Privacy Policy

Who we are

Projects Office is a private Limited Company, registered in England & Wales. No 9492445

Our website address is:


The wording in this policy reflects the requirements of the General Data Protection Regulation (GDPR), which came into effect in the UK on 25 May 2018 Projects Office Limited collect and process personal data relating to our business contacts;

  • – clients (current and future)
  • – consultants and sub consultants
  • – suppliers
  • – contractors
  • – other individuals we have a business relationship with

We are committed to being transparent about how we collect and use personal data and to meeting our data protection obligations.


“Personal data” is any information that relates to a living individual who can be identified from that information. “Processing” is any use that is made of data, including collecting, storing, amending, disclosing or destroying it.

What information do we collect about you?

We collect information about our business contacts. Information collected may include:

  • – Name
  • – Employer name and address
  • – Title / Position
  • – Phone number
  • – Email
  • – Other business contact details

16 or Under

We do not collect any personally identifiable information from children aged 16 or under without prior verifiable consent from their parent/guardian.

How is personal data collected?

You can visit our website without providing any personal information, however we may use cookies, automatically collect IP addresses, information about your visit and how you use our website.

This site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

If you request to receive our newsletter you will be asked for your email address, name, job title and town. You can unsubscribe at any time.

If you are visiting for an event which is being held in our studios or hosted by us in an external location, you will be asked for your name and the company you work for. You may also be provided with a name badge, if appropriate for the event. There is a high chance that there will be photographers at the event and if that is the case, we will presume your consent and may use these images on our social media sites and publications. If you do not wish to be photographed, you must inform Projects Office prior to the event.

Why do we process personal data?

When we collect personal information from our business contacts it will be used for the following purposes:

  • – To maintain commercial relations with you
  • – To administer and manage our contractual obligations and services to or from you
  • – To understand your service and/or project needs
  • – To manage and develop our business and operations
  • – To meet legal and regulatory requirements
  • – To notify you of changes to our services
  • – To recommend your product or service to relevant contacts within the industry
  • – To invite you to appropriate business events

When you voluntarily give us your personal information we will only use it for the above purposes. If we intend to use your personal information for a purpose other than those above, we will seek your express consent.

Who has access to data?

We may share your personal data to those employees, agents, contractors and other third parties who have a business need to know such data. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.

We will not share your information with third parties for any reason other than those specified above.

How do we protect data?

We take the security of your data seriously. We have internal policies and controls in place to ensure that your data is not lost, accidentally destroyed, misused or disclosed, and is not accessed except by the relevant employees of the organisation in the proper performance of their duties.

Where we engage third parties to process personal data on our behalf, such parties do so on the basis of written instructions, are under a duty of confidentiality and are obliged to implement appropriate technical and organisational measures to ensure the security of data.

International data transfers

We will take all of the reasonably necessary steps to ensure that data is treated securely and in accordance with this policy and no transfer of personal data will take place to an organisation or a country unless there are adequate controls in place, including the security of data and other personal information

How long will you hold my data?

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting requirements or to establish, exercise or defend our legal rights.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

Your rights

You have a number of rights relating to the personal data we hold. You can:

  • – Request access to your personal data.
  • – Request correction of your personal data.
  • – Request erasure of your personal data.
  • – Object to processing of your personal data.
  • – Request restriction of processing your personal data.
  • – Request transfer of your personal data.
  • – Right to withdraw consent.

If you wish to exercise any of the rights set out above, please contact

Data Breaches and reporting

If we discover that there has been a breach of personal data that poses a risk to the rights and freedoms of individuals, we will report it to the Information Commissioner within 72 hours of discovery. We will record all data breaches regardless of their effect. If the breach is likely to result in a high risk to the rights and freedoms of individuals, we will tell affected individuals that there has been a breach and provide them with information about its likely consequences and the mitigation measures we have taken.

Further Information

Questions about this policy, or requests for further information, should be directed to or by post to Projects Office Limited, 18-22 Ashwin Street, London, E8 3DL.