Privacy Policy - Kingscross Storage

Effective date: This Privacy Policy applies to all Kingscross Storage customers in area and explains how we collect, use, store, share, and protect personal data when you use our storage services.

We are committed to handling personal information in a lawful, fair, and transparent manner in accordance with applicable data protection laws, including the UK GDPR and the Data Protection Act 2018. This policy is designed to help you understand what data we collect, why we collect it, how long we keep it, who may process it on our behalf, and what rights you have over your information.

1. Data We Collect

We may collect and process different types of personal data depending on how you interact with us and which services you use. The information collected may include:

  • Identity data: your name, title, and identification details used to verify your identity.
  • Contact data: address, email address, and phone number.
  • Account and contract data: rental agreement details, storage unit reference, payment status, and service preferences.
  • Payment data: billing information and transaction records. We do not generally store full card details where secure payment services are used.
  • Usage data: access logs, entry and exit times, and records relating to your use of our premises or services.
  • Communication data: correspondence you send to us, including enquiries, notices, complaints, and requests.
  • Security data: CCTV recordings, where applicable, and other information necessary to protect our premises, property, customers, and staff.
  • Technical data: limited information collected through digital systems used to manage bookings, access control, or administration.

We may also receive personal data from third parties where necessary, such as payment providers, identity verification services, or contractors acting on our behalf. Where we do so, we only collect the information required for a specific and lawful purpose.

2. How We Use Your Data

We use personal data for the following purposes:

  • to set up and manage your storage account;
  • to provide storage services and maintain your tenancy or licence;
  • to process payments, invoices, and refunds where applicable;
  • to verify identity and prevent fraud;
  • to communicate with you about your booking, account, or service updates;
  • to keep our site, customers, staff, and property secure;
  • to comply with legal, regulatory, and accounting obligations;
  • to handle complaints, disputes, and enforcement matters;
  • to improve our systems, administration, and service quality.

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another compatible purpose and that use is permitted by law.

3. Lawful Basis for Processing

We process personal data only where we have a lawful basis under data protection law. Depending on the circumstance, we rely on one or more of the following:

Contract

We process data where it is necessary to perform our contract with you or to take steps at your request before entering into a contract. This includes managing your storage unit, taking payments, providing access, and administering your account.

Legal obligation

We may process data where needed to comply with a legal obligation, such as accounting, tax, fraud prevention, safety, or responding to lawful requests from authorities.

Legitimate interests

We may process data where it is necessary for our legitimate interests, provided those interests are not overridden by your rights and freedoms. Examples include protecting premises through security measures, maintaining business records, preventing misuse, and improving service operations.

Consent

In limited situations, we may rely on your consent, for example where this is required for certain optional communications or uses. Where consent is used, you may withdraw it at any time, without affecting processing carried out before withdrawal.

Vital interests and public tasks

These bases are unlikely to apply in normal storage services, but may be relied upon in exceptional circumstances where necessary.

4. Retention of Personal Data

We keep personal data only for as long as necessary to fulfil the purposes for which it was collected, including any legal, accounting, reporting, or dispute resolution requirements. When determining retention periods, we consider the nature of the data, the purpose of processing, and any legal obligations we must meet.

Typical retention periods may include:

  • Contract and account records: retained for the duration of the service relationship and for a further period where needed for accounting or legal claims.
  • Payment and transaction records: retained for the period required by tax and financial regulations.
  • Security and access records: retained only as long as needed for site security, incident handling, or lawful purposes.
  • Correspondence and complaints: retained while the matter is active and for a reasonable period afterwards.

Once data is no longer required, we will delete it securely or anonymise it so that it can no longer identify you.

5. Processors and Sharing of Data

We may share personal data with trusted third parties that act as processors on our behalf. These processors are only permitted to use your data according to our instructions and must take appropriate security measures. Examples may include:

  • IT and cloud service providers: to host or support our administration systems.
  • Payment processors: to handle card or other payment transactions securely.
  • Identity verification providers: to confirm identity where necessary.
  • Security contractors and monitoring services: to support the protection of premises and assets.
  • Professional advisers: such as accountants, insurers, legal advisers, and auditors.
  • Debt recovery or enforcement providers: where necessary and lawful in the event of unpaid balances or breach of contract.

We may also disclose personal data to public authorities, law enforcement, courts, or regulators where required by law or where necessary to protect our rights, customers, staff, or property. We do not sell your personal data.

Where a processor or recipient is located outside the UK, we will ensure appropriate safeguards are in place in line with data protection law.

6. Data Security

We use appropriate technical and organisational measures to protect personal data against unauthorised access, accidental loss, misuse, disclosure, or alteration. These measures may include access controls, secure storage, staff training, restricted permissions, and contractual protections with processors. While no system can guarantee complete security, we review our safeguards regularly and aim to keep your information secure and confidential.

7. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These may include:

  • Right of access: to ask for a copy of the personal data we hold about you.
  • Right to rectification: to request correction of inaccurate or incomplete data.
  • Right to erasure: to ask us to delete your data in certain circumstances.
  • Right to restrict processing: to request that we limit how we use your data in certain cases.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to request transfer of data you provided to us in a structured, commonly used format where applicable.
  • Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

Please note that these rights are not absolute and may be subject to legal restrictions or exceptions. If you exercise a right, we may need to verify your identity before responding.

To make a request, please use the communication methods provided in your account documentation or service records. We will respond within the time limits required by law.

8. Cookies and Similar Technologies

If we use digital systems that place cookies or similar technologies, these may be used for security, functionality, and service administration. Where consent is required, we will seek it before placing non-essential cookies. Any such tools are used only to support the operation of our services and improve user experience.

9. Children’s Data

Our storage services are not directed at children. We do not knowingly collect personal data from children unless it is necessary in connection with a customer account or lawful business arrangement. If we become aware that data has been collected inappropriately, we will take reasonable steps to remove it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or processing practices. Any updated version will apply from the date of publication or as otherwise stated. We encourage customers to review the policy periodically so they remain informed about how their data is handled.

In summary: Kingscross Storage processes personal data only for lawful business, contractual, and legal purposes, retains it only as long as necessary, uses trusted processors under contract, and respects your data protection rights.

Call Now!
Call Now Get a Quote
Kingscross Storage

GDPR-compliant Privacy Policy for Kingscross Storage covering data collection, lawful basis, retention, processors, user rights, and security.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.