Privacy Policy - Keston Storage

Privacy Policy

This Privacy Policy explains how Keston Storage collects, uses, stores, shares, and protects personal data when providing storage services to customers in the area. It applies to all Keston Storage customers in the area, including prospective customers, current customers, former customers, and any person who communicates with us in connection with our services.

We are committed to handling personal data in accordance with the UK GDPR and the Data Protection Act 2018. We aim to ensure that personal information is processed lawfully, fairly, and transparently, and that only the minimum amount of data necessary is collected and used for clearly defined purposes.

1. Data We Collect

Keston Storage may collect and process different categories of personal data depending on the nature of the service relationship. This can include:

  • Identity information: name, title, and date of birth where required for identity verification.
  • Contact information: address, email address, telephone number, and billing details.
  • Account and service information: storage unit details, rental history, access records, payment status, and correspondence related to the account.
  • Payment information: bank account details, card details, and transaction records, where needed to process payments or refunds.
  • Verification information: copies of identification documents, proof of address, or other documentation needed to meet legal or security obligations.
  • Security and access information: CCTV records, entry logs, alarm records, incident reports, and data related to site access or loss prevention.
  • Communication information: enquiries, complaints, feedback, and records of messages or calls.
  • Technical information: limited device or system data if collected through website, email, or digital service interactions.

We may also collect information from third parties where necessary and lawful, such as credit reference agencies, debt recovery providers, identity verification services, insurers, law enforcement bodies, or parties acting on your behalf.

2. How We Use Personal Data

Keston Storage uses personal data for the following purposes:

  • to open and manage customer accounts;
  • to verify identity and prevent fraud;
  • to provide storage services and maintain site security;
  • to process payments, refunds, and outstanding balances;
  • to communicate with customers about their account or service;
  • to respond to enquiries, complaints, and requests;
  • to meet legal, regulatory, insurance, and accounting obligations;
  • to investigate incidents, disputes, and suspected misuse;
  • to maintain business records and internal administration;
  • to improve our operations, services, and security arrangements.

We will only use personal data for the purposes for which it was collected unless we reasonably consider that we need to use it for another compatible purpose and that purpose is lawful.

3. Lawful Basis for Processing

Under data protection law, we must have a lawful basis to process personal data. Keston Storage may rely on one or more of the following lawful bases:

Contract

We process personal data where it is necessary to enter into or perform a contract with a customer. This includes setting up storage arrangements, taking payment, managing access to a storage unit, and carrying out related account administration.

Legal obligation

We may process personal data where necessary to comply with a legal obligation, such as tax, accounting, fraud prevention, identity checks, health and safety requirements, or requests from legal authorities.

Legitimate interests

We may process personal data where it is necessary for our legitimate business interests, provided those interests are not overridden by the rights and freedoms of the individual. Legitimate interests may include safeguarding property, protecting our premises, preventing crime, handling disputes, improving operations, and keeping accurate records.

Consent

In limited situations, we may rely on consent. Where consent is used, it will be informed, specific, and freely given. You may withdraw consent at any time, although this will not affect processing already carried out lawfully before withdrawal.

4. Sharing Data and Processors

We may share personal data with trusted third parties where necessary for service delivery, legal compliance, or legitimate business purposes. These parties may act as processors or independent controllers depending on the circumstances.

Examples of processors and service providers may include:

  • IT and cloud storage providers that host systems and records;
  • payment processors and banking service providers;
  • identity verification and fraud prevention services;
  • security providers, CCTV monitoring services, and access control vendors;
  • professional advisers such as accountants, insurers, auditors, and solicitors;
  • mailing, communication, and document management providers;
  • debt collection or recovery services where needed;
  • maintenance and facilities contractors who support site operations.

Where we use processors, they are required to process personal data only on our instructions, keep it secure, and comply with data protection requirements. We do not permit processors to use personal data for their own independent purposes unless they are acting as separate controllers and have their own lawful basis.

We may also disclose data if required by law, court order, or to protect the rights, property, or safety of Keston Storage, our customers, staff, or others.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, including to meet legal, accounting, reporting, and dispute-resolution requirements. The retention period may vary depending on the type of data and the reason for holding it.

As a general approach:

  • customer account and contract records are kept for the duration of the relationship and for a reasonable period afterwards;
  • financial and tax-related records are retained in line with statutory obligations;
  • security records, such as CCTV footage or access logs, are kept for limited periods unless needed for an investigation;
  • complaints, correspondence, and dispute records are retained for as long as necessary to resolve the matter and evidence compliance;
  • identity and verification documents are stored only as long as required for legal, regulatory, or risk-management purposes.

When personal data is no longer required, it will be securely deleted, destroyed, or anonymised.

6. Security of Personal Data

We take appropriate technical and organisational measures to protect personal data from unauthorised access, accidental loss, misuse, alteration, or disclosure. These measures may include access restrictions, encryption, password protection, secure storage, staff training, and regular review of procedures.

Although we work to protect personal data, no system can be guaranteed to be completely secure. Where there is a data breach that is likely to result in a risk to individuals, we will take appropriate steps in line with applicable law.

7. Your Rights

Individuals whose personal data is processed by Keston Storage have rights under data protection law. Subject to legal conditions and exemptions, these rights may include:

  • Right of access: to request a copy of the personal data we hold about you.
  • Right to rectification: to ask us to correct inaccurate or incomplete data.
  • Right to erasure: to request deletion of data in certain circumstances.
  • Right to restriction: to ask us to limit how we use your data in certain situations.
  • Right to object: to object to processing based on legitimate interests or direct marketing.
  • Right to data portability: to receive certain data in a structured, commonly used format where applicable.
  • Right to withdraw consent: where processing is based on consent.
  • Right to complain: to raise concerns with the relevant supervisory authority if you believe your rights have been infringed.

To support a rights request, we may need to verify your identity before disclosing information or making changes. We will respond within the time limits required by law.

8. Marketing and Communications

If we send service updates or administrative messages, these are usually necessary for the contract or account relationship. Where we rely on consent for optional marketing, you may opt out at any time. We will not use personal data for unsolicited marketing in a way that breaches applicable law.

9. Automated Decision-Making

Keston Storage does not generally make decisions about customers based solely on automated processing that produces legal or similarly significant effects. If this changes, we will provide appropriate information about the logic involved and the rights available to you.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in legal requirements, business practices, or service arrangements. Any revised version will apply from the date it takes effect. We encourage customers to review the policy periodically to remain informed about how personal data is handled.

11. General Statement

This Privacy Policy applies to all Keston Storage customers in area and to any personal data processed in connection with our storage services. By using our services, you acknowledge that your information may be processed in the ways described above and in accordance with applicable data protection law.

We are committed to respecting privacy, using data responsibly, and maintaining trust through transparent and lawful processing.

End of Privacy Policy.

Call Now!
Call Now Get a Quote
Keston Storage

GDPR-compliant privacy policy for Keston Storage covering data collection, lawful basis, retention, processors, user rights, and applicability to all customers in area.

Get a Quote

Get In Touch With Us.

Please fill out the form below to send us an email and we will get back to you as soon as possible.