Privacy Policy (Legal Workspace Ltd)
- Details
- Written by: Legal Workspace
Last updated: 17 June 2026
This Privacy Policy explains how Legal Workspace Ltd ("we", "us", "our") collects, uses, stores, and protects your personal data when you use our website or contact us. We are committed to handling your information in accordance with UK GDPR and data protection laws.
Please read this Privacy Policy carefully. We recommend that you print or save a copy of this Privacy Policy for your records, along with any future updates that may apply from time to time.
Table of Contents
- 1. Introduction
- 2. Data Controller Details
- 3. Personal Data We Collect
- 4. Legal Basis for Processing
- 5. How We Use Your Data
- 6. Special Category Data (Article 9 UK GDPR)
- 7. Data Sharing
- 8. International Data Transfers
- 9. Data Retention
- 10. Data Security
- 11. Data Protection Impact Assessments (DPIA)
- 12. Your Data Protection Rights
- 13. Cookies and Tracking Technologies
- 14. Automated Decision-Making
- 15. Links to Third-Party Websites
- 16. Changes to This Privacy Policy
- 17. Contact Information
1. Introduction
Legal Workspace Ltd is committed to protecting your privacy and handling your personal data in a lawful, fair, and transparent manner in accordance with:
- UK General Data Protection Regulation (UK GDPR)
- Data Protection Act 2018
- Privacy and Electronic Communications Regulations (PECR)
We act as the data controller for personal data collected via our website and services, unless otherwise stated.
2. Data Controller Details
Legal Workspace Ltd
Email: info@legalworkspace.co.uk
If you have any questions regarding this Privacy Policy or your data, you may contact us using the details above.
3. Personal Data We Collect
We may collect and process the following categories of personal data:
3.1 Information you provide directly
- Name
- Email address
- Telephone number
- Business details
- Address (if provided)
- Enquiry or message content
- Account login details (if applicable)
3.2 Technical data
- IP address
- Browser type and version
- Device identifiers
- Operating system
- Referral source
- Pages visited and interaction data
- Time and date of access
3.3 Usage data
- Website navigation behaviour
- Service usage analytics
- Feature interaction data
3.4 Cookie data
We use cookies and similar technologies. For full details, see our Cookie Policy.
4. Legal Basis for Processing
We process personal data under the following lawful bases:
- Consent - for cookies, marketing, and optional communications
- Contract - to respond to enquiries and provide services
- Legal obligation - compliance with legal and regulatory requirements
- Legitimate interests - website security, service improvement, and business operations
Where we rely on legitimate interests, we carry out balancing tests to ensure your rights are not overridden.
5. How We Use Your Data
We use your personal data to:
- Respond to enquiries and provide information
- Deliver our digital services and software functionality
- Manage client relationships and communications
- Improve website performance and user experience
- Ensure security and prevent fraud or misuse
- Conduct analytics (with consent where required)
- Support marketing and advertising (with consent)
- Comply with legal and regulatory obligations
6. Special Category Data (Article 9 UK GDPR)
We do not intentionally collect or process special category personal data (as defined under Article 9 UK GDPR) through our website or standard service enquiries.
This includes data relating to:
- Health information
- Criminal convictions or allegations
- Racial or ethnic origin
- Religious or philosophical beliefs
- Biometric or genetic data
- Sexual orientation
If such information is ever provided to us voluntarily by a user in an enquiry, it will only be processed where strictly necessary and in accordance with UK GDPR requirements, and appropriate safeguards will be applied.
We do not collect special category data through cookies, analytics tools, or marketing technologies.
7. Data Sharing
We do not sell your personal data.
We may share data with trusted third parties, including:
- Hosting and infrastructure providers
- IT and security service providers
- Email and communication providers
- Analytics providers (e.g. Google Analytics)
- Payment processors (if applicable)
- Professional advisers (legal, accounting, compliance)
- Regulatory or law enforcement authorities where required
All third parties are contractually required to process data securely and in compliance with UK GDPR.
8. International Data Transfers
Some of our service providers may process data outside the UK.
Where this occurs, we ensure appropriate safeguards are in place, including:
- UK International Data Transfer Agreement (IDTA)
- European Commission Standard Contractual Clauses (SCCs)
- UK adequacy regulations (where applicable)
We assess transfer risks and implement supplementary safeguards where necessary.
9. Data Retention
We retain personal data only for as long as necessary for the purposes collected:
- Enquiry data: 12-24 months
- Client/service data: duration of service + legal retention requirements
- Website analytics data: 14-26 months (depending on provider settings)
- Cookie consent records: up to 12 months
- Technical logs: typically 30-90 days unless required for security
Retention periods are reviewed periodically.
10. Data Security
We implement appropriate technical and organisational measures to protect personal data, including:
- SSL/TLS encryption (HTTPS)
- Secure hosting infrastructure
- Firewalls and intrusion detection systems
- Access controls and authentication procedures
- Regular security monitoring and backups
- Malware and vulnerability protection
Despite these measures, no system is completely secure, and transmission of data is at your own risk.
11. Data Protection Impact Assessments (DPIA)
Where processing is likely to result in high risk to individuals, we carry out Data Protection Impact Assessments (DPIAs) in accordance with Article 35 UK GDPR.
This includes, where applicable:
- Large-scale processing of personal data
- Processing of sensitive or special category data
- Use of tracking or behavioural analytics
- Cloud-based SaaS data processing systems
We review DPIAs regularly and update safeguards where necessary.
12. Your Data Protection Rights
Under UK GDPR, you have the following rights:
- Right to be informed
- Right of access
- Right to rectification
- Right to erasure (where applicable)
- Right to restrict processing
- Right to data portability
- Right to object
- Rights in relation to automated decision-making
To exercise your rights, contact:
info@legalworkspace.co.uk
You also have the right to complain to the Information Commissioner’s Office (ICO):
https://ico.org.uk
13. Cookies and Tracking Technologies
We use cookies for:
- Strictly necessary website operation
- Performance and analytics (with consent)
- Advertising and marketing (with consent)
You can manage your cookie preferences via our cookie banner or browser settings.
For full details, see our Cookie Policy.
14. Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
Where analytics or marketing tools are used, they are limited to aggregated or anonymised insights.
15. Links to Third-Party Websites
Our website may contain links to third-party websites.
We are not responsible for the privacy practices of those websites.
16. Changes to This Privacy Policy
We may update this Privacy Policy from time to time.
Any changes will be posted on this page with an updated "Last updated" date.
We recommend reviewing this page periodically.
17. Contact Information
If you have any questions about this Privacy Policy or how we handle your data, please contact:
Legal Workspace Ltd
Email: info@legalworkspace.co.uk
