Self Storage Kensington Privacy Policy
This Privacy Policy explains how Self Storage Kensington collects, uses, stores, shares, and protects personal data relating to customers and prospective customers in the Kensington area. It also explains your rights under the UK General Data Protection Regulation and related data protection laws, and how you can exercise those rights.
This Privacy Policy applies to all Self Storage Kensington customers, account holders, website users, and individuals who contact or interact with Self Storage Kensington in the Kensington area, whether in person, by post, by telephone, or online.
Who We Are and Scope of This Policy
Self Storage Kensington is a provider of self storage facilities and related services in the Kensington area. For the purposes of data protection law, Self Storage Kensington is the data controller in relation to the personal data described in this Privacy Policy. This means we decide how and why your personal data is used.
This Privacy Policy covers personal data that we collect about individuals in the context of enquiries, bookings, ongoing storage agreements, and related communications and services in the Kensington area.
Personal Data We Collect
We only collect personal data that is relevant to the storage and related services we provide. The categories of personal data we may collect include:
Identification and contact details: name, postal address, billing address, contact address, date of birth, and any identification documents you provide, such as passport or driving licence details where required for verification purposes.
Contact and account information: email address, username or account identifiers, communication preferences, and records of correspondence with us.
Contract and service information: storage unit numbers, access codes, details of services requested or purchased, contract start and end dates, payment history, and related service records.
Payment and billing information: payment method details such as card type and limited card details, billing records, invoices, and information relating to payment status. Payment card data may be processed by our payment service providers on our behalf.
Technical and usage data: when you use our website or digital services, we may collect technical data such as IP address, device type, and basic usage information for security, system administration, and analytics purposes.
Security and access data: information captured for site security and safety purposes, such as CCTV imagery in public and common areas of our facilities, access logs and entry records, and incident reports where relevant.
How We Collect Your Data
We collect personal data in various ways, including:
Directly from you when you make an enquiry, request a quote, sign a storage agreement, create an account, visit our facilities, or communicate with us by any channel.
Automatically when you visit our website or use our online services, through cookies and similar technologies used for essential operations, security, and basic analytics.
From third parties, where lawful and appropriate, such as payment service providers processing transactions on our behalf, credit reference agencies if we carry out checks, or security service providers assisting us with incident investigations.
Lawful Basis for Processing Your Data
We process your personal data only when we have a lawful basis to do so. Depending on the specific processing activity, our lawful bases may include:
Performance of a contract: to take steps at your request before entering into a contract, and to perform our obligations under a storage or services agreement with you. This includes managing your reservation, providing access to your unit, processing payments, and handling customer service communications.
Compliance with legal obligations: to comply with applicable laws and regulations, including tax and accounting rules, anti-money laundering and fraud prevention requirements, and obligations relating to health and safety and security.
Legitimate interests: where our processing is necessary for our legitimate business interests or those of a third party, and these interests are not overridden by your rights and interests. This may include ensuring the security of our premises and systems, improving our services, managing disputes or claims, and conducting basic analytics and reporting.
Consent: in certain limited situations we may rely on your consent, for example for some direct marketing communications or optional cookies. When we rely on consent, you can withdraw it at any time, and we will explain how you can do this at the point where consent is requested.
How We Use Your Personal Data
We may use your personal data for the following purposes:
To provide storage and related services, including setting up and managing your account, administering contracts, processing payments, operating access controls, and providing customer support.
To communicate with you about your enquiries, bookings, contracts, payment status, access arrangements, and any changes to our terms or policies.
To maintain the safety and security of our customers, staff, premises, and property, including through access control systems and CCTV monitoring in common areas of our facilities.
To manage and improve our operations, website, and services, including conducting internal reporting, service quality checks, and limited statistical analysis.
To comply with our legal and regulatory obligations, respond to lawful requests from public authorities, and protect or defend our legal rights and interests.
To send you information about our services that may be of interest to you where permitted by law and, where required, where you have given your consent. You can opt out of marketing communications at any time.
Sharing Your Personal Data
We may share your personal data with carefully selected third parties where necessary for the purposes described in this Privacy Policy and where permitted by law. These third parties act either as data processors on our behalf or as separate controllers.
Data processors working on our behalf may include:
Payment service providers who process card and other payments securely.
IT and cloud service providers who host our systems and data or support our software and communications infrastructure.
Security service providers involved in the operation and maintenance of security systems, including CCTV and access control solutions.
Professional advisers such as legal, accounting, or insurance providers where required in the management of our business and the resolution of disputes or claims.
Where third parties act as data processors, they are only permitted to process your personal data in accordance with our instructions, for specified purposes, and must implement appropriate security measures.
We may also share personal data with law enforcement agencies, regulators, public authorities, or other parties when required by law, to exercise or defend legal claims, or to protect the rights, property, or safety of our customers, staff, or others.
Data Retention
We keep personal data only for as long as is reasonably necessary for the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, tax, accounting, or reporting requirements.
In general, we will retain data relating to your contract and account for the duration of your relationship with us and for a reasonable period afterwards, so that we can respond to any queries, manage any disputes, and meet our legal obligations. CCTV recordings and access logs are retained for shorter periods, unless a longer retention period is required in connection with a specific incident, investigation, or legal claim.
When personal data is no longer needed, we will securely delete or anonymise it in accordance with our retention and information security procedures.
International Data Transfers
Where we engage service providers or use systems that involve transferring personal data outside the United Kingdom, we will ensure that appropriate safeguards are in place to protect your data in accordance with data protection law. This may include the use of recognised transfer mechanisms or contracts designed to ensure that your personal data is protected to a standard essentially equivalent to that in the United Kingdom.
Data Security
We take the security of your personal data seriously and implement appropriate technical and organisational measures to protect it against unauthorised or unlawful processing, accidental loss, destruction, or damage. These measures include access controls, secure storage systems, staff training, and regular review of our data handling practices. While we take steps to protect your personal data, no system can be guaranteed as completely secure.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions. These may include:
The right of access: to obtain confirmation as to whether we process your personal data and to request a copy of your data.
The right to rectification: to request that inaccurate or incomplete personal data is corrected or updated.
The right to erasure: to request that we delete your personal data in certain circumstances, for example where it is no longer necessary for the purposes for which it was collected and we have no overriding legitimate grounds to continue processing it.
The right to restriction of processing: to request that we limit the processing of your personal data in certain situations, for example while we are handling a request to rectify your data.
The right to data portability: to receive personal data that you have provided to us in a structured, commonly used, and machine-readable format, and to request that we transmit that data to another controller where technically feasible.
The right to object: to object to our processing of your personal data where we are relying on legitimate interests as our lawful basis, including in relation to direct marketing.
Where we rely on your consent to process your data, you have the right to withdraw that consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
You also have the right to lodge a complaint with the relevant data protection supervisory authority if you believe your rights have been infringed. We would, however, encourage you to contact us in the first instance so we can seek to resolve any concerns.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal or regulatory developments, or for other operational reasons. Any updated version will apply to all ongoing and new interactions with Self Storage Kensington in the Kensington area from the date it is made available. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal data.
This Privacy Policy applies to all Self Storage Kensington customers and prospective customers in the Kensington area and forms part of the terms under which we provide our storage and related services.
