GDPR and Privacy Policy.


Office Workspace is committed to protecting and respecting your privacy. We take your privacy very seriously and we ask that you read this GDPR and Privacy Notice very carefully as it contains important information on:

  • the personal data we collect about you;
  • how we look after your personal data when you visit our website (regardless of where you visit from);
  • with whom your personal data might be shared; and
  • your privacy rights and how the law protects you.
Who we are.

Office Workspace is a leading provider of workspace consultancy, design and build services across the UK.

This GDPR and Privacy Notice is issued on behalf of Office Workspace, so when we mention “Office Workspace”, “we”, “us” or “our” in this GDPR and Privacy Notice, we are referring to Office Workspace. We are registered in England and Wales under company number 12367928 and have our registered office at Unit 8, Easter Park, Colchester, Essex, CO4 5WY. Our website is

Personal data which we collect.
Personal data provided by you.

We collect personal data about you when you:

  • register for one of our events;
  • register to download one of our whitepapers or other collateral;
  • sign up to our general newsletter mailing list;
  • sign up to our events newsletter mailing list;
  • contact us through our website;
  • apply for a job with us;
  • access WiFi at one of our offices; or
  • complete customer feedback or surveys.

The personal data collected in the above manner may include your:

  • full name;
  • business postal address;
  • business email address;
  • work telephone number;
  • business industry;
  • CV, covering letter and other application details.
Personal data about other individuals.

If you give us information on behalf of someone else, you confirm that the other person has appointed you to act on his/her behalf and has agreed that you can:

  • give consent on his/her behalf to the processing of his/her personal data;
  • receive on his/her behalf any data protection notices; and
  • give consent to the transfer of his/her personal data outside the European Economic Area
How we use your personal data.

We collect information about you so that we can:

  • ensure that content from our website is presented in the most effective manner for you and for your computer;
  • provide you with information, products, or services that you request from us or which we feel may interest you, where you have consented to be contacted for such purposes;
  • assist you with your queries in relation to the services we offer; allow you to participate in interactive features of our service, when you choose to do so;
  • review any job applications you submit to us;
  • provide you with WiFi access at our offices;
  • conduct anonymised website usage research, statistical analysis, and behavioural analysis;
  • notify you of any changes to our website or to our services that may affect you; and improve our services.

We would like to send you information by email about our products and services, industry-related through leadership content, invitations to our events, and other material which we believe will be of interest and value to you.

We will only send you marketing messages when you subscribe on our website to one of our mailing lists or one of our events, or when you register to download our collateral, and tick the relevant consent box when you provide us with your personal data. If you have consented to such receive marketing from us, you can opt out at any time by using the unsubscribe function on each of our emails or by contacting us directly through the “Contact Us” section of this website.

When we might share your personal data with third parties.

We do not, and will not, sell any of your personal data to any third party – including your name, address, email address or payment card information. We want to earn and maintain your trust, and we believe this is essential in order do that.

As an essential part of being able to provide our services to you, we do share your data with the following third parties:

  • service providers that help us to run our business such as website hosting providers, website developers, providers of WiFi access at our offices; cloud-based secure customer-relationship management systems
  • professional advisers including lawyers, auditors and insurers who provide advice to us when we require it.

We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions. If you would like any more information about the third parties which we work with to provide our services to you, please contact us on the contact details provided later in this GDPR and Privacy Notice.

How we ask for consent.

In those cases where we need your consent to hold and process your personal data, we will ask you to check a box on any form requiring consent. By checking these boxes you are confirming that you have been informed as to why we are collecting the information, how this information will be used, for how long the information will be kept, who else will have access to this information and what are your rights as a data subject (all of which is set out in this GDPR and Privacy Notice).

How we keep your data secure.

To protect your information we have policies and procedures in place to make sure that only authorised personnel can access the information, that information is handled and stored in a secure and sensible manner, and all systems that can access the information have the necessary security measures in place.

All employees, contractors and sub-contractors receive the necessary training and resources to ensure they understand their responsibilities in relation to all of our policies and procedures.

In additional to these operational measures we also use a range of technologies and security systems to reinforce the policies and procedures, including ensuring that:

  • access to personal data is strictly restricted to those employees who need to access this information as part of their role;
  • we store your personal data on secure servers and unauthorised external access to personal data is prevented through the use of a firewall;
  • information used for reporting and/or customer profiling purposes is anonymised (so that it does not identify you);
  • we store your personal data on secure servers;

To make sure that these measures are suitable, we run vulnerability tests regularly. Audits to identify areas of weakness and non-compliance are routinely scheduled.

How long we keep your personal data for.

We shall only retain your information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

If you would like more information about how long we retain specific types of your information, please contact us on the contact details provided later in this GDPR and Privacy Notice.

Transfers of your personal data out of the EEA.

All information you provide via our website is stored on our secure servers within the European Economic Area (“EEA”). If any data that we collect from you is transferred to, or stored at, a destination outside the EEA at any time, we will update this GDPR and Privacy Notice accordingly.

Your rights.
The right to access information we hold about you.

At any point you can contact us to request the information we hold about you as well as why we have that information, who has access to the information and where we got the information. Once we have received your request, we will respond within 30 days.

The right to correct and update the information we hold about you.

If the information we hold about you is out of date, incomplete or incorrect, you can inform us, and we will ensure that it is updated.

The right to have your information erased.

If you feel that we should no longer be using your information, you can request that we erase the information we hold. When we receive your request, we will confirm whether the information has been deleted or tell you the reason why it cannot be deleted.

The right to object to processing of your information.

You have the right to request that we stop processing your information. Upon receiving the request, we will contact you to tell you if we are able to comply or if we have legitimate grounds to continue. If data is no longer processed, we may continue to hold your information to comply with your other rights.

The right to ask us to stop contacting you with direct marketing.

You have the right to request that we stop contacting you with direct marketing.

The right to data portability.

You have the right to request that we transfer your information to another controller. Once we have received your request, we will comply where it is feasible to do so.

For your security we may need to verify your identity before we process your instructions above.

Cookies and tracking.

We may collect information about your computer, including where available your IP address, operating system, and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users’ browsing actions and patterns and does not identify any individual.

For the same reason, we may obtain information about your general internet usage by using a cookie file which is stored on the hard drive of your computer. Cookies contain information that is transferred to your computer’s hard drive. They help us to improve our site and to deliver a better and more personalised service. Our site uses session cookies. They enable us:

  • to estimate our audience size and usage pattern;
  • to store information about your preferences, and so allow us to customise our site according to your individual interests;
  • to speed up your searches;
  • to recognise you when you return to our site.

You may refuse to accept cookies by activating the setting on your browser which allows you to refuse the setting of cookies. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site.

Contacting us.

If you have any queries about this GDPR and Privacy Notice, need further information about how Office Workspace uses your personal data or wish to lodge a complaint, please contact us by any of the following means:

  • phone us on: 020 8309 0000
  • email us at:
  • write to us at: Office Workspace, Unit 8, Easter Park, Colchester, Essex, CO4 5WY
  • contact us using our “Contact us” page on the website.

You also have the right to lodge a complaint with the Information Commissioner’s Office directly. Further information, including contact details, is available at

Changes to this GDPR and Privacy Notice.

We may change this GDPR and Privacy Notice from time to time. You should check this GDPR and Privacy Notice occasionally to ensure that you are aware of the most recent version that will apply each time you access the website.

Where we have made any changes to this GDPR and Privacy Notice which affects the manner in which we use your personal data, we will contact you by email to inform you of this change.

This GDPR and Privacy Notice was last updated on 14 September 2022.