Privacy Policy - Kilburn Storage

This Privacy Policy explains how Kilburn Storage collects, uses, shares, stores, and protects personal data relating to its customers and prospective customers in the area served by Kilburn Storage. It applies to all Kilburn Storage customers in the area, including individuals and businesses using storage services, visiting our premises, or making enquiries about our services.

We are committed to handling personal data in a lawful, fair, and transparent manner in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018. We only collect data that is necessary for the purposes described in this policy, and we take appropriate measures to keep it secure.

1. Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity details such as your name, date of birth, and identification details where needed for account verification or security.
  • Contact details such as your address, email address, and telephone number.
  • Account and contract information including tenancy details, unit allocation, payment history, invoices, and communications related to your storage agreement.
  • Financial information such as payment method details and records of payments received or outstanding. We do not knowingly store full payment card details unless required and handled by a secure payment provider.
  • Security and access records such as entry logs, CCTV recordings, vehicle registration information, and incident reports where applicable.
  • Correspondence and support information including emails, phone call notes, complaints, feedback, and any other communications you send to us.
  • Technical information such as device or browser details if you interact with our digital systems or online services, where relevant.

We generally collect personal data directly from you when you enquire about, sign up for, or use our storage services. In some cases, we may also receive information from third parties such as payment processors, identity verification providers, insurers, or legal and regulatory bodies.

2. How We Use Your Personal Data

We use personal data only for specified, explicit, and legitimate purposes. These may include:

  • Setting up and managing your storage account or contract.
  • Verifying your identity and preventing fraud.
  • Providing access to storage services and maintaining site security.
  • Processing payments, issuing invoices, and managing arrears.
  • Communicating with you about your account, notices, or service-related matters.
  • Handling complaints, disputes, insurance claims, or legal claims.
  • Complying with legal obligations, regulatory requirements, and lawful requests from authorities.
  • Improving our services, systems, security measures, and customer experience.

We will not use your personal data for purposes that are incompatible with the reasons it was collected unless we have a lawful basis to do so and we clearly explain that use.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Depending on the circumstances, we rely on the following lawful bases:

  • Contract - We process personal data where it is necessary to enter into or perform our storage agreement with you, including account administration and service delivery.
  • Legal obligation - We process data where required to comply with tax, accounting, safety, fraud prevention, or other legal obligations.
  • Legitimate interests - We may process data where it is necessary for our legitimate business interests, such as protecting our premises, preventing crime, managing risk, improving operations, or enforcing our contractual rights, provided these interests do not override your rights and freedoms.
  • Consent - In limited cases, we may rely on your consent, for example for certain optional communications or where law requires consent. You can withdraw consent at any time where processing is based on consent.

Where we process special category data or other sensitive information, we will only do so where permitted by law and subject to additional safeguards.

4. Data Retention

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including legal, accounting, insurance, and reporting obligations. Retention periods depend on the type of data and the context in which it is used.

  • Contract and account records are generally retained for the duration of your storage relationship and for a reasonable period after it ends to handle disputes, claims, or legal requirements.
  • Financial and accounting records are retained for the period required by tax and accounting law.
  • Security records such as access logs or CCTV footage are retained for a limited period unless needed for an investigation, claim, or legal obligation.
  • Correspondence and complaints are retained for as long as necessary to resolve the matter and maintain appropriate business records.

When personal data is no longer required, we will securely delete, anonymise, or destroy it.

5. Data Sharing and Processors

We may share personal data with trusted third parties where necessary for the operation of our services or where required by law. These third parties act either as independent controllers or as processors acting on our instructions.

Examples of processors and service providers may include:

  • Payment processors that handle card or electronic payments securely.
  • IT and cloud service providers that host our systems, emails, or data storage.
  • Security providers that support access control, alarm monitoring, or CCTV operations.
  • Administrative and communication providers that support document management, invoicing, or customer communications.
  • Professional advisers such as accountants, insurers, auditors, or legal advisers where necessary.

We require processors to protect personal data, keep it confidential, and use it only for the purposes we specify. We do not sell personal data.

We may also disclose personal data to law enforcement, regulators, courts, or other public authorities where we are legally required or permitted to do so, or where disclosure is necessary to protect our rights, customers, staff, or property.

6. International Transfers

If personal data is transferred outside the UK, we will ensure that appropriate safeguards are in place, such as adequacy regulations, standard contractual clauses, or other lawful transfer mechanisms. We take steps to ensure that personal data remains protected to a standard consistent with UK data protection requirements.

7. Your Rights

Subject to applicable legal conditions, you have the following rights in relation to your personal data:

  • Right of access - You may request a copy of the personal data we hold about you.
  • Right to rectification - You may request correction of inaccurate or incomplete data.
  • Right to erasure - You may request deletion of your data in certain circumstances.
  • Right to restriction - You may ask us to limit how we use your data in certain cases.
  • Right to object - You may object to processing based on legitimate interests or direct marketing.
  • Right to data portability - You may request that certain data be provided to you or another organisation in a structured, commonly used format.
  • Right to withdraw consent - Where we rely on consent, you may withdraw it at any time.

You also have the right to lodge a complaint with the UK Information Commissioner’s Office if you believe your data has not been handled in accordance with the law. We encourage you to raise any concerns with us first so that we can try to resolve them promptly.

8. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, loss, alteration, or disclosure. These measures may include access controls, password protection, staff confidentiality obligations, secure storage, and regular review of our procedures. While no system can be guaranteed to be completely secure, we work to reduce risks and respond to incidents appropriately.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or operational requirements. The latest version will apply from the date it is published or communicated. We encourage you to review it periodically.

10. Applicability

This Privacy Policy applies to all Kilburn Storage customers in the area and to anyone whose personal data is processed in connection with our storage services. By using our services or providing your personal data to us, you acknowledge that you have read and understood this policy.

Important note: This policy is intended to provide general information about our data protection practices and is written in plain language. It does not affect your statutory rights under data protection law.

Privacy, security, and lawful processing are central to how Kilburn Storage operates.

Call Now!
Call Now Get a Quote
Kilburn Storage

GDPR-compliant Privacy Policy for Kilburn Storage covering data collection, lawful basis, retention, processors, and user rights for all local customers.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.