Privacy Policy - Canarywharf Storage

This Privacy Policy explains how Canarywharf Storage collects, uses, stores, shares, and protects personal data in connection with storage services provided to customers in the Canary Wharf area. It applies to all Canarywharf Storage customers in area, including prospective customers, account holders, authorised users, and individuals whose data is supplied in the course of booking, managing, paying for, or using our services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is intended to help you understand what information we process, why we process it, how long we keep it, and what rights you have.

1. Who this policy applies to

This policy applies to anyone whose personal data is processed by Canarywharf Storage in relation to our storage services. This includes individuals who:

  • request a quote or make an enquiry;
  • enter into a storage agreement;
  • use storage units, collection services, or related facilities;
  • make payments or manage an account;
  • provide emergency contact details or authorised access information;
  • communicate with us by phone, email, in writing, or in person;
  • are named on documents relating to a customer account.

2. Personal data we collect

We collect only the personal data needed to provide and manage our services, meet legal obligations, and protect our legitimate business interests. The types of data we may collect include:

Identity and contact information

  • Name
  • Address
  • Email address
  • Telephone number
  • Date of birth where necessary for identity verification

Account and service information

  • Storage unit or booking details
  • Customer reference numbers
  • Rental dates and service history
  • Access credentials or authorised user records
  • Communications about service requests, complaints, and support matters

Financial information

  • Payment status
  • Billing details
  • Transaction records
  • Limited payment-related information needed to process payments and prevent fraud

Security and operational information

  • Entry and access logs
  • CCTV footage where used for security and safety purposes
  • Incident reports and records of property damage, loss, or breaches of agreement
  • Verification documents, where required to protect against fraud or to comply with legal duties

We do not intentionally collect special category data unless it is provided by you and is necessary for a specific legal or operational reason. If such data is received, we will handle it with additional care and only where permitted by law.

3. How we use personal data

We use personal data for the following purposes:

  • to register and manage customer accounts;
  • to provide storage services and administer agreements;
  • to process payments, refunds, and account adjustments;
  • to verify identity and prevent fraud;
  • to maintain security, including access control and CCTV monitoring where applicable;
  • to contact customers about service changes, account issues, or safety matters;
  • to handle complaints, disputes, and customer support requests;
  • to comply with legal, regulatory, tax, and accounting obligations;
  • to improve our operations, services, and customer experience;
  • to defend or establish legal claims and manage insurance-related matters.

4. Lawful basis for processing

We only process personal data when we have a lawful basis under UK GDPR. Depending on the context, our lawful bases include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing bookings, providing storage services, handling payments, and administering account access.

Legal obligation

We process personal data where required to comply with legal obligations, such as tax, accounting, fraud prevention, regulatory reporting, and responding to lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests or those of a third party, provided your interests and fundamental rights do not override them. Legitimate interests may include security, preventing fraud, maintaining records, managing disputes, improving services, and protecting our property and customers.

Consent

In limited circumstances, we may rely on your consent, for example for certain optional communications or specific processing activities. Where consent is used, you may withdraw it at any time without affecting the lawfulness of processing before withdrawal.

5. Sharing and processors

We do not sell personal data. We may share personal data with trusted third parties where necessary to operate our services, comply with law, or protect our rights. These third parties may act as processors or, in some cases, as independent controllers.

Processors we may use

  • Payment service providers to process transactions securely;
  • IT and cloud service providers to host systems, store records, and support communications;
  • Security providers for alarm monitoring, access control, and CCTV-related support;
  • Professional advisers such as accountants, auditors, insurers, and legal advisers when necessary;
  • Administrative support providers assisting with customer records, document management, or service operations.

All processors are required to act only on our instructions, keep personal data secure, and use appropriate technical and organisational measures to protect it. Where data is transferred outside the UK, we ensure appropriate safeguards are in place as required by law.

6. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including satisfying legal, accounting, and reporting requirements. Retention periods depend on the type of record and the reason for processing.

  • Customer account and contract records are kept for the duration of the service relationship and for a reasonable period afterward.
  • Payment, invoicing, and tax records are kept for the periods required by law.
  • Security logs and CCTV footage are retained only for as long as needed for security and incident management, unless required longer for an investigation or legal claim.
  • Correspondence and complaint records are kept for a period appropriate to resolve disputes and demonstrate compliance.

When data is no longer required, we delete it securely or anonymise it so that it can no longer identify you.

7. Data security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, misuse, alteration, or disclosure. These measures may include restricted access controls, secure systems, staff confidentiality obligations, and regular review of security practices. While no system can be guaranteed completely secure, we take data protection seriously and work to minimise risk.

8. Your rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to conditions and exemptions depending on the circumstances.

  • Right of access: you can request a copy of the personal data we hold about you;
  • Right to rectification: you can ask us to correct inaccurate or incomplete information;
  • Right to erasure: you can ask us to delete your data where legally permitted;
  • Right to restriction: you can ask us to limit how we use your data in certain cases;
  • Right to object: you can object to processing based on legitimate interests or direct marketing;
  • Right to data portability: you can ask for certain data to be provided in a structured, commonly used format;
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

You also have the right to raise a concern with the UK Information Commissioner’s Office if you believe your data protection rights have been infringed. We encourage you to contact us first so we can try to address any issue promptly and fairly.

9. Children’s data

Our services are intended for adults and business customers. We do not knowingly collect personal data from children except where it is incidentally provided in connection with a customer account or legal requirement. If we learn that we have collected data from a child without lawful basis, we will take appropriate steps to delete or protect it.

10. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in law, our services, or how we process personal data. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

11. Summary of our commitment

Canarywharf Storage is committed to processing personal data responsibly, transparently, and lawfully. We collect only what we need, use it for clear and legitimate purposes, retain it for no longer than necessary, and work with trusted processors under strict safeguards. We respect your rights and aim to give all customers in the area confidence that their personal data is treated with care and in line with GDPR requirements.

Call Now!
Call Now Get a Quote
Canarywharf Storage

GDPR-compliant Privacy Policy for Canarywharf Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.