Legal

Privacy Policy

How we collect, use, and protect your personal data at OfficeAdmin.

Last updated: 2 March 2026

Data Controller

The data controller for personal data processed through officeadmin.io is:

Mindroot Ltd
Company No. 16543299, registered in England and Wales
71-75 Shelton Street, London, England, WC2H 9JQ
ICO Registration: ZB958997

For data protection enquiries, contact us at team@officeadmin.io.

Information We Collect

We collect the following categories of personal data:

Account data ·name, email address, and authentication credentials when you create an account.
Usage data ·pages visited, features used, session duration, device type, browser, and IP address.
Payment data ·processed securely by Stripe. We store only the last four digits of your card, billing address, and transaction history. We never have access to your full card number.
Communication data ·messages you send us via email or in-app support.
Cookies & similar technologies ·see Section 10 for details.

Purposes of Processing

We process your personal data for the following purposes:

Service delivery ·providing, maintaining, and improving the OfficeAdmin platform.
Payments ·processing subscriptions and invoices via Stripe.
Communication ·responding to support requests, sending service updates, and notifying you of material changes.
Improvement ·understanding how the service is used to improve features and user experience.
Security ·detecting, preventing, and responding to fraud, abuse, and security incidents.
Legal compliance ·meeting our obligations under applicable law, including tax and accounting requirements.

Lawful Bases

We rely on the following lawful bases under the UK GDPR for processing your data:

Contract (Art 6(1)(b)) ·processing necessary to perform our contract with you, including providing the service and managing your account.
Legitimate interests (Art 6(1)(f)) ·improving our service, ensuring security, and preventing fraud, balanced against your rights and freedoms.
Consent (Art 6(1)(a)) ·where you opt in to optional features such as marketing emails. You may withdraw consent at any time.
Legal obligation (Art 6(1)(c)) ·where we are required to process data by law, such as tax reporting.

International Transfers

Some of our service providers may process data outside the United Kingdom. Where transfers occur, we ensure appropriate safeguards are in place, including:

Transfers to countries with UK adequacy regulations (including the EEA).
Standard Contractual Clauses (SCCs) and/or the International Data Transfer Agreement (IDTA) approved by the ICO.

Data Retention

We retain personal data only as long as necessary:

Account data ·retained while your account is active, plus 30 days after deletion to allow recovery.
Usage data ·retained for up to 26 months, then anonymised or deleted.
Payment records ·retained for 7 years to comply with UK tax and accounting obligations.

Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

Your Data Rights

Right of access ·obtain a copy of your data
Right to rectification ·correct inaccurate data
Right to erasure ·request deletion of your data
Right to restrict processing
Right to data portability ·receive data in a portable format
Right to object ·object to processing based on legitimate interests
Rights related to automated decision-making and profiling
Right to withdraw consent at any time

To exercise any of these rights, contact us at team@officeadmin.io. We will respond within 30 days. If we need to extend this period, we will notify you with reasons.

Right to Complain

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

We encourage you to contact us first at team@officeadmin.io so we can try to resolve your concern directly.

Cookies

We use the following types of cookies:

Strictly necessary cookies ·essential for the service to function (e.g. session authentication). These do not require consent.
Functional cookies ·remember your preferences such as theme and language settings.
Analytics cookies ·help us understand how the service is used. Under PECR and the Data Use and Access Act 2025 analytics exemption, certain first-party analytics cookies may be set without prior consent where they are used solely for statistical purposes.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect service functionality.

Children's Data

OfficeAdmin is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If you believe we have inadvertently collected data from a child, please contact us at team@officeadmin.io and we will promptly delete it.

Security

We implement appropriate technical and organisational measures to protect your personal data, including:

TLS encryption for all data in transit.
Encryption at rest for stored data.
Access controls ensuring only authorised personnel can access personal data.
Regular security reviews and monitoring.

No system is 100% secure. If you discover a security vulnerability, please report it to team@officeadmin.io.

Changes to This Policy

We may update this privacy policy from time to time. For material changes, we will notify you by email at least 30 days before the changes take effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.

We encourage you to review this page periodically for the latest information on our data practices.

Legal

Privacy Policy

How we collect, use, and protect your personal data at OfficeAdmin.

