Privacy Policy - Fulwell Storage

This Privacy Policy explains how Fulwell Storage collects, uses, stores, shares, and protects personal data. It applies to all Fulwell Storage customers in the area, including prospective customers, current customers, former customers, and anyone who contacts us in relation to our storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

By using our services, you acknowledge that your personal data may be processed as described in this Privacy Policy. We aim to keep information about our practices clear and easy to understand so that you know what data we collect, why we collect it, how long we keep it, and what rights you have.

1. Data We Collect

We only collect personal data that is necessary for our legitimate business purposes and for providing storage services. The categories of data we may collect include:

  • Identity information such as your name, date of birth, and proof of identity where required.
  • Contact details such as your address, email address, and telephone number.
  • Account and contract details such as booking information, service selection, payment status, and customer reference numbers.
  • Payment information such as billing details and transaction records. We do not usually store full card information if payment is handled by a secure payment processor.
  • Security and access information such as site entry records, keyholder details, CCTV images where applicable, and incident reports.
  • Communications including correspondence, complaints, requests, and any records of service-related discussions.
  • Technical data if you interact with our digital services, including device identifiers, IP address, browser information, and usage logs.

We may also collect information about the goods stored when it is necessary for security, insurance, legal compliance, or risk management. We do not intentionally collect special category data unless it is provided by you and is necessary for a specific lawful purpose.

2. How We Use Your Data

We use personal data to manage our storage services and operate our business efficiently. Typical uses include:

  • setting up and administering customer accounts;
  • processing payments and issuing invoices;
  • verifying identity and preventing fraud;
  • managing access to storage units and site security;
  • communicating service updates, notices, or administrative information;
  • responding to enquiries, complaints, and support requests;
  • maintaining records, carrying out audits, and meeting legal obligations;
  • protecting our premises, staff, customers, and property;
  • improving our services, systems, and customer experience.

We only process data where there is a lawful basis to do so. In some cases, more than one lawful basis may apply to the same activity.

3. Lawful Basis for Processing

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, handling billing, providing access to your unit, and carrying out related administrative tasks.

Legal obligation

We may process data where required to comply with the law, such as tax rules, accounting obligations, anti-fraud requirements, and lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests and where those interests are not overridden by your rights. This may include protecting our site, preventing misuse, improving operations, keeping business records, and dealing with disputes.

Consent

In limited situations, we may rely on your consent, for example where it is appropriate to use certain optional services or communications. Where we rely on consent, you can withdraw it at any time, although this will not affect processing carried out before withdrawal.

Vital interests and public task

These lawful bases are unlikely to apply in most storage service situations, but they may be used if necessary in exceptional circumstances to protect a person’s life or comply with a public duty.

4. Sharing Your Information and Processors

We may share personal data with trusted third parties who act as processors or, in some cases, independent controllers. These organisations are only permitted to use your data for specified purposes and must keep it secure.

Processors may include:

  • IT and cloud service providers that host systems, email platforms, or data storage tools;
  • payment processors that handle card or electronic payments securely;
  • accounting and bookkeeping providers that support financial records and tax compliance;
  • security providers that assist with alarms, CCTV systems, or access control;
  • maintenance and facilities contractors where access is required to carry out work;
  • professional advisers such as lawyers, insurers, auditors, or consultants;
  • regulatory, law enforcement, or governmental bodies where disclosure is legally required.

Where we use processors, we take appropriate steps to ensure they process personal data securely, only on our instructions, and in compliance with data protection law. We do not sell personal data.

5. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, security, and dispute-resolution requirements. The length of time may vary depending on the type of information and the reason it is held.

  • Contract and account records are generally kept for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records are retained for the period required by law.
  • Security records such as access logs or incident reports are kept only as long as necessary for safety, investigation, or monitoring purposes.
  • Correspondence and complaints are retained while they are active and for a limited period after closure.

When personal data is no longer needed, we will delete it securely or anonymise it so that it can no longer identify you. Retention periods may be extended where required to establish, exercise, or defend legal claims.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, destruction, or misuse. These measures may include restricted access controls, encryption, secure storage, staff confidentiality obligations, and monitoring of systems where appropriate. While no system can be guaranteed to be completely secure, we take reasonable and proportionate steps to safeguard the information we hold.

7. Your Rights

Under data protection law, you have rights over your personal data. Depending on the circumstances, these may include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain cases.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to request transfer of certain data to you or another provider, where applicable.
  • Right to withdraw consent – where processing is based on consent.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to raise any concerns with us first so that we can attempt to resolve them promptly.

8. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect it. These safeguards may include adequacy regulations, standard contractual clauses, or equivalent legal mechanisms that ensure your information receives a level of protection consistent with UK data protection requirements.

9. Children’s Data

Our storage services are not aimed at children, and we do not knowingly collect personal data from children except where it is necessary and lawful in connection with a customer relationship or legal obligation. If we become aware that data has been collected inappropriately, we will take appropriate steps to delete or protect it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal requirements, or data protection practices. Any updated version will apply from the date it is published or otherwise communicated. We recommend reviewing this policy periodically so that you remain informed about how your data is handled.

11. Summary of Key Principles

Fulwell Storage processes personal data responsibly, for clear purposes, and on a valid legal basis. We collect only what we need, use it fairly, share it only with trusted processors or where legally required, and keep it only for as long as necessary. We respect your rights and are committed to maintaining the trust of all Fulwell Storage customers in the area.

Call Now!
Call Now Get a Quote
Fulwell Storage

GDPR-compliant Privacy Policy for Fulwell Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.