Privacy Policy

Mindspace Privacy and Data Protection Policy and Notice

Last Updated: May 21, 2023

Mindspace Ltd (including its wholly and partially owned subsidiaries) (“Mindspace”, “we”, “our” or the “Company“, and their cognates) respects the privacy of its customers, employees, candidates, members and followers, and is committed to protecting the personal information that its Users (as defined below) share with it. We are transparent about our practices regarding the information we may collect and use when you use our services, apply for a position, are employed by us, visit our office sites, visit our websites or otherwise engage with us, and describe our practices in this policy and notice.

Mindspace provides open work spaces, private offices and related office services at its facility locations (the “Services”).

A user of the Services may be either an organization administrator, for example an employer, contracting Mindspace for use of the Services, or members, such as employees and other individuals using the Services (each, a “Customer“). Customers, site and website visitors, member application users and any others with respect to whom we collect personal data, shall collectively be referred to as “Users” or “you” or “Data Subjects”).

This privacy policy and notice (the “Privacy Policy“) explains the types of information we may collect from Users or that Users may provide when using the Services, and which may likewise be collected from site visitors, mobile application (app) users, website visitors, employment candidates and others. This Policy also describes Mindspace’s practices for collecting, using, maintaining, and processing information, including through the Mindspace Website and the members app.

Users who wish to use the Services may be asked to provide Mindspace, either directly or through their company administrator, with certain information including Personal Data and sensitive information as further detailed in this Privacy Policy. Mindspace’s use of this data in connection with the Services will be undertaken in accordance with this Privacy Policy.

Please read the following carefully to understand our practices regarding your personal data and how we will treat it.

For the purposes of European Economic Area data protection law and other applicable data protection laws (the “Data Protection Laws“), Mindspace will usually be a data controller (the “Controller“).


Categories of information and data we may collect from our Users.

Data we collect about you from your use of the Service

One type of Data is non-identifiable and anonymous information (“Non-personal Information”). We also collect several categories of personal data (“Personal Data”). Personal Data which is being gathered consists of any details which are personally identifiable provided consciously and voluntarily by a Customer, the Customer’s administrator or through your use of the Mindspace application and website (as described below). This may include your name (first and last), email address, phone numbers, picture, postal address, birthdate, gender, position and organization name, your bank account, credit card and other such payment and billing details, billing address, your Mindspace application account username and password and usage details, and other information User may choose to provide to Mindspace.

Additionally, we may obtain location data related to the geographic location of your laptop, mobile device or other digital device on which the Mindspace website or application is used.

If you are visiting a User at one of our facility locations, we may ask you for your name, email address, phone number and the name and position of the person you are visiting. We use this information to facilitate our legitimate interest of providing reception services to Users and in order to let the User know that you are on your way to them, as well as to ensure the safety and security of our Users and premises.

You do not have any legal obligation to provide any information to Mindspace however, we require certain information in order to provide the Services. If you choose not to provide us with certain information, we may not be able to provide you with some or all of the Services.

Mindspace may also collect the email addresses of people who communicate with Mindspace via email or via messenger services or other social media platform or create accounts and login credentials.

By registering on Mindspace’s general website, Mindspace will collect your name, company name, phone number and company email you provided. Mindspace may use this information to offer Mindspace’s services and support.

Similarly, if you call our helpline/telephone number to inquire about services, for your convenience, we will record your number so that we can call you back if you are unable to connect to an operator at that time. To assist us in connecting you with the most appropriate staff member, we may also record any options selected on the automated system to better inform us of your interests.

Mindspace also collects Personal Data through the use of CCTV cameras and members’ site access cards. This may consist of video images of you in the public spaces at Mindspace offices, as well as records of your entrances and exits of the Mindspace buildings and office floors.

Mindspace may not be aware of the nature of the information collected through the Services (for example, through CCTV), and such information may include sensitive or special categories of Personal Data, but we do not knowingly collect such data about our Users, members, site visitors etc.

Mindspace also collects data relating to employees. This is governed by a specific notice we have made available to our employees.

