DATA SECURITY POLICY

1. Purpose

Link Spaces is committed to protecting the confidentiality, integrity, and availability of client data. This Data Security Policy outlines the measures we take to safeguard personal and business information across all our services, including private offices, coworking, meeting rooms, and virtual office solutions.

2. Scope

This policy applies to:

All Link Spaces clients
All Link Spaces employees and contractors
All systems, facilities, and processes used to deliver our services

It covers both digital and physical data, including mail items handled on behalf of clients.

3. Types of Data We Protect

Depending on the service used, Link Spaces may handle:

Client contact and account information
Identification documents (where required for compliance)
Postal mail and packages (physical and digital scans)
Billing and payment-related information
CCTV footage and access logs within our facilities
IT and Wi-Fi access credentials

We only collect and process data necessary to provide our services.

4. Access Control & Confidentiality

Client data is accessible only to authorised staff who require it to perform their role
Staff access is role-based and reviewed periodically
Confidentiality obligations apply to all employees and contractors
All staff receive guidance on secure data handling procedures

5. Mail Handling & Virtual Office Security

For clients using virtual office or mailbox services:

Mail is received, logged, and stored securely
Physical mail is kept in restricted-access areas
Mail scanning is conducted on secure systems
Forwarding is completed only according to documented client instructions
No mail is opened without explicit authorisation from the client

6. IT & Digital Security

Link Spaces implements appropriate technical safeguards, including:

Secure passwords and authentication controls
Encrypted systems where appropriate
Secure business-grade Wi-Fi networks
Regular software updates and system maintenance
Controlled use of company devices

Client data is not stored on personal devices.

7. Physical Security

Our facilities are designed with security in mind:

Controlled access to offices and common areas
Secure storage for mail and sensitive documents
CCTV in communal and access-controlled areas
Visitor management procedures

8. Third-Party Service Providers

Where third-party providers are used (e.g. mail forwarding, IT services, payment processors):

Providers are selected based on security and reliability standards
Data is shared strictly on a need-to-know basis
Providers are required to follow appropriate data protection practices

9. Data Retention

Client data is retained only for as long as necessary to deliver services or meet legal obligations
Mail items are retained in line with client instructions and service terms
Data is securely deleted or destroyed when no longer required

10. Incident Management

In the event of a suspected data security incident:

Immediate steps are taken to contain and assess the issue
Clients will be notified where required by law or where their data may be affected
Incidents are documented and reviewed to prevent recurrence

11. Compliance

Link Spaces complies with applicable UK data protection laws, including:

UK GDPR
Data Protection Act 2018

Our approach to data security aligns with recognised best practices and principles such as ISO 27001, proportionate to the nature of our services.

12. Client Responsibilities

Clients are responsible for:

Keeping their account credentials secure
Informing Link Spaces promptly of any changes to authorised users
Using Link Spaces facilities and networks responsibly

13. Policy Review

This policy is reviewed regularly and updated as necessary to reflect changes in operations, technology, or regulatory requirements.

14. Contact Us

If you have any questions regarding this Data Security Policy or how your data is handled, please contact:

Email: hello@linkspaces.co.uk
Website: https://linkspaces.co.uk