Privacy Policy - Isleworth Storage

This Privacy Policy explains how Isleworth Storage collects, uses, stores, shares, and protects personal data relating to our customers, prospective customers, and website or service users. It applies to all Isleworth Storage customers in the area and is intended to meet the requirements of the UK GDPR and the Data Protection Act 2018.

1. Who We Are

For the purposes of data protection law, Isleworth Storage acts as the data controller in relation to the personal data we process about you. This means we determine the purposes and means of processing your personal data when you use our storage services, make enquiries, or otherwise engage with us.

We are committed to handling your information lawfully, fairly, and transparently. We only collect personal data that is necessary for the provision, management, and security of our services.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data, such as your name, title, and date of birth where needed for verification.
  • Contact data, such as your address, email address, and telephone number.
  • Contract and account data, such as your rental agreement details, payment status, and service history.
  • Billing and payment data, such as transaction records and payment confirmations. We do not normally store full card details where a secure payment provider is used.
  • Access and security data, such as entry logs, CCTV records, key or access code information, and incident reports where applicable.
  • Communications data, such as enquiries, complaints, support requests, and correspondence.
  • Technical data, if you interact with digital systems we use, such as IP address, browser type, or device identifiers.

We may also collect information you choose to provide voluntarily, for example when reporting an issue or updating your account details.

3. How We Collect Your Data

We collect personal data directly from you when you:

  • request a quotation or make an enquiry;
  • enter into a storage agreement;
  • make payments or arrange service changes;
  • contact us with questions or feedback;
  • use access-controlled facilities;
  • submit identification documents where required by law or contract.

We may also receive data from third parties, including payment service providers, identity verification services, insurers, or public authorities where this is lawful and necessary.

4. Why We Use Your Data and Lawful Basis

We process your personal data only where we have a valid lawful basis under data protection law. Depending on the circumstances, we rely on one or more of the following bases:

Performance of a Contract

We process personal data to provide our storage services and manage our agreement with you. This includes opening and maintaining your account, issuing invoices, managing access, and delivering customer support.

Legal Obligation

We may process data to comply with legal requirements, including accounting, tax, fraud prevention, security obligations, and record-keeping duties. Where the law requires us to retain certain records, we will do so.

Legitimate Interests

We may process data where it is necessary for our legitimate business interests and where your rights do not override those interests. This may include protecting our premises, preventing misuse of services, maintaining security, handling disputes, and improving our operations. We balance our interests against your privacy rights before relying on this basis.

Consent

In limited cases, we may rely on your consent, for example for certain optional communications or non-essential processing. Where we rely on consent, you may withdraw it at any time without affecting the lawfulness of processing carried out before withdrawal.

Vital Interests

In rare situations, we may process data to protect someone’s vital interests, such as in an emergency involving health or safety.

5. How We Use Your Information

We use personal data to:

  • provide and manage storage services;
  • verify identity and prevent fraud;
  • process payments and manage accounts;
  • maintain site and facility security;
  • communicate about service updates, issues, or contractual matters;
  • comply with legal and regulatory obligations;
  • resolve complaints, claims, or disputes;
  • improve the quality and efficiency of our services.

We do not use personal data for purposes that are incompatible with the reasons it was collected, unless required or permitted by law.

6. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors or independent controllers, depending on the service they provide. Any processor we use is required to handle data securely and only according to our instructions.

Examples of processors and service providers may include:

  • payment processing providers;
  • IT and hosting providers;
  • secure document storage providers;
  • customer management and communications platforms;
  • security and surveillance service providers;
  • professional advisers such as accountants, auditors, or legal advisers;
  • identity verification and fraud prevention services.

We may also disclose data to insurers, emergency services, regulators, law enforcement, or courts where required or permitted by law. If business operations are restructured, merged, or transferred, personal data may be shared with relevant parties as part of that process, subject to appropriate safeguards.

7. International Transfers

Where personal data is transferred outside the UK, we ensure appropriate safeguards are in place, such as adequacy regulations or approved contractual protections. These safeguards help ensure your personal data remains protected to a standard consistent with UK data protection law.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including legal, accounting, security, and reporting requirements. Retention periods vary depending on the type of data and the reason for processing.

In general:

  • customer account and contract data are retained for the duration of the service relationship and for a reasonable period after it ends;
  • billing and tax records are retained for the period required by law;
  • security logs and access records are retained for a limited period unless needed longer for incident investigation or legal claims;
  • complaints and correspondence are retained for as long as needed to resolve the matter and manage records;
  • where data is no longer required, it is securely deleted, anonymised, or archived in line with our retention procedures.

We regularly review retained data to ensure it is not kept longer than necessary.

9. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to limitations and exceptions.

  • Right of access – you may request a copy of the personal data we hold about you.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – you may request deletion of your data in certain circumstances.
  • Right to restriction – you may ask us to limit processing in certain situations.
  • Right to data portability – you may request certain data in a structured, commonly used format.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – if we rely on consent, you may withdraw it at any time.

You also have the right to raise a concern with the UK Information Commissioner’s Office if you believe your data has been mishandled. We encourage you to contact us first so that we can try to resolve any concern promptly and fairly.

10. Security of Your Data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or damage. These measures may include access controls, secure systems, staff training, incident monitoring, and restricted handling procedures.

However, no method of transmission or storage is completely secure. While we take data security seriously, we cannot guarantee absolute protection.

11. Children’s Data

Our services are intended for adults or legal entities acting through authorised representatives. We do not knowingly collect children’s personal data except where it is incidentally provided and necessary for lawful service administration, such as emergency contact information or account administration where permitted.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect legal, operational, or service changes. Any revised version will apply from the date it is published or otherwise communicated. Please review this policy periodically to stay informed about how we protect your information.

13. Summary of Our Commitment

Isleworth Storage is committed to respecting your privacy and processing your personal data responsibly. We collect only what we need, use it for clear and lawful purposes, share it only with appropriate processors or legal recipients, and keep it only for as long as necessary. Your rights matter to us, and we aim to handle all personal data with care, integrity, and transparency.

Call Now!
Call Now Get a Quote
Isleworth Storage

GDPR-compliant privacy policy for Isleworth Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.