Privacy Policy - Kensington Storage

This Privacy Policy explains how Kensington Storage collects, uses, shares, stores, and protects personal data. It applies to all Kensington Storage customers in the area, including prospective customers, current customers, former customers, and individuals who interact with us in connection with storage services, account administration, billing, access control, and customer support.

1. Who We Are

Kensington Storage is the data controller for the personal data described in this Privacy Policy. This means we determine the purposes and means of processing personal data in connection with our storage services and related operations. We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, as well as other applicable privacy laws where relevant.

2. Personal Data We Collect

We collect only the personal data that is necessary for running our storage services, managing customer relationships, and meeting legal and security obligations. Depending on how you use our services, we may collect the following categories of data:

  • Identity data such as your name, date of birth, and proof of identity where required.
  • Contact data such as billing address, email address, and telephone number.
  • Account and customer records such as customer reference numbers, storage unit details, access permissions, and service history.
  • Payment data such as payment status, transaction records, and limited billing information processed through payment providers. We do not store full card details unless necessary and permitted by our payment arrangements.
  • Access and security data such as entry logs, key fob records, CCTV footage, alarm events, and incident reports where applicable.
  • Communications data such as enquiries, complaints, correspondence, and call records if you contact us.
  • Technical data such as device or browser information if you interact with our digital systems, where applicable.

We generally do not seek to collect special category data. However, if such information is inadvertently included in communications, we will handle it with appropriate care and only where there is a lawful basis to do so.

3. How We Collect Personal Data

We may collect personal data directly from you when you complete booking forms, sign agreements, make payments, provide identification, or communicate with us. We may also receive data from third parties such as payment processors, identity verification providers, insurers, debt recovery providers, maintenance contractors, legal advisers, or public authorities where necessary and lawful.

In addition, certain data may be collected automatically through access control systems, CCTV, and other site security measures for the purpose of safeguarding people, property, and premises.

4. How We Use Personal Data

We use personal data only for specific, explicit, and legitimate purposes. These may include:

  • providing storage services and administering accounts;
  • verifying identity and managing site access;
  • processing payments and managing billing;
  • communicating about bookings, renewals, notices, and service updates;
  • protecting customers, staff, visitors, and property through security measures;
  • preventing fraud, misuse, or unauthorised access;
  • handling complaints, disputes, or legal claims;
  • complying with legal, tax, insurance, and regulatory obligations;
  • maintaining business records and improving operational efficiency.

We only process personal data in ways that are compatible with these purposes, unless we obtain consent or are otherwise permitted or required by law.

5. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Kensington Storage relies on the following bases, depending on the activity involved:

Contract

We process personal data when it is necessary to enter into or perform a contract with you. This includes setting up your account, managing your storage unit, taking payment, and communicating service-related notices.

Legal Obligation

We process personal data where required to comply with laws and regulations, including accounting, tax, record-keeping, fraud prevention, health and safety, and lawful requests from public authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights and freedoms. Our legitimate interests include operating our storage facilities efficiently, protecting premises, preventing crime, improving services, managing disputes, and securing our systems and assets.

Consent

In limited situations, we may rely on your consent, for example where the law requires it for certain optional communications or uses. Where consent is used as the lawful basis, you may withdraw it at any time.

6. Sharing and Processors

We may share personal data with trusted third parties who act as processors on our behalf or, in limited cases, as independent controllers. We require appropriate contractual safeguards and only share information that is necessary for the relevant purpose.

Typical processors and service providers may include:

  • payment processing providers;
  • IT hosting, cloud storage, and software providers;
  • security and CCTV system providers;
  • maintenance and facilities contractors;
  • customer service and communications platforms;
  • professional advisers such as accountants, auditors, insurers, and lawyers;
  • debt recovery or credit control providers where legally permitted;
  • identity verification or fraud prevention services.

We may also disclose personal data if required by law, court order, regulator, or law enforcement agency, or where necessary to protect the rights, property, or safety of Kensington Storage, our customers, staff, or others.

Processors are only allowed to act on our instructions and must keep personal data secure, confidential, and used solely for the services we instruct them to provide.

7. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, operational, and reporting requirements. Retention periods depend on the type of data and the reason it is held.

  • Customer account and contract records are normally retained for the duration of the customer relationship and for a further period after closure to manage claims, disputes, and legal obligations.
  • Payment and billing records are retained for the period required by tax and accounting laws.
  • Security records such as access logs and CCTV may be retained for a shorter period unless needed for incident investigation, crime prevention, or legal proceedings.
  • Communications and complaints are retained for as long as needed to resolve the matter and maintain appropriate business records.

When personal data is no longer required, it will be securely deleted, anonymised, or archived in line with our retention procedures.

8. International Transfers

If any of our service providers process personal data outside the UK, we will ensure appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or equivalent legal mechanisms. We take steps to ensure that transferred data receives a level of protection consistent with UK data protection law.

9. Your Rights

Under data protection law, you have several rights in relation to your personal data. These rights may be subject to legal limits and exemptions, but we will always consider your request carefully. Your rights include:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data protection rights have been breached.

10. Security of Personal Data

We use appropriate technical and organisational measures to protect personal data from accidental loss, unauthorised access, misuse, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, monitoring, and security systems on site and in our information systems.

While we take data security seriously, no system can be guaranteed completely secure. We therefore maintain procedures to identify, investigate, and respond to suspected data incidents promptly.

11. Automated Decision-Making

We do not generally rely on fully automated decision-making that produces legal or similarly significant effects about you. If this changes, we will provide appropriate information about the logic involved and your rights in relation to such processing.

12. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or service arrangements. Any updated version will apply from the date it is published or otherwise communicated. We encourage customers to review this policy periodically.

13. Summary of Key Commitments

  • We process personal data fairly, lawfully, and transparently.
  • We collect only data needed for storage services, security, and legal compliance.
  • We use personal data on lawful bases including contract, legal obligation, legitimate interests, and consent where applicable.
  • We share data only with trusted processors or when required by law.
  • We keep personal data only as long as necessary and protect it with appropriate safeguards.
  • We respect and support your data protection rights.

This Privacy Policy applies to all Kensington Storage customers in the area and is intended to provide clear, lawful, and transparent information about how we handle personal data.

Call Now!
Call Now Get a Quote
Kensington Storage

GDPR-compliant privacy policy for Kensington Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in the area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.