protecting the security of our premises, systems, and users.

We will not use your personal data for purposes that are incompatible with those set out in this Policy unless we are required or permitted to do so by law.

4. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the circumstances, our lawful bases may include:

Performance of a Contract

We process data where it is necessary to perform our contract with you or to take steps at your request before entering into a contract. This includes managing bookings, customer records, payments, access arrangements, and service delivery.

Legal Obligation

We may process data where necessary to comply with legal obligations, including tax, accounting, consumer protection, security, fraud prevention, and record-keeping requirements.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. These interests may include maintaining business records, protecting property, improving services, managing risk, preventing fraud, and defending legal claims. We always consider whether the processing is proportionate and whether your interests require extra protection.

Consent

In limited circumstances, we may rely on your consent, for example where it is required for certain optional communications or specific processing activities. Where consent is used as the lawful basis, you may withdraw it at any time. Withdrawal will not affect the lawfulness of processing carried out before consent was withdrawn.

5. Sharing and Processors

We do not sell your personal data. However, we may share data where necessary to operate our business, deliver services, and comply with legal requirements. This may include sharing with trusted processors who act on our instructions and are contractually required to protect your data.

Examples of processors may include:

  • payment service providers who handle card or bank transactions;
  • IT and cloud service providers that host systems or data;
  • customer management and communications tools used for administration;
  • professional advisers such as accountants, auditors, or legal advisers;
  • security, maintenance, or facility management providers;
  • identity verification or fraud prevention providers;
  • public authorities, regulators, law enforcement, or courts where disclosure is required by law.

Where we use processors, we require them to handle personal data securely, only for the purposes we specify, and in compliance with applicable data protection laws. If personal data is transferred outside the UK, we will ensure appropriate safeguards are in place to protect it.

6. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, reporting, or dispute-resolution requirements. Retention periods may vary depending on the type of data and the reason for processing.

  • Contract and account records are typically kept for the duration of the customer relationship and for a period afterwards where required for business administration or legal claims.
  • Financial and tax records are retained for the period required by applicable law.
  • Correspondence and support records are retained as long as needed to manage your enquiry or resolve a dispute.
  • Security and access records may be retained for a limited period for safety, monitoring, and incident investigation purposes.

When personal data is no longer needed, we will securely delete it, anonymise it, or otherwise ensure it is disposed of in a safe and appropriate manner.

7. Data Security

We use appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, destruction, misuse, or disclosure. These measures may include access controls, encryption where appropriate, staff confidentiality obligations, secure storage practices, and regular review of our systems and procedures. While no system can be guaranteed to be completely secure, we take reasonable steps to reduce risk and protect the information we hold.

8. Your Rights

Under data protection law, you have rights in relation to your personal data. Depending on the circumstances, these may include:

  • The right of access to obtain a copy of the personal data we hold about you.
  • The right to rectification to correct inaccurate or incomplete information.
  • The right to erasure in certain circumstances, sometimes called the right to be forgotten.
  • The right to restrict processing in certain situations, for example while accuracy or objections are being assessed.
  • The right to data portability where processing is based on consent or contract and is carried out by automated means.
  • The right to object to processing based on legitimate interests or to direct marketing.
  • The right to withdraw consent where we rely on consent as the lawful basis.
  • The right to lodge a complaint with the relevant data protection authority if you believe your rights have been infringed.

We may need to verify your identity before responding to a request. Some rights may not apply in all circumstances, and legal exceptions may limit or delay our ability to act on a request. We will always aim to respond in line with applicable legal requirements.

9. Children’s Data

Our services are not directed to children, and we do not knowingly collect personal data from children unless it is necessary for a lawful business purpose and appropriate consent or authority is provided where required. If we become aware that we have collected personal data inappropriately, we will take reasonable steps to delete or secure it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or our data processing practices. Any updated version will apply from the date it is published or otherwise made available. We encourage you to review this Policy periodically so that you remain informed about how we protect your personal data.

By using Westminster Storage services in area, you acknowledge that your personal data will be processed in accordance with this Privacy Policy. We are committed to keeping your information secure, using it responsibly, and respecting your privacy at every stage of our relationship.

Call Now!
Call Now Get a Quote
Westminster Storage

GDPR-compliant Privacy Policy for Westminster Storage covering data collection, lawful basis, retention, processors, user rights, and security for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.