Privacy Policy - Gunnersbury Storage

This Privacy Policy explains how Gunnersbury Storage collects, uses, stores, shares, and protects personal data. It applies to all Gunnersbury Storage customers in the area, including prospective customers, current customers, former customers, and any other individuals who interact with us in connection with our storage services.

We are committed to handling personal data lawfully, fairly, and transparently in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who this policy applies to

This policy applies to anyone whose personal data we process in connection with our storage services, administration, billing, security, communications, and related business operations. It covers individuals who:

  • request information about our services;
  • book or use a storage unit;
  • visit or attend our premises;
  • contact us by phone, email, or other communication methods;
  • are named on an account, contract, invoice, or delivery instruction;
  • are authorised users, emergency contacts, or business representatives.

By using our services, you acknowledge that your personal data may be processed as described in this policy.

2. Personal data we collect

We only collect data that is relevant and necessary for our storage services, legal obligations, and legitimate business purposes. The information we collect may include:

Identification and contact details

  • full name;
  • postal address;
  • email address;
  • telephone number;
  • date of birth where required for identity verification;
  • business name and role, where applicable.

Account and service information

  • booking details;
  • storage unit assignment and access history;
  • payment records and invoices;
  • contract terms and correspondence;
  • notes relating to service requests or complaints.

Verification and security information

  • proof of identity documents where necessary;
  • vehicle registration details where access control requires them;
  • security logs, CCTV footage, and access records;
  • incident reports and records of safety events.

Technical and communication data

  • IP address and device information when you interact with our digital services;
  • records of emails, calls, and messages;
  • service preferences and communication choices.

We do not intentionally collect special category data unless it is unavoidable, necessary, and permitted by law. If such information is provided to us incidentally, we will handle it with appropriate care and only where there is a lawful basis to do so.

3. How we use personal data

We use personal data for the following purposes:

  • to provide storage services and manage customer accounts;
  • to verify identity and prevent fraud;
  • to process payments and maintain financial records;
  • to communicate about bookings, access, notices, and service changes;
  • to monitor security, protect property, and manage site access;
  • to deal with queries, complaints, and disputes;
  • to comply with legal, regulatory, tax, and insurance obligations;
  • to improve our services, processes, and customer experience;
  • to establish, exercise, or defend legal claims.

We only use personal data for the purposes described above or for compatible purposes that are reasonably expected.

4. Lawful basis for processing

We process personal data only where the law allows us to do so. Depending on the circumstances, our lawful bases include:

Contract

We process personal data when it is necessary to enter into or perform a contract with you, such as providing storage services, managing your account, issuing invoices, and handling access arrangements.

Legal obligation

We may process data to comply with legal requirements, including tax, accounting, health and safety, fraud prevention, and lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests and those interests are not overridden by your rights and freedoms. This includes site security, CCTV monitoring, record keeping, service improvement, and administrative operations.

Consent

Where required by law, we rely on your consent. If consent is used as the lawful basis, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

Vital interests

In rare cases, we may process data to protect someone’s vital interests, for example in an emergency involving safety or health.

5. Sharing and processors

We may share personal data with trusted third parties who help us operate our business. These organisations act as processors when they handle data on our instructions, or as independent controllers where they determine their own purposes.

Our processors may include:

  • IT and cloud service providers;
  • payment processing providers;
  • security and CCTV service providers;
  • accounting and bookkeeping service providers;
  • customer communication and email systems;
  • professional advisers such as legal, insurance, or audit providers;
  • maintenance and facilities contractors where access to data is necessary.

All processors are required to protect personal data through appropriate contractual and technical safeguards. They may only process data according to our instructions and must not use it for their own purposes unless they are acting as an independent controller.

We may also disclose personal data where required by law, court order, regulatory request, or to protect our rights, customers, staff, premises, or property.

6. International transfers

If any processor or service provider processes data outside the UK, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, standard contractual clauses, or equivalent protective measures permitted under data protection law.

7. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, insurance, or reporting requirements. Retention periods vary depending on the type of data and the reason it is held.

  • Contract and account records: kept for the duration of the service relationship and for a further period where needed for legal claims or administration.
  • Financial and tax records: retained in line with statutory requirements.
  • Security logs and access records: kept for a limited period unless needed for an investigation, incident response, or legal matter.
  • Correspondence and complaints: retained as long as necessary to resolve the issue and demonstrate proper handling.
  • CCTV footage: stored for a limited retention period unless required for safety, evidence, or law enforcement purposes.

When data is no longer required, we delete it securely or anonymise it so that it can no longer identify you.

8. Security of personal data

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include access controls, encryption where appropriate, staff training, physical security, and regular review of data handling practices.

While no system can be guaranteed to be completely secure, we take reasonable steps to protect the information entrusted to us.

9. Your rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access: request a copy of the data we hold about you;
  • Right to rectification: ask us to correct inaccurate or incomplete data;
  • Right to erasure: request deletion of data in certain circumstances;
  • Right to restriction: request limited processing in certain situations;
  • Right to object: object to processing based on legitimate interests or direct marketing;
  • Right to data portability: receive certain data in a structured, commonly used format;
  • Right to withdraw consent: where processing is based on consent;
  • Right to complain: raise a concern with the relevant data protection authority.

These rights are not absolute and may be subject to legal exceptions or limitations. We will respond to valid requests in accordance with applicable law and may need to verify your identity before acting on a request.

10. Marketing communications

We may send service-related communications that are necessary for account management or contractual performance. Where we send optional marketing communications, we will do so only where permitted by law. You may opt out of marketing at any time, and we will respect your preferences.

11. Children’s data

Our storage services are intended for adults and businesses. We do not knowingly collect personal data from children unless it is provided in connection with a lawful account arrangement or emergency contact and is necessary for service administration.

12. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, business practices, or service arrangements. The most recent version will apply from the date it is published or otherwise communicated.

13. Summary of your privacy protections

In summary, Gunnersbury Storage collects only the information needed to provide secure and lawful storage services, uses it on an appropriate legal basis, shares it carefully with vetted processors, and keeps it only for as long as necessary. We are committed to respecting your privacy and handling personal data responsibly, transparently, and in line with data protection law.

Call Now!
Call Now Get a Quote
Gunnersbury Storage

GDPR-compliant privacy policy for Gunnersbury Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.