Privacy Policy - Kingsbury Storage

Effective date: This Privacy Policy applies to all Kingsbury Storage customers in the area and explains how we collect, use, disclose, store, and protect personal data in connection with our storage services, account management, access control, billing, and customer support activities.

We are committed to handling personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable privacy laws. This policy is intended to be clear, transparent, and fair. Please read it carefully to understand how your information is used and what rights you have.

1. Who We Are

Kingsbury Storage provides storage services to individuals and businesses in the area. In the course of providing these services, we act as a data controller for the personal data we collect and process about our customers, prospective customers, visitors, and other individuals whose information is used for operational, legal, or administrative purposes.

Data controller means we determine the purposes and means of processing personal data. Where we use third-party providers to support our services, those parties may act as data processors or, in some cases, independent controllers depending on the nature of the service.

2. Personal Data We Collect

We only collect personal data that is relevant and necessary for providing our services, meeting legal obligations, and operating our business effectively. Depending on your interaction with us, we may collect the following categories of information:

  • Identity information, such as your name, title, and identification details where required for security or verification.
  • Contact information, such as postal address, telephone number, and email address.
  • Account and customer records, including storage unit details, booking information, service preferences, and communications with us.
  • Payment information, such as billing records, payment status, and transaction references. We do not retain full card details where payment services are handled securely by third-party providers.
  • Security and access information, such as access logs, entry times, CCTV images where used, and incident reports.
  • Usage and operational information, including records related to your storage unit, service changes, complaints, and support requests.
  • Technical information, where applicable, such as device or system logs collected when you interact with our digital systems.

We may also receive information from third parties, such as payment processors, credit reference agencies where lawful, fraud prevention services, insurance partners, or public sources where relevant and permitted by law.

3. How We Use Personal Data

We use personal data for the following purposes:

  • to provide and manage storage services;
  • to set up and administer customer accounts;
  • to verify identity and prevent misuse or fraud;
  • to process payments and manage billing;
  • to communicate about bookings, access, notices, service updates, and support matters;
  • to maintain site and customer security, including access monitoring and incident management;
  • to comply with legal, regulatory, tax, accounting, and insurance requirements;
  • to resolve disputes, enforce agreements, and protect our legitimate business interests;
  • to improve service quality, performance, and operational efficiency.

We do not use personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so.

4. Lawful Basis for Processing

We process personal data only where we have a valid lawful basis under UK GDPR. Depending on the context, the lawful basis may include:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes managing your storage agreement, providing access to your unit, handling payments, and delivering customer support.

Legal obligation

We may process personal data where required to comply with legal obligations, including tax records, accounting rules, health and safety obligations, security requirements, and lawful requests from authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include site security, fraud prevention, business administration, service improvement, and protecting our property and customers.

Consent

Where required by law, we will rely on your consent. For example, certain optional communications or non-essential processing may only take place if you have agreed. You may withdraw consent at any time, without affecting processing already carried out lawfully before withdrawal.

Vital interests and public task

These lawful bases are unlikely to apply in most storage service situations, but if they do, we will only process data where necessary and permitted by law.

5. Disclosure of Personal Data

We may share personal data with trusted third parties only when necessary and appropriate. These may include:

  • Data processors who provide services on our behalf, such as IT hosting, customer management systems, payment processing, document storage, security monitoring, and maintenance support.
  • Professional advisers, such as accountants, auditors, insurers, legal advisers, and consultants.
  • Regulators, authorities, and law enforcement, where disclosure is required by law or necessary to protect rights, safety, or property.
  • Business partners, where needed to deliver a service you have requested and where appropriate safeguards are in place.

All processors are required to act only on our instructions, keep data secure, and comply with applicable data protection laws. We do not sell personal data.

6. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including meeting legal, accounting, security, and reporting obligations. Retention periods depend on the type of data and the reason we hold it.

In general:

  • customer account and contract records are kept for the duration of the service relationship and for a reasonable period afterwards;
  • financial and billing records are retained for the period required by tax and accounting law;
  • security logs and access records are retained for a limited period unless needed longer for investigation, incident response, or legal claims;
  • complaints, correspondence, and dispute records may be retained for as long as necessary to address the matter and defend legal claims.

When data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you. Where we are legally required to keep certain records, we will do so for the relevant statutory period.

7. International Transfers

If we transfer personal data outside the UK, we will ensure appropriate safeguards are in place in accordance with data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We will only transfer data where necessary and where adequate protection can be maintained.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, disclosure, or destruction. These measures may include access restrictions, secure storage, staff confidentiality obligations, system monitoring, and supplier controls. While no system can be guaranteed to be completely secure, we take reasonable steps to reduce risk and respond promptly to incidents.

9. Your Rights

Under data protection law, you may have the following rights in relation to your personal data:

  • Right of access – to request a copy of the personal data we hold about you.
  • Right to rectification – to ask us to correct inaccurate or incomplete data.
  • Right to erasure – to request deletion of your data in certain circumstances.
  • Right to restriction – to ask us to limit how we use your data in certain cases.
  • Right to object – to object to processing based on legitimate interests or direct marketing.
  • Right to data portability – to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent – where processing is based on consent.
  • Right to complain – to raise concerns with the relevant supervisory authority if you believe your rights have been infringed.

Some rights are subject to legal conditions and may not apply in every situation. We will assess each request carefully and respond within the time required by law.

10. Children’s Data

Our storage services are not directed at children. We do not knowingly collect personal data from children unless it is necessary for a lawful reason and appropriate safeguards are in place. If we become aware that we have collected data from a child without a valid basis, we will take steps to delete it or obtain the necessary permissions where lawful.

11. Automated Decision-Making

We do not carry out decisions based solely on automated processing that produce legal or similarly significant effects on customers, unless this is lawful, necessary, and subject to suitable safeguards. If we ever use automated tools in a way that materially affects you, we will provide appropriate information about how they work and your rights.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in law, service arrangements, or operational practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their data is handled.

13. Summary of Key Points

In summary: Kingsbury Storage collects only the personal data needed to provide storage services, manage accounts, protect security, and meet legal obligations. We process data on lawful bases including contract, legal obligation, legitimate interests, and, where relevant, consent. We retain data only as long as necessary, share it only with appropriate processors and other permitted recipients, and respect your data protection rights under applicable law.

This policy applies to all Kingsbury Storage customers in the area.

Call Now!
Call Now Get a Quote
Kingsbury Storage

GDPR-compliant Privacy Policy for Kingsbury Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.