Privacy Policy - Kentishtown Storage

Effective Date: This Privacy Policy applies to all Kentishtown Storage customers in the area and explains how we collect, use, store, share, and protect personal data in connection with our storage services.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. This policy is written to help you understand what information we collect, why we collect it, how long we keep it, and the rights you have over your personal data.

1. Who We Are

Kentishtown Storage provides storage services to individuals and businesses in the area. For the purposes of data protection law, we are the data controller for the personal data we collect in relation to our customers, prospective customers, visitors, and other individuals who interact with us in connection with our services.

This means we decide how and why your personal data is processed, within the limits of applicable law.

2. Personal Data We Collect

We collect only the personal data that is necessary for the operation of our storage services, for legal compliance, and for the protection of our business, customers, and property. Depending on how you interact with us, we may collect the following categories of data:

  • Identity data such as your name, date of birth, and identification details.
  • Contact data such as your address, email address, and telephone number.
  • Account and contract data such as booking details, storage unit number, contract terms, payment records, and service history.
  • Financial data such as billing information, payment status, and limited payment-related records.
  • Verification data such as copies of identity documents where required for fraud prevention, security, or legal compliance.
  • Security data such as CCTV footage, entry logs, alarm records, and access control records where applicable.
  • Communication data such as emails, messages, written complaints, and customer service correspondence.
  • Technical data such as IP address, browser type, and device-related information if you interact with our digital systems.

We do not intentionally collect special category data unless you choose to provide it or it is required in a specific legal context. If such data is provided, we will process it only where a lawful basis exists and where extra safeguards apply.

3. How We Use Your Personal Data

We use personal data for the following purposes:

  • to create and manage your storage agreement;
  • to verify your identity and protect against fraud, theft, and misuse;
  • to provide access to storage units and related services;
  • to process payments, refunds, and account administration;
  • to communicate with you about your account or service changes;
  • to monitor the safety and security of our premises, customers, and staff;
  • to comply with legal and regulatory obligations;
  • to handle disputes, claims, complaints, and enforcement matters;
  • to maintain business records and support internal audit functions.

We will always limit our use of personal data to what is relevant and necessary for the stated purpose.

4. Lawful Basis for Processing

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following lawful bases, depending on the activity involved:

Contract

We process your data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing access, issuing invoices, and providing the storage service you have requested.

Legal obligation

We process certain information where needed to comply with legal obligations, including accounting, tax, insurance, fraud prevention, and lawful requests from public authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. Our legitimate interests include site security, prevention of criminal activity, internal administration, service improvement, and protection of our property and customers.

Consent

In limited situations, we may rely on your consent, for example where you agree to receive optional communications. If we rely on consent, you may withdraw it at any time.

Important: We do not rely on consent where another lawful basis is more appropriate or required by law.

5. Sharing and Processors

We may share personal data with trusted third parties who act as processors or, in some cases, independent controllers. These parties only receive the data necessary for their role and must handle it securely and lawfully.

Processors may include:

  • Payment service providers that process card or electronic payments;
  • IT and cloud service providers that host or maintain our systems and records;
  • Security service providers that support alarms, access control, or surveillance systems;
  • Accountancy and audit providers that assist with finance, tax, and compliance;
  • Maintenance and facilities contractors where access to data is necessary for service delivery or safety;
  • Legal and professional advisers where advice or representation is required;
  • Public authorities, law enforcement, or regulators where disclosure is required by law or necessary to protect rights and property.

Where a processor is used, we require appropriate contractual protections, including confidentiality obligations, security measures, and limits on further processing. We do not sell personal data.

6. International Transfers

If any of our processors or service providers transfer personal data outside the United Kingdom, we will ensure appropriate safeguards are in place. This may include an adequacy decision, standard contractual clauses, or other legally approved transfer mechanisms.

7. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for the purposes of meeting legal, accounting, insurance, and reporting requirements.

Retention periods vary depending on the type of information and the purpose for which it is used. As a general approach:

  • Contract and account records are usually retained for the duration of the agreement and for a reasonable period afterwards to deal with queries, disputes, and legal claims;
  • Financial and tax records are retained for the period required by law;
  • Security records such as CCTV and access logs are retained for a limited period unless needed for an incident, investigation, or legal matter;
  • Correspondence and complaints are kept for as long as necessary to resolve the issue and for record-keeping purposes;
  • Marketing or consent-based records are kept until consent is withdrawn or the data is no longer needed.

When data is no longer required, it is securely deleted, anonymised, or destroyed.

8. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include secure systems, access restrictions, staff training, encryption where appropriate, and physical security controls.

While we work hard to protect your data, no system can be guaranteed to be completely secure. If a personal data breach occurs, we will assess it promptly and take the action required by law.

9. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be limited in some circumstances, but we will always explain our decision if we cannot act on a request.

  • Right of access – you may request confirmation of whether we process your data and obtain a copy of it.
  • Right to rectification – you may ask us to correct inaccurate or incomplete data.
  • Right to erasure – in some cases, you may ask us to delete your data.
  • Right to restriction – you may ask us to limit the way we use your data in certain circumstances.
  • Right to data portability – where applicable, you may request a copy of certain data in a structured, machine-readable format.
  • Right to object – you may object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you are unhappy with how we handle your personal data. We encourage you to raise concerns with us first so we can try to resolve them quickly.

10. Children

Our storage services are intended for adults and business customers. We do not knowingly collect personal data from children unless necessary in connection with an account or legal obligation, and any such processing will be limited and handled carefully.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or how we process personal data. The updated version will apply from the date it takes effect. We encourage you to review it periodically to stay informed.

12. Summary of Our Commitment

Kentishtown Storage is committed to processing personal data fairly, lawfully, and transparently. We only collect what we need, use it for clear and lawful purposes, keep it only as long as necessary, and protect it with appropriate safeguards. Our approach is based on data minimisation, security, and respect for your rights.

By using our services, you acknowledge that your personal data may be processed in accordance with this Privacy Policy and applicable data protection law.

Call Now!
Call Now Get a Quote
Kentishtown Storage

GDPR-compliant Privacy Policy for Kentishtown Storage covering data collection, lawful basis, retention, processors, and user rights for all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.