Mindspace also collects data relating to employment candidates. This includes CVs and the data contained therein, notes on meetings, standardized tests, reports, references, interviewer impressions and such industry standard data, as well as collecting data made publicly available or available to us on social networks. We collect such data based on the intention of the candidate to enter into an employment agreement with Mindspace.

We collect your personal data on the basis that it is necessary for the performance of a contract with our Customers or employees or in order to take steps at the request of our Customers or prospective employees prior to entering into a contract. We also collect this data in accordance with our legitimate interests to offer and market our Services.


We collect Personal Data through your use of our Website and Application. In other words, when you are using the website or application, we are aware of it and may gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below. This may include technical information and behavioral information such as the User’s Internet protocol (IP) address used to connect your computer to the Internet, your uniform resource locators (URL), hardware model, operating system, type of browser, browser plug-in types and versions, screen resolution, Flash version, time zone setting, the User’s ‘click-stream’ on the website, the period of time the User visited the website, methods used to browse away from a page, and any phone number used to call our customer service number. We likewise may place cookies on your browsing devices (see section ‘Cookies’ below).

We collect Personal Data required to provide the Services when you or your administrator register and open an account. In addition, we collect your Personal Data, when you provide us such information by entering it manually or via a Customer, whether through our application, in site visits, in the course of preparing a contract, or otherwise in engaging with us. We also collect Personal Data entered voluntarily by a Customer administrator, and it is the responsibility of every Customer administrator to ensure that they are entitled to provide such personal data to us for use in line with this Privacy Policy.

We also collect Personal Data through our CCTV recordings and through our card reader software, which automatically collect information about your presence in the Mindspace facilities.


We will use Personal Data to provide and improve the Services and meet our contractual, ethical and legal obligations, including for example:

Processing which is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract (GDPR Article 6(1)(b)):

Processing which is necessary for compliance with a legal obligation to which Mindspace is subject (GDPR Article 6(1)(c)):

Processing is necessary for the purposes of the legitimate interests pursued by Mindspace or by a third party (GDPR Article 6(1)(f)) of providing and promoting an efficient and wide-ranging service to customers:

Personal Data which you provide us may be combined with personal data which your employer, a Mindspace customer, provides us, or which may be provided by other sources, all of which will be used for the purposes set out above.


We may transfer Personal Data to:

Members of our Group: This includes any member of our group, which means our subsidiaries – whether wholly or partially owned by Mindspace, in the EU, in Israel, in the US and elsewhere, as well as our joint-venture partners who support our processing of personal data under this policy.

Third Parties. We transfer personal data to third parties in a variety of circumstances. We endeavor to ensure that these third parties use your information only to the extent necessary to perform their functions, and to have a contract in place with them to govern their processing on our behalf. These third parties may include business partners, suppliers, affiliates, agents, sub-contractors and/or other users for the performance of any contract we enter into with you. They may assist us in providing the Services we offer, processing transactions, fulfilling requests for information, receiving and sending communications, analysing data, providing IT and other support services or in other tasks, from time to time. These third parties may also include analytics and search engine providers that assist us in the improvement and optimization of our website, our application, and our marketing. Additionally, personal data may be made available be to other users of the application for the purposes of connecting users, and facilitating and improving the performance and use of both the Services and the application. The amount and type of personal data made available to other users can be limited by you at any time.

Some customers of Mindspace require for their data security and management to know the identity of anyone who accesses their office space, for example, the identity of vendors (such as delivery services, catering, IT support, contractors, cleaning etc.) and their staff who are on site. For customers of ours who reasonably require it, we will transfer the names of any of staff, visitors, vendors, etc. who have access to their office space.

We periodically add and remove third party providers. At present our third-party providers to whom we may transfer personal data include also the following:

In addition, we may disclose your personal data to third parties: if all or substantially all of our assets are acquired by a third party including by way of a merger, share acquisition, asset purchase or any similar transaction, in which case personal data held by it about its customers will be one of the transferred assets. Likewise, we may transfer personal data to third parties if we are under a duty to disclose or share your personal data in order to comply with any legal or audit or compliance obligation, in the course of any legal or regulatory proceeding or investigation, or in order to enforce or apply our terms of supply terms and other agreements with you; or to protect the rights, property, or safety of Mindspace, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction and to prevent cybercrime.

