Privacy Policy - Kenley Storage

This Privacy Policy explains how Kenley Storage collects, uses, stores, shares, and protects personal data in relation to storage services provided to customers in the area. It applies to all Kenley Storage customers in area and should be read carefully together with any service terms or booking information provided at the time of use.

1. Who We Are

Kenley Storage is a storage services provider that processes personal data in connection with account management, service delivery, billing, security, and legal compliance. For the purposes of data protection law, Kenley Storage acts as a data controller for the personal data described in this policy, meaning we determine why and how your personal data is processed.

2. Information We Collect

We collect only the personal data that is necessary and relevant to provide our services, manage our business, and meet our legal obligations. The types of information we may collect include:

  • Identity details: name, title, and date of birth where needed for verification.
  • Contact details: postal address, email address, and telephone number.
  • Account and service information: storage unit details, booking records, access arrangements, payment history, and correspondence related to your account.
  • Payment information: billing details and payment status. Where card or bank payments are handled, relevant transaction data may be processed by payment providers.
  • Security and access records: entry logs, CCTV footage, access timestamps, incident reports, and information collected to protect property and people.
  • Communications: enquiries, complaints, service requests, and any other messages you send to us.
  • Technical information: limited device, browser, or usage information if you interact with digital systems used to manage services.

We do not seek to collect special category data unless it is strictly necessary and lawfully permitted. If such data is ever provided to us inadvertently, it will be handled with appropriate safeguards and only as required by law.

3. How We Use Your Data

We use personal data for the following purposes:

  • to provide storage services and manage your account;
  • to confirm identity and prevent unauthorised access;
  • to process bookings, renewals, payments, and refunds where applicable;
  • to communicate about service updates, notices, or operational matters;
  • to maintain security, investigate incidents, and protect against fraud or misuse;
  • to comply with tax, accounting, contractual, and legal obligations;
  • to handle enquiries, complaints, and disputes;
  • to improve our services, systems, and operational efficiency.

We will only use your personal data for the purposes described above or for compatible purposes permitted by data protection law.

4. Lawful Basis for Processing

Kenley Storage processes personal data only where we have a valid lawful basis under the UK GDPR and related data protection laws. Depending on the activity, we may rely on one or more of the following bases:

Contract

We process personal data when it is necessary to enter into or perform a contract with you, including creating your account, managing storage services, processing payments, and providing customer support.

Legal Obligation

We may process data where necessary to comply with legal duties, such as tax records, accounting requirements, fraud prevention obligations, or responses to lawful requests from authorities.

Legitimate Interests

We may process data where it is necessary for our legitimate interests, provided your rights and freedoms do not override those interests. These interests may include protecting property, preventing crime, maintaining business records, improving services, and managing secure operations. When relying on this basis, we assess the impact on individuals and ensure processing remains proportionate.

Consent

In limited circumstances, we may rely on your consent, for example where this is required for certain optional communications or specific processing activities. Where consent is used, you may withdraw it at any time, without affecting the lawfulness of processing carried out before withdrawal.

5. Sharing Your Data and Processors

We may share personal data with trusted third parties who assist in delivering our services. These parties act as processors when they process data on our behalf and under our instructions. Examples may include:

  • payment service providers;
  • IT and software service providers;
  • security and surveillance service providers;
  • accounting, auditing, and business administration providers;
  • maintenance and facilities support providers;
  • professional advisers such as legal or insurance advisers;
  • public authorities, regulators, or law enforcement where disclosure is required by law.

We require processors to protect personal data and use it only for specified purposes. They are not permitted to use your information for their own independent purposes unless they are separately acting as a controller and have a lawful basis to do so.

Where personal data is transferred outside the United Kingdom, we will take appropriate steps to ensure it is protected in accordance with applicable data protection law, such as using approved safeguards where required.

6. Retention of Personal Data

We keep personal data only for as long as necessary for the purposes for which it was collected, including meeting legal, accounting, reporting, and security requirements. The retention period depends on the type of information and the reason for processing.

  • Account and service records: retained for the duration of the customer relationship and for a reasonable period afterwards.
  • Financial and tax records: retained for the period required by law and accounting rules.
  • Security records: retained only as long as necessary for security monitoring, incident investigation, or legal claims.
  • Enquiries and correspondence: retained for a period that allows us to respond appropriately and manage any follow-up issues.

When personal data is no longer required, it will be securely deleted, anonymised, or otherwise disposed of in a safe and lawful manner.

7. Data Security

We use appropriate technical and organisational measures to protect personal data against loss, misuse, unauthorised access, alteration, or disclosure. These measures may include access controls, secure systems, staff confidentiality obligations, record management procedures, and physical security measures. While no system is completely risk-free, we work to maintain a level of security suitable for the nature of the data and the risks involved.

8. Your Rights

Under data protection law, you have a number of rights in relation to your personal data. These may include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of your data in certain circumstances.
  • Right to restriction: to ask us to limit processing in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing, where applicable.
  • Right to data portability: to receive certain data in a structured, commonly used format where processing is based on consent or contract and carried out by automated means.
  • Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.

These rights are subject to legal limits and exceptions. If you exercise a right, we may need to verify your identity and assess the request against our obligations under the law.

9. Children

Our storage services are intended for adults and business users. We do not knowingly collect personal data from children in connection with our services. If we become aware that such data has been collected without appropriate consent or legal basis, we will take reasonable steps to delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our services, legal obligations, or data handling practices. Any updated version will apply from the date it is made available. We encourage customers to review this policy periodically so they remain informed about how their personal data is handled.

11. Summary of Core Principles

Kenley Storage is committed to processing personal data fairly, lawfully, and transparently. We collect only what we need, use it for clear and legitimate purposes, keep it secure, retain it for no longer than necessary, and respect the rights of every customer. This policy applies to all Kenley Storage customers in area and is designed to meet applicable GDPR requirements in a clear and practical way.

Call Now!
Call Now Get a Quote
Kenley Storage

GDPR-compliant Privacy Policy for Kenley Storage covering data collection, lawful basis, retention, processors, and user rights for all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.