Privacy Policy - Southkensington Storage

Southkensington Storage is committed to protecting the privacy and personal data of all customers in area. This Privacy Policy explains how we collect, use, store, share, and protect personal information in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. It applies to all Southkensington Storage customers in area, including prospective customers, current customers, former customers, authorised representatives, and individuals who communicate with us in connection with our services.

1. Information We Collect

We collect only the information that is necessary for us to provide storage services, manage our business operations, and meet legal obligations. The personal data we may collect includes:

  • Identity information such as your name, title, and date of birth where required.
  • Contact information such as postal address, email address, and telephone number.
  • Account and contract information such as customer references, booking details, payment status, and service records.
  • Financial information such as billing and payment details, limited to what is necessary to process transactions and manage accounts.
  • Security and access information such as identification details, entry logs, and CCTV-related records where applicable.
  • Communication records such as emails, notes, complaint details, and customer service correspondence.
  • Technical information where relevant, such as basic device or usage information generated when you interact with our digital systems.

We usually collect personal data directly from you when you enquire about our services, enter into an agreement, use our storage facilities, make payments, or contact us. We may also receive information from third parties where this is necessary for verification, payment processing, legal compliance, or to administer a contract.

2. How We Use Your Personal Data

We use personal data for specific, legitimate, and lawful purposes. These include:

  • creating and managing customer accounts;
  • providing storage services and related support;
  • processing bookings, renewals, and payments;
  • verifying identity and preventing fraud;
  • maintaining site security and protecting our premises, customers, and property;
  • responding to enquiries, complaints, and requests;
  • meeting legal, regulatory, accounting, and insurance obligations;
  • enforcing contractual rights and managing disputes;
  • improving our services and internal operations.

We do not use personal data in ways that are incompatible with the purposes explained in this policy. Where we need to use your data for a new purpose, we will ensure that we have a valid legal basis before doing so.

3. Lawful Basis for Processing

We process personal data only where the law allows us to do so. Depending on the activity, our lawful bases may include:

Contract

We process data when it is necessary to enter into or perform a contract with you. For example, we need your details to set up a storage agreement, manage access, issue invoices, and provide customer support.

Legal Obligation

We may process personal data where required to comply with legal duties, such as accounting, tax, anti-fraud, health and safety, and lawful law-enforcement requests.

Legitimate Interests

We may process data for our legitimate business interests where those interests are not overridden by your rights and freedoms. This includes maintaining security, preventing misuse of our services, managing risk, improving operations, and handling customer queries. Where we rely on legitimate interests, we consider the impact on individuals and implement appropriate safeguards.

Consent

In limited situations, we may rely on your consent, for example for certain optional communications or where required by law. You may withdraw consent at any time, and this will not affect the lawfulness of processing before withdrawal.

Vital Interests and Public Interest

In exceptional circumstances, we may process personal data to protect someone’s vital interests or where processing is necessary for reasons of substantial public interest, in line with applicable law.

4. Data Sharing and Processors

We may share personal data with trusted third parties where necessary and proportionate. These recipients may act as data processors or independent controllers depending on the service provided. We only share data when there is a valid reason to do so, and we require appropriate contractual and security safeguards.

Examples of processors and service providers may include:

  • payment processors that handle card or electronic payments;
  • IT and cloud service providers that support our systems and data storage;
  • customer management and administration platforms;
  • security service providers, including alarm monitoring and CCTV support;
  • professional advisers such as accountants, auditors, insurers, and legal advisers;
  • maintenance and facilities service providers where required for site operations.

We may also disclose data to public authorities, regulators, law enforcement bodies, or courts where we are legally required to do so, or where disclosure is necessary to establish, exercise, or defend legal claims.

All processors are required to act only on our instructions, keep data secure, and use it only for the agreed purpose. We do not sell personal data.

5. Data Retention

We keep personal data only for as long as necessary for the purpose for which it was collected, including the time needed to satisfy legal, contractual, tax, accounting, and security requirements. Retention periods may vary depending on the type of record and the purpose of processing.

As a general approach:

  • customer contract and account records are retained for the duration of the relationship and for a reasonable period afterwards;
  • financial and accounting records are retained for the period required by law;
  • security logs and access records are retained only for as long as needed for safety, investigation, or operational purposes;
  • complaints and correspondence are retained for a period appropriate to manage the issue and any follow-up obligations;
  • records needed for legal claims are retained until the relevant limitation period has expired.

When data is no longer required, we will delete it, anonymise it, or securely destroy it in line with our retention practices.

6. Security of Your Information

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, alteration, or disclosure. These measures may include access controls, staff confidentiality obligations, secure storage, encryption where appropriate, and periodic review of our procedures.

Although we take reasonable steps to protect your information, no system is completely secure. We therefore encourage customers to take care when sharing information and to notify us promptly if they believe their data may have been compromised.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These may include:

  • the right of access to obtain a copy of the personal data we hold about you;
  • the right to rectification to correct inaccurate or incomplete data;
  • the right to erasure in certain circumstances, sometimes called the “right to be forgotten”;
  • the right to restriction to limit how we use your data in certain situations;
  • the right to data portability to receive certain data in a structured, commonly used format;
  • the right to object to processing based on legitimate interests or direct marketing;
  • the right to withdraw consent where processing relies on consent;
  • rights related to automated decision-making where applicable.

These rights are not absolute and may be subject to legal exceptions or limitations. If you exercise a right, we may need to verify your identity before responding. We will aim to respond within the time limits set by law.

8. International Transfers

If personal data is transferred outside the United Kingdom, we will ensure that appropriate safeguards are in place so that your information remains protected to a standard required by data protection law. These safeguards may include adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our services, or our data practices. Any revised version will apply from the date it is published or otherwise made available. We encourage customers to review this policy periodically so they remain informed about how personal data is handled.

10. Scope of This Policy

This Privacy Policy applies to all Southkensington Storage customers in area and to any person whose personal data is processed by us in connection with our storage services. By using our services, you acknowledge that you have read and understood the practices described in this policy.

We are committed to handling personal data lawfully, fairly, and transparently. Our aim is to use only the information that is necessary, keep it secure, retain it for no longer than needed, and respect your rights at every stage of the customer relationship.

Call Now!
Call Now Get a Quote
Southkensington Storage

GDPR-compliant Privacy Policy for Southkensington Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.