Last updated: 2 March 2026

Data Controller

The data controller for personal data processed through officeadmin.io is:

Mindroot Ltd
Company No. 16543299, registered in England and Wales
71-75 Shelton Street, London, England, WC2H 9JQ
ICO Registration: ZB958997

For data protection enquiries, contact us at team@officeadmin.io.

Information We Collect

We collect the following categories of personal data:

Account data ·name, email address, and authentication credentials when you create an account.
Usage data ·pages visited, features used, session duration, device type, browser, and IP address.
Payment data ·processed securely by Stripe. We store only the last four digits of your card, billing address, and transaction history. We never have access to your full card number.
Communication data ·messages you send us via email or in-app support.
Cookies & similar technologies ·see Section 10 for details.

Purposes of Processing

We process your personal data for the following purposes:

Service delivery ·providing, maintaining, and improving the OfficeAdmin platform.
Payments ·processing subscriptions and invoices via Stripe.
Communication ·responding to support requests, sending service updates, and notifying you of material changes.
Improvement ·understanding how the service is used to improve features and user experience.
Security ·detecting, preventing, and responding to fraud, abuse, and security incidents.
Legal compliance ·meeting our obligations under applicable law, including tax and accounting requirements.

Lawful Bases

We rely on the following lawful bases under the UK GDPR for processing your data:

Contract (Art 6(1)(b)) ·processing necessary to perform our contract with you, including providing the service and managing your account.
Legitimate interests (Art 6(1)(f)) ·improving our service, ensuring security, and preventing fraud, balanced against your rights and freedoms.
Consent (Art 6(1)(a)) ·where you opt in to optional features such as marketing emails. You may withdraw consent at any time.
Legal obligation (Art 6(1)(c)) ·where we are required to process data by law, such as tax reporting.

International Transfers

Some of our service providers may process data outside the United Kingdom. Where transfers occur, we ensure appropriate safeguards are in place, including:

Transfers to countries with UK adequacy regulations (including the EEA).
Standard Contractual Clauses (SCCs) and/or the International Data Transfer Agreement (IDTA) approved by the ICO.

Data Retention

We retain personal data only as long as necessary:

Account data ·retained while your account is active, plus 30 days after deletion to allow recovery.
Usage data ·retained for up to 26 months, then anonymised or deleted.
Payment records ·retained for 7 years to comply with UK tax and accounting obligations.

Your Rights

Under the UK GDPR, you have the following rights regarding your personal data:

Your Data Rights

Right of access ·obtain a copy of your data
Right to rectification ·correct inaccurate data
Right to erasure ·request deletion of your data
Right to restrict processing
Right to data portability ·receive data in a portable format
Right to object ·object to processing based on legitimate interests
Rights related to automated decision-making and profiling
Right to withdraw consent at any time

To exercise any of these rights, contact us at team@officeadmin.io. We will respond within 30 days. If we need to extend this period, we will notify you with reasons.

Right to Complain

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

Information Commissioner's Office
Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

We encourage you to contact us first at team@officeadmin.io so we can try to resolve your concern directly.

Cookies

We use the following types of cookies:

Strictly necessary cookies ·essential for the service to function (e.g. session authentication). These do not require consent.
Functional cookies ·remember your preferences such as theme and language settings.
Analytics cookies ·help us understand how the service is used. Under PECR and the Data Use and Access Act 2025 analytics exemption, certain first-party analytics cookies may be set without prior consent where they are used solely for statistical purposes.

You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect service functionality.

Children's Data

Security

We implement appropriate technical and organisational measures to protect your personal data, including:

TLS encryption for all data in transit.
Encryption at rest for stored data.
Access controls ensuring only authorised personnel can access personal data.
Regular security reviews and monitoring.

No system is 100% secure. If you discover a security vulnerability, please report it to team@officeadmin.io.

Changes to This Policy

We encourage you to review this page periodically for the latest information on our data practices.

Privacy Policy

Data Controller

Information We Collect

Purposes of Processing

Lawful Bases

Data Sharing

International Transfers

Data Retention

Your Rights

Right to Complain

Cookies

Children's Data

Security

Changes to This Policy

Privacy Policy

Data Controller

Information We Collect

Purposes of Processing

Lawful Bases

Data Sharing

International Transfers

Data Retention

Your Rights

Right to Complain

Cookies

Children's Data

Security

Changes to This Policy