Privacy Policy

TempBase ("we", "us", "our") is a UK-based online marketplace that connects brands seeking short-term commercial space with verified property agents and brokers. Our platform is operated by [COMPANY NAME] (company number [COMPANY NUMBER]), registered in England and Wales.

We are the data controller for personal data collected through TempBase.co.uk. If you have any questions about how we handle your data, contact us at info@tempbase.co.uk.

We collect the following categories of personal data:

— Account data: your name, email address, and password (stored as a secure hash).

— Business data: your company name, company registration number, and branch or office details (for agent and broker accounts).

— Activity data: property listings you create or save, offers you submit or receive, negotiation messages, and contract records.

— Session data: cookies used to keep you logged in and maintain your session securely.

— Payment data: if you subscribe to a paid plan, payment is processed by Stripe. We do not store your card details — Stripe holds them under their own PCI-DSS compliant infrastructure. We retain a record of your subscription status and billing history.

— Verification data: information gathered as part of our Companies House and Anti-Money Laundering (AML) screening process, including your company registration number and the outcome of those checks.

We do not collect sensitive personal data (as defined under UK GDPR) unless it is volunteered by you in a message or document, in which case we treat it with the same care as all other data.

We use your personal data for the following purposes:

— To provide the platform: creating and managing your account, enabling property searches, offers, negotiations, and digital contracts.

— To verify your identity and business: running Companies House and AML checks as required by UK law for commercial property transactions.

— To process payments: passing billing data to Stripe to manage subscriptions and transactions.

— To communicate with you: sending verification emails, offer notifications, contract updates, and support responses.

— To comply with legal obligations: retaining records as required under the Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 and related legislation.

— To improve the platform: analysing usage patterns in aggregate to understand how the platform is being used and where it can be improved. This analysis does not involve identifying individual users.

We process your personal data on the following legal bases under UK GDPR:

— Contract performance: processing necessary to provide you with the services you have signed up for.

— Legal obligation: processing required to comply with AML regulations and other applicable UK law.

— Legitimate interests: processing for fraud prevention, platform security, and improving our services, where those interests are not overridden by your rights.

— Consent: where we ask for your agreement before processing, such as optional marketing communications (if and when introduced).

TempBase uses the following cookies:

— Session cookie: an httpOnly cookie used to maintain your authenticated session. This cookie is essential to the platform and cannot be disabled while you are logged in.

— Preference cookies: if you set display or language preferences, these may be stored in your browser.

We do not currently use third-party advertising or analytics cookies. If this changes, we will update this policy and ask for your consent where required.

You can manage cookies through your browser settings. Disabling the session cookie will prevent you from logging in.

We do not sell your personal data. We share it only with:

— Stripe: for payment processing. Stripe operates under its own privacy policy, available at stripe.com/gb/privacy.

— Companies House API: your company registration number is submitted for real-time verification. No personal data beyond the registration number is transmitted.

— AML screening providers: business and identity data is shared with our AML screening service to fulfil our legal obligations.

— Counterparties on the platform: when you engage in a negotiation or sign a contract, the other party can see your name, company details, and the agreed terms. This is inherent to the service.

— Law enforcement or regulators: where we are legally required to disclose data, we will do so.

We retain your data for as long as your account is active. If you close your account, we will delete or anonymise your personal data within 30 days, except where we are required to retain it by law.

AML and verification records are retained for a minimum of five years from the date of the relevant transaction, as required by the Money Laundering Regulations 2017.

Contract records are retained for six years following the end of the relevant agreement, in line with the Limitation Act 1980.

Under UK GDPR, you have the right to:

— Access the personal data we hold about you.

— Correct inaccurate or incomplete data.

— Request deletion of your data (subject to legal retention obligations).

— Restrict or object to certain types of processing.

— Receive a copy of your data in a portable format.

— Withdraw consent where processing is based on consent.

To exercise any of these rights, email us at info@tempbase.co.uk. We will respond within one calendar month. If you are unhappy with how we handle your request, you have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.

We take reasonable technical and organisational measures to protect your data against unauthorised access, loss, or disclosure. Passwords are hashed and never stored in plain text. Session tokens are stored in httpOnly cookies that are not accessible to JavaScript. Connections to TempBase.co.uk are encrypted over HTTPS.

No system is completely secure. If you believe your account has been compromised, contact us immediately at info@tempbase.co.uk.

We process your data within the UK. Some of our third-party providers (including Stripe) may process data in other countries. Where this occurs, we ensure that appropriate safeguards are in place in accordance with UK GDPR, including Standard Contractual Clauses or adequacy decisions.

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. If the changes are material, we will notify you by email or via a notice on the platform.

Continued use of TempBase after a policy update constitutes acceptance of the revised terms.

For any questions about this Privacy Policy or how we handle your data, contact us at info@tempbase.co.uk.