Privacy Policy - Selfstorage Southkensington

This Privacy Policy explains how Selfstorage Southkensington collects, uses, stores, shares, and protects personal data relating to its customers and prospective customers in the South Kensington area. It applies to all Selfstorage Southkensington customers in the area, including individuals, business customers, and anyone who enquires about or uses our storage services. We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK GDPR and the Data Protection Act 2018.

1. Who We Are

Selfstorage Southkensington is a storage service provider that processes personal data in order to manage enquiries, provide storage facilities, administer customer accounts, maintain security, and meet legal obligations. For the purposes of data protection law, we act as the data controller for the personal information described in this policy.

2. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data such as name, date of birth, and identification documents where required.
  • Contact data such as postal address, email address, and telephone number.
  • Account and contract data such as storage unit details, rental dates, payment history, and service preferences.
  • Payment data such as billing details, transaction records, and partial payment card information processed through secure payment systems.
  • Security data such as CCTV images, access logs, alarm records, and incident reports where applicable.
  • Communications data including emails, written correspondence, complaints, and customer support records.
  • Technical data collected through website or system usage, if applicable, such as device information, IP address, and browser data.

We usually collect personal data directly from you when you make an enquiry, sign a storage agreement, make payments, access a unit, or communicate with us. We may also receive information from third parties where necessary, such as payment providers, identity verification services, insurers, legal advisers, or law enforcement bodies.

3. How We Use Personal Data

We use personal data for the following purposes:

  • To provide and manage storage services.
  • To verify identity and prevent fraud.
  • To process payments, invoices, and refunds.
  • To communicate about bookings, contracts, renewals, and service updates.
  • To maintain site safety and security.
  • To investigate complaints, disputes, and incidents.
  • To comply with legal, regulatory, and insurance obligations.
  • To improve our services, systems, and customer experience.

We only process personal data where it is necessary for these purposes and in accordance with data protection principles, including data minimisation, purpose limitation, and storage limitation.

4. Lawful Basis for Processing

We rely on the following lawful bases under the UK GDPR:

Contract

We process personal data where it is necessary to enter into or perform a storage agreement with you, including managing your account, providing access to storage facilities, and handling payments.

Legal Obligation

We may process data where necessary to comply with legal or regulatory obligations, including accounting requirements, tax obligations, and responses to lawful requests from authorities.

Legitimate Interests

We may process personal data where it is necessary for our legitimate interests and where those interests are not overridden by your rights and freedoms. These interests include protecting our business, preventing fraud, ensuring site security, managing operations, and improving services.

Consent

In limited cases, we may rely on your consent, for example where we use optional marketing communications or certain non-essential cookies or similar technologies. Where consent is used, you may withdraw it at any time.

Vital Interests

In rare situations, we may process personal data to protect someone’s vital interests, such as in an emergency or serious incident on our premises.

5. Data Sharing and Processors

We may share personal data with trusted third parties who act as processors on our behalf or, in some cases, as independent controllers. These parties are required to handle personal data securely and only for authorised purposes. Examples include:

  • IT and software providers that support our booking, storage management, communications, or security systems.
  • Payment service providers that process card or electronic payments securely.
  • Professional advisers such as accountants, auditors, insurers, or legal advisers.
  • Security and monitoring providers where CCTV, alarms, or access systems are used.
  • Identity verification and fraud prevention services where necessary.
  • Public authorities, law enforcement, or courts where required by law or to protect rights and safety.

Where a processor is used, we ensure there is a written contract in place containing appropriate data protection obligations, including confidentiality, security measures, and restrictions on sub-processing.

6. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place. These may include adequacy regulations, the International Data Transfer Agreement, or other lawful transfer mechanisms. We will only transfer data where necessary and where appropriate protection is maintained.

7. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, operational, and security requirements. Retention periods vary depending on the type of data and the reason it is held.

  • Contract and account records are generally kept for the duration of the customer relationship and for a reasonable period afterwards.
  • Payment and tax records are retained for the period required by law, typically in line with accounting and tax rules.
  • Security records such as CCTV footage or access logs are kept for a limited period unless needed for an investigation, claim, or legal matter.
  • Enquiry records may be retained for a limited time if you do not become a customer.

When data is no longer required, it is securely deleted, anonymised, or otherwise disposed of in a safe and appropriate manner.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These rights may be limited in some situations, but we will always consider and respond to your request appropriately.

  • Right of access – you can request a copy of the personal data we hold about you.
  • Right to rectification – you can ask us to correct inaccurate or incomplete information.
  • Right to erasure – you can request deletion of your data in certain circumstances.
  • Right to restriction – you can ask us to limit how we use your data in certain cases.
  • Right to object – you can object to processing based on legitimate interests or direct marketing.
  • Right to data portability – you may request data you provided to us in a structured, commonly used format where applicable.
  • Right to withdraw consent – where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the Information Commissioner’s Office if you believe your data protection rights have been infringed.

9. Data Security

We use appropriate technical and organisational measures to protect personal data from loss, misuse, unauthorised access, alteration, or disclosure. These measures may include secure systems, access controls, encryption, staff training, monitoring, and restricted physical access where relevant. While no system can be guaranteed to be completely secure, we take data protection and information security seriously.

10. Automated Decision-Making

We do not generally use automated decision-making that produces legal or similarly significant effects about customers. If this changes, we will provide you with clear information about the logic involved, the significance and consequences of the processing, and your rights in relation to it.

11. Children’s Data

Our services are not directed at children, and we do not knowingly collect personal data from children except where necessary and lawful in connection with a customer relationship or legal obligation. If we become aware that we have collected data unlawfully, we will take appropriate steps to delete or protect it.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any revised version will apply from the date it is made available. We encourage customers to review this policy periodically to remain informed about how we use personal data.

13. Summary of Our Commitment

Selfstorage Southkensington is committed to respecting your privacy and handling personal data responsibly. We collect only what we need, use it for clear and lawful purposes, keep it only for as long as necessary, and protect it through appropriate safeguards. This policy applies to all Selfstorage Southkensington customers in the South Kensington area and reflects our commitment to GDPR-compliant data practices.

Call Now!
Call Now Get a Quote
Selfstorage Southkensington

GDPR-compliant Privacy Policy for Selfstorage Southkensington covering data collection, lawful basis, retention, processors, rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.