Privacy Policy - Freezywater Storage

Effective date: This Privacy Policy applies to all Freezywater Storage customers in area and explains how we collect, use, store, share, and protect personal data in line with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018.

We are committed to handling personal information fairly, lawfully, transparently, and securely. This policy applies to current, former, and prospective customers, as well as individuals who enquire about our storage services, visit our premises, or interact with us in connection with a storage agreement.

1. Personal Data We Collect

We collect only the personal data that is necessary for the operation of our storage services, customer management, legal compliance, and the protection of our business, customers, and premises.

Information you provide directly

  • Identity details such as your name, title, and date of birth where required.
  • Contact details including address, email address, and telephone number.
  • Account and service information including storage unit number, booking details, contract information, payment status, and correspondence.
  • Payment information such as billing records and payment method details processed through our payment providers. We do not store full card details where these are handled by a secure payment processor.
  • Identification documents where needed to verify identity, prevent fraud, comply with legal obligations, or support access control procedures.
  • Access records where your use of entry systems, keys, codes, or access credentials is logged for security reasons.
  • Communication records including emails, letters, phone notes, and complaint or incident reports.

Information we collect automatically

  • Security data such as CCTV footage, visitor logs, alarms, and access events collected to protect people and property.
  • Technical data where you use our digital systems, including device information, browser type, and IP-related security logs if relevant to system protection.

We do not intentionally collect special category data unless you voluntarily provide it or it is necessary for a specific legal or operational reason. If such information is shared with us, we will handle it with increased care and only where a lawful basis applies.

2. How We Use Personal Data

We use personal data to operate our storage services efficiently, maintain security, meet our legal responsibilities, and communicate with customers. Typical purposes include:

  • Setting up and managing customer accounts and storage agreements.
  • Verifying identity and preventing fraud or misuse.
  • Processing payments, refunds, invoices, and account administration.
  • Managing access to storage facilities and protecting premises.
  • Responding to enquiries, complaints, and service issues.
  • Maintaining records required for tax, legal, and regulatory purposes.
  • Detecting, investigating, and preventing crime, damage, or other unlawful activity.
  • Improving service delivery, internal administration, and operational planning.

We will not use your data for purposes that are incompatible with the reasons it was collected, unless we are required or permitted to do so by law.

3. Lawful Basis for Processing

We only process personal data where we have a valid lawful basis under data protection law. Depending on the activity, we rely on one or more of the following:

  • Contract – where processing is necessary to enter into or perform a storage agreement, including account management, billing, access control, and customer support.
  • Legal obligation – where we must retain or disclose information to comply with taxation, accounting, security, consumer, or other legal requirements.
  • Legitimate interests – where processing is necessary for our legitimate business interests, such as protecting our premises, preventing fraud, maintaining records, resolving disputes, and improving operations, provided these interests are not overridden by your rights and freedoms.
  • Consent – where we ask for your permission for a specific purpose, such as optional marketing communications or certain non-essential uses of data. You may withdraw consent at any time where consent is the lawful basis.

Where we rely on legitimate interests, we assess the potential impact on individuals and ensure the processing is proportionate, necessary, and appropriately safeguarded.

4. Sharing Personal Data and Processors

We may share personal data with carefully selected third parties when necessary for service delivery, legal compliance, and operational support. These parties act as data processors or independent controllers depending on the circumstances.

Processors we may use

  • Payment service providers that process payments securely on our behalf.
  • IT and cloud service providers that support our systems, storage, email, or security infrastructure.
  • Customer management and communication providers that help us manage bookings, reminders, and service correspondence.
  • Security service providers that assist with alarm monitoring, access control, or CCTV equipment maintenance.
  • Professional advisers such as accountants, auditors, insurers, or legal advisers where necessary.

We require processors to process personal data only on our instructions, to keep it confidential, and to implement appropriate technical and organisational security measures. We may also disclose data to law enforcement, regulators, courts, or other authorities where legally required or where disclosure is necessary to protect rights, safety, or property.

We do not sell your personal data.

5. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, or as required by law. Retention periods vary depending on the type of information and the legal or business need involved.

  • Customer account and contract records are usually kept for the duration of the agreement and for a further period to manage queries, claims, or disputes.
  • Financial and tax records are retained for the period required by law and accounting practice.
  • Security records, including CCTV and access logs, are retained only as long as necessary for safety, crime prevention, incident investigation, or legal defence.
  • Correspondence and complaint records are kept for an appropriate period to demonstrate how concerns were handled.

When data is no longer needed, we will delete it securely, anonymise it, or archive it in accordance with our retention procedures.

6. Data Security

We use appropriate physical, administrative, and technical safeguards to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access restrictions, staff confidentiality duties, secure storage, monitoring controls, and system protection measures. While no system can be guaranteed completely secure, we take reasonable steps to reduce risks and respond promptly to any suspected data incident.

7. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to obtain a copy of the personal data we hold about you.
  • Right to rectification – to request correction of inaccurate or incomplete information.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain situations.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

Some rights are subject to legal conditions and exceptions. For example, we may need to retain certain records for legal compliance, even where erasure is requested. We will explain any limitation if a requested action cannot be fully carried out.

If you believe your data protection rights have been infringed, you also have the right to lodge a complaint with the relevant supervisory authority.

8. Data Transfers

Where personal data is transferred outside the UK or European Economic Area, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We take steps to ensure that overseas processing offers a comparable level of protection.

9. Children’s Data

Our storage services are intended for adults and business or household customers. We do not knowingly collect personal data from children unless it is necessary for a lawful service-related purpose and appropriate protections are in place.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, business operations, or data processing practices. Any revised version will apply from the date it is issued. We encourage customers to review the policy periodically to stay informed about how personal data is handled.

Summary: This Privacy Policy explains how Freezywater Storage collects, uses, shares, stores, and protects customer data, including lawful basis, retention, processors, and user rights.

Call Now!
Call Now Get a Quote
Freezywater Storage

Freezywater Storage’s GDPR-compliant policy explains data collection, lawful basis, retention, processors, security, transfers, and customer rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.