For avoidance of doubt, Mindspace may transfer and disclose non-personal data to third parties at its own discretion.


We may keep Personal Data in a database which will be owned or controlled by the Controller. We currently store data on servers controlled by Mindspace, in Israel, and in cloud servers dedicated to Mindspace, such as on Amazon Web Services servers in Germany and other AWS servers.

This Data will be retained according to the Mindspace data retention policy. Log data collected through use of the Mindspace website and application (such as actions and date and time of your actions) will be retained as necessary. Analytics data (such as device and connection information) will be collected on Google analytics.


Personal Data may be transferred to, and stored and used at, a destination outside the European Economic Area (EEA) that may not be subject to equivalent Data protection laws to those of the EU. Where your Data is transferred outside of the EEA, we will take all steps reasonably necessary to ensure that your Data is subject to appropriate safeguards, and that it is treated securely and in accordance with this privacy policy. Mindspace transfers data from its various locations and jurisdictions to other jurisdictions as follows:

We may transfer your personal data outside of the EEA, in order to:


Mindspace will retain personal data it processes only for as long as required in our view, to provide the Service and as necessary to comply with our legal obligations, to resolve disputes and to enforce agreements. We will also retain personal data to meet any audit, compliance and business best-practices.

Data that is no longer retained may be anonymized or deleted. Likewise, some metadata and statistical information concerning the use of the Service are not subject to the deletion procedures in this policy and may be retained by Mindspace. We will not be able to identify you from this data. Some data may also be retained on our third-party service providers’ servers until deleted in accordance with their privacy policy and their retention policy.


When you access or use the services, or Mindspace’s application or website, Mindspace may use industry standard technologies such as Cookies, pixels and similar technologies, which store certain information on your computer or browsing device and which will allow us to identify the computer or device with the user, and to enable automatic activation of certain features, and make your Service experience much more convenient and effortless. We use different types of Cookies: some cookies are strictly necessary, they are required for the operation of our Site and under our terms with you; this includes for example, cookies that enable you to log into secure areas of our Service. We also use analytical and performance monitoring cookies, which allow us to recognize and count the number of visitors and to see how visitors move around our website when they are using it. Finally, we use functionality cookies which are used to recognize you when you return to our Site. This enables us, subject to personalize content to your preferences, including for example, your choice of language or region.

Different cookies are kept for different periods. Session cookies are used to keep track of your activities online in a given browsing session; these cookies generally expire when the browser is closed but may be retained for a period on your device. Permanent cookies remain in operation even when you have closed the browser; they are used to remember your login details and password. Third-party cookies are installed by third parties with the aim of collecting certain information to research behavior, demographics. Third party cookies on our site include, for example, Google Analytics. Likewise, pixels from Facebook and others enable integration of third-party service providers (e.g. Facebook, Twitter) on our site. Third party cookies will be retained according to the terms of those third parties, and you can control those cookies in your browser settings.

We use Cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests of improving, optimizing and personalizing our services, and these are not overridden by your rights. For more information please review our Cookie Policy.


We take a great care in implementing, enforcing and maintaining the security of the personal data we process. Mindspace implements, enforces and maintains security measures, technologies and policies to prevent the unauthorized or accidental access to or destruction, loss, modification, use or disclosure of personal data. We likewise take steps to monitor compliance of such policies on an ongoing basis. Where we deem it necessary in light of the nature of the data in question and the risks to data subjects, we may encrypt data. Likewise, we take industry standard steps to ensure our website and application are safe.

Note however, that no data security measures are perfect or impenetrable, and we cannot guarantee that unauthorized access, leaks, viruses and other data security breaches will never occur.

Within Mindspace, we limit access to personal data to those of our personnel who: (i) require access in order for Mindspace to fulfil its obