Privacy Policy - Shadwell Storage

This Privacy Policy explains how Shadwell Storage collects, uses, stores, shares, and protects personal data when providing storage services. It applies to all Shadwell Storage customers in area, including prospective customers, current customers, account holders, authorised users, and individuals who contact us about our services. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws.

1. Who we are

Shadwell Storage is a storage services provider. In relation to the personal data described in this policy, we act as a data controller where we decide why and how personal data is processed. In some circumstances, we may also use third parties who process personal data on our behalf as data processors.

2. Personal data we collect

We only collect personal data that is necessary for the operation of our storage services, account administration, security, compliance, and service improvement. The types of data we may collect include:

  • Identity data such as name, title, and date of birth where needed for verification.
  • Contact data such as postal address, email address, and telephone number.
  • Account data such as customer reference numbers, booking details, access permissions, and service preferences.
  • Payment data such as billing address, transaction details, and payment status. We do not store full payment card details where payment is processed by a secure payment provider.
  • Verification data such as copies of identification documents if required for fraud prevention, legal compliance, or account setup.
  • Security and access data such as entry records, CCTV footage, alarm logs, and access timestamps where relevant to site security.
  • Communications data such as enquiries, complaints, support messages, and any records of correspondence.
  • Technical data such as IP address, device information, browser type, and usage information if you interact with our digital systems.

We do not intentionally collect special category data unless it is provided by you and is strictly necessary for a legitimate reason, such as legal compliance or resolving a dispute. Where such data is processed, we apply enhanced safeguards.

3. How we use personal data

We use personal data for the following purposes:

  • To create and manage customer accounts and storage agreements.
  • To verify identity and prevent fraud, misuse, or unauthorised access.
  • To provide and administer storage services, including access control and site management.
  • To process payments, issue invoices, and manage outstanding balances.
  • To communicate about bookings, renewals, service changes, safety notices, and operational matters.
  • To maintain security, monitor for incidents, and protect property, staff, customers, and visitors.
  • To comply with legal obligations, regulatory requirements, and lawful requests from authorities.
  • To resolve disputes, enforce agreements, and establish, exercise, or defend legal claims.
  • To improve our services, systems, and customer experience.

4. Lawful basis for processing

We process personal data only where we have a valid lawful basis under the UK GDPR. Depending on the purpose, our lawful bases may include:

Contract

We process data where it is necessary to enter into or perform a contract with you, such as managing your storage agreement, providing access, and processing payment.

Legal obligation

We process data where necessary to comply with laws and regulations, including accounting, tax, fraud prevention, health and safety, and requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. This includes securing our premises, preventing fraud, managing customer enquiries, improving services, and protecting legal rights.

Consent

In limited situations, we may rely on your consent, for example where it is appropriate for optional communications or certain uses of data not covered by another lawful basis. Where we rely on consent, you may withdraw it at any time.

Vital interests

In rare circumstances, we may process data to protect someone’s vital interests, such as in an emergency or serious safety incident.

5. Data sharing and processors

We may share personal data with trusted third parties where necessary for service delivery, legal compliance, or legitimate business operations. These third parties act as processors or, in some cases, independent controllers. We require appropriate contractual and security protections when data is shared.

Examples of processors and categories of recipients may include:

  • IT and hosting providers who support our systems, data storage, and communications tools.
  • Payment service providers who process payments securely on our behalf.
  • Security providers who assist with CCTV, alarm monitoring, or access control systems.
  • Accountants, auditors, and professional advisers who support compliance, reporting, and legal matters.
  • Debt recovery or legal service providers where necessary to manage unpaid balances or disputes.
  • Public authorities, regulators, or law enforcement where required by law or to protect rights and safety.

We do not sell personal data. If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place in accordance with applicable data protection law.

6. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, tax, dispute resolution, and security requirements. Retention periods vary depending on the type of data and the reason for processing.

In general:

  • Customer account and contract records are retained for the duration of the service relationship and for a period after it ends.
  • Payment and invoicing records are retained for the period required by tax and accounting laws.
  • Security records, including access logs and CCTV footage, are retained only for a limited period unless needed for an incident, investigation, or legal claim.
  • Enquiry and complaint records are retained for as long as necessary to respond and to maintain business records.

When data is no longer required, we will securely delete, anonymise, or archive it in accordance with our retention practices.

7. Security of personal data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, misuse, or disclosure. These measures may include access controls, secure storage, staff training, system monitoring, and restrictions on who can access records. While no system can be guaranteed completely secure, we take data protection seriously and review safeguards regularly.

8. Your rights

Under data protection law, you have rights in relation to your personal data. Subject to legal conditions and exemptions, these may include:

  • Right of access to request a copy of the personal data we hold about you.
  • Right to rectification to correct inaccurate or incomplete data.
  • Right to erasure to request deletion of your data in certain circumstances.
  • Right to restriction to limit how we use your data in certain cases.
  • Right to object to processing based on legitimate interests or direct marketing.
  • Right to data portability to receive certain data in a structured, commonly used format.
  • Right to withdraw consent where processing is based on consent.

You also have the right to raise concerns about how we handle your personal data. If you believe your rights have not been respected, you may make a complaint to the appropriate data protection authority.

9. Children’s data

Our services are intended for adults and business or household customers able to enter into storage arrangements. We do not knowingly collect personal data from children except where it is incidentally included in records that are necessary for lawful business or security purposes.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updates will take effect when published, and we encourage customers to review the policy periodically. Continued use of our services after an update may indicate acceptance of the revised terms, where permitted by law.

By using Shadwell Storage services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy.

Call Now!
Call Now Get a Quote
Shadwell Storage

GDPR-compliant privacy policy for Shadwell Storage covering data collection, lawful basis, retention, processors, user rights, security, and scope for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.