Self Storage West Kensington Privacy Policy
This Privacy Policy explains how Self Storage West Kensington collects, uses, stores and protects personal data relating to our customers and prospective customers. It applies to all Self Storage West Kensington customers and enquirers located in the West Kensington area and to anyone who uses our storage services or contacts us about them.
We process personal data in accordance with the UK General Data Protection Regulation and the Data Protection Act 2018. This policy is intended to be clear and transparent so that you understand how and why we use your information.
Who We Are and Scope of This Policy
Self Storage West Kensington is a storage services provider offering storage units and related services to individuals and businesses in the West Kensington area. For the purposes of data protection law, we act as the data controller in relation to the personal data described in this policy. This policy applies whenever you interact with us, including when you visit our premises, make an enquiry, enter into a storage agreement, or use any related services we provide.
Types of Personal Data We Collect
We may collect and process the following categories of personal data:
Identification and contact details: name, postal address, billing address, identification documents or numbers, and other contact details such as general correspondence details you choose to give us.
Customer account and contract details: storage unit number, contract start and end dates, services selected, payment history, security deposit details and communications relating to your account.
Financial and payment information: payment method details, transaction records and billing information required to process payments. We do not store full card details when payment is processed through secure third-party payment processors.
Access and security data: records of site access where access control systems are used, CCTV images recorded on and around our premises, and information about authorised persons who may access your unit on your behalf.
Communication data: information you provide when you contact us in person, by post, or through other communication channels, including complaints, enquiries, feedback and any correspondence relating to your storage agreement.
Technical and usage data: if you use any online tools or services we provide, we may collect limited technical data such as device identifiers and interaction information, to the extent necessary to operate and secure those tools. We do not engage in automated decision making that produces legal or similarly significant effects on you.
Lawful Basis for Processing Your Data
We only process your personal data where we have a lawful basis under data protection law. Depending on the context, this will be one or more of the following:
Contract: we process personal data where it is necessary to enter into or perform a storage agreement with you. This includes processing your contact details, identification information, payment data, and access records needed to manage your storage unit and related services.
Legal obligation: we process data where we are required to do so by law or regulation, for example to comply with tax, accounting, anti-money laundering, or law enforcement requirements.
Legitimate interests: we process certain data where it is necessary for our legitimate business interests, and where these interests are not overridden by your rights and freedoms. This includes maintaining site security through CCTV, managing and improving our services, handling enquiries, preventing fraud, and protecting our property and the property of our customers.
Consent: in limited circumstances we may rely on your consent, for example for optional marketing communications. Where we rely on consent, you can withdraw it at any time by contacting us using the details in your agreement or other communications we send to you.
How We Use Your Personal Data
We use your personal data for the following purposes:
To set up and manage your storage account, including verifying your identity where appropriate, preparing and administering your storage agreement, and managing your unit allocation.
To process payments, security deposits, refunds and any charges associated with your storage agreement.
To maintain security and safety on our site, including managing access controls, monitoring CCTV for crime prevention, and investigating incidents or suspected misuse.
To communicate with you about your account, including notices about payments, renewals, changes to terms, operational information and responses to enquiries or complaints.
To meet our legal and regulatory obligations, including record keeping, tax reporting and responding to lawful requests from public authorities.
To operate, maintain and improve our services and premises, including quality assurance, staff training and service development.
Data Sharing and Processors
We may share your personal data with trusted third parties to help us deliver our services. These third parties act either as data processors on our behalf or, in some cases, as separate controllers. We require all processors to handle personal data securely and only in accordance with our instructions and applicable law.
We may share data with:
Payment processing providers, for secure processing of card or electronic payments.
IT and system support providers who maintain our customer databases, access control systems and other operational tools.
Professional advisors, such as accountants, auditors or legal advisors, where this is necessary to obtain professional services.
Law enforcement agencies, regulators or public authorities, where we are legally required or permitted to do so, or where necessary to protect our rights, property or the safety of our customers and staff.
We do not sell your personal data to third parties. If we are involved in a business transfer or reorganisation, your data may be transferred as part of that process, in which case you will be informed as required by law.
International Transfers
Where we use service providers or systems that may involve the transfer of personal data outside the United Kingdom, we will ensure that appropriate safeguards are in place. These may include decisions by relevant authorities that a country provides an adequate level of protection, or the use of approved standard contractual clauses or equivalent measures.
Data Retention
We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, and to meet legal, accounting or reporting obligations.
In general, we retain customer account and contract information for a period after the end of your storage agreement, to resolve disputes, respond to queries, and meet legal requirements. CCTV footage and access records are kept for shorter periods, unless an incident requires us to keep them for longer in connection with an investigation or legal claim.
When personal data is no longer needed, we will securely delete or anonymise it so that it can no longer be associated with you.
Security of Your Personal Data
We take appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, misuse, alteration or disclosure. These measures include access controls, secure storage systems, staff training and procedures to deal with any suspected personal data breach. While we cannot guarantee absolute security, we are committed to safeguarding the information we hold.
Your Data Protection Rights
Under data protection law, you have a number of rights in relation to your personal data, subject to certain conditions and exemptions. These include:
Right of access: you can request confirmation that we process your personal data and ask for a copy of the data we hold about you.
Right to rectification: you can ask us to correct inaccurate or incomplete personal data that we hold.
Right to erasure: in certain circumstances, you can ask us to delete your personal data, for example where it is no longer needed for the purposes for which it was collected, or where you withdraw consent and there is no other legal basis for processing.
Right to restriction: you can ask us to restrict the processing of your personal data in certain situations, for example while we verify the accuracy of the data or our grounds for processing it.
Right to object: you can object to processing based on our legitimate interests, on grounds relating to your particular situation. We will stop processing unless we can demonstrate compelling legitimate grounds that override your interests, rights and freedoms, or where processing is required for legal claims.
Right to data portability: where processing is based on consent or contract and carried out by automated means, you can request that we provide your personal data in a structured, commonly used and machine-readable format or, where technically feasible, transmit it to another controller.
Right to withdraw consent: where we rely on your consent, you can withdraw it at any time. This will not affect the lawfulness of processing carried out before you withdrew consent.
You also have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been infringed. In the United Kingdom, this is the Information Commissioner's Office.
Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or services. Any updated policy will take effect from the date it is published. We encourage you to review this policy periodically to stay informed about how we handle your personal data.
