Privacy Policy - Selfstorage Kentishtown

This Privacy Policy explains how Selfstorage Kentishtown collects, uses, stores, shares, and protects personal data relating to customers, prospective customers, visitors, and anyone else whose information we process in connection with our storage services. It applies to all Selfstorage Kentishtown customers in the area, including individuals and businesses using our facilities, making enquiries, signing agreements, or otherwise interacting with our services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018. This policy describes what information we collect, why we collect it, the legal grounds we rely on, how long we keep it, who may process it on our behalf, and the rights available to you as a data subject.

1. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity information such as your name, date of birth, and signature.
  • Contact details such as postal address, email address, and telephone number.
  • Account and agreement information including storage unit number, contract dates, payment plan details, access permissions, and account status.
  • Payment information such as billing records, payment confirmations, and limited transaction details. We do not intentionally store full card details where a payment processor is used.
  • Identification documents where required for verification, fraud prevention, or regulatory compliance.
  • CCTV and access records including images, entry logs, and activity records generated by security systems.
  • Communication records such as correspondence, complaints, service requests, and notes of telephone or in-person interactions.
  • Vehicle information where needed for site access, delivery, or security purposes.

We may receive personal data directly from you, from individuals authorised to act on your behalf, from payment providers, from identity verification services, or from security and access systems used at our premises.

2. How We Use Personal Data

Selfstorage Kentishtown processes personal data only when necessary for legitimate storage operations and legal compliance. The main purposes for which we use data include:

  • creating and managing customer accounts and storage agreements;
  • verifying identity and eligibility;
  • processing payments, refunds, and account administration;
  • providing access to storage units and site facilities;
  • communicating about service updates, renewals, notices, and account matters;
  • managing security, preventing theft, and protecting our property, staff, and customers;
  • resolving disputes, handling complaints, and maintaining internal records;
  • meeting legal, tax, accounting, insurance, and regulatory obligations;
  • detecting and preventing fraud, misuse, or unlawful activity.

We only use personal data for the purposes for which it was collected, unless we reasonably determine that another compatible purpose applies or we are otherwise permitted by law to do so.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis for every processing activity. Depending on the context, Selfstorage Kentishtown relies on the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with you. This includes setting up your storage account, managing your booking, providing access to a unit, and administering payment obligations.

Legal obligation

We process certain data to comply with legal duties, including accounting, record-keeping, tax rules, anti-fraud obligations, and lawful requests from public authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. These interests include site security, operational management, customer support, service improvement, loss prevention, and business record maintenance. Where we rely on legitimate interests, we consider the nature of the data, the context of processing, and any potential impact on you.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or where consent is specifically required by law. If we rely on consent, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

4. Sharing and Processors

We do not sell personal data. However, we may share it with trusted third parties where necessary to run our services, comply with legal requirements, or protect our legitimate interests. These parties act either as independent controllers or as processors acting on our instructions.

Examples of processors and service providers may include:

  • IT and hosting providers that support storage of account data and secure systems;
  • payment processors that handle billing and transaction processing;
  • identity verification providers that help confirm customer details;
  • security service providers supporting CCTV, alarms, and access control;
  • accounting and administrative providers assisting with bookkeeping and record management;
  • legal, insurance, and debt recovery professionals where necessary for claims, disputes, or compliance;
  • public authorities or regulators where disclosure is required by law.

Where we use processors, we require them to process data only on our documented instructions, to keep it secure, and to comply with applicable data protection obligations. We take reasonable steps to ensure that third parties provide appropriate technical and organisational safeguards.

5. Data Retention

We retain personal data only for as long as necessary for the purpose for which it was collected, and for any additional period required by law or justified by legitimate business needs.

Typical retention periods may include:

  • contract and account records: kept for the duration of the customer relationship and for a reasonable period afterwards;
  • financial and tax records: retained for the period required by law and accounting standards;
  • security records and CCTV footage: retained for a limited period unless needed longer for investigation, claims, or legal proceedings;
  • correspondence and complaints: retained as long as needed to manage the issue and demonstrate compliance;
  • identity verification records: retained only as long as necessary for verification, fraud prevention, and legal compliance.

When data is no longer required, we will securely delete, anonymise, or otherwise dispose of it in a safe and appropriate manner.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, disclosure, or alteration. These measures may include access controls, encryption, secure storage, staff training, activity monitoring, and restricted permissions. While no system can be completely risk-free, we work continuously to reduce risks and protect the integrity and confidentiality of the information we hold.

7. Your Rights

As a data subject, you have rights under data protection law. Subject to legal limits and verification of identity, you may have the right to:

  • access the personal data we hold about you;
  • rectify inaccurate or incomplete information;
  • erase your data in certain circumstances;
  • restrict processing in certain situations;
  • object to processing based on legitimate interests or direct marketing;
  • data portability for information processed by automated means and based on contract or consent;
  • withdraw consent where processing is based on consent;
  • challenge decisions that have legal or similarly significant effects, where applicable.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data rights have been infringed. We encourage you to raise concerns with us first so that we may try to resolve the matter promptly and fairly.

8. Special Circumstances and Additional Information

We may occasionally process data where it is necessary to establish, exercise, or defend legal claims. We may also retain records where deletion would interfere with a legal investigation, dispute resolution, or regulatory requirement. If we need to process sensitive personal data, we will do so only where permitted by law and with suitable safeguards.

Where children’s data is involved, for example where a parent or guardian manages a storage arrangement, we take extra care to ensure the processing is appropriate and lawful.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, technology, operational practices, or service arrangements. Any revised version will apply from the date it becomes effective. We encourage customers to review the policy periodically so they remain informed about how their personal data is used.

Summary: Selfstorage Kentishtown processes customer data lawfully for storage services, security, compliance, and support, with clear retention rules and rights for data subjects.

Call Now!
Call Now Get a Quote
Selfstorage Kentishtown

Selfstorage Kentishtown’s GDPR privacy policy covers data collection, lawful bases, retention, processors, security, and customer rights for all area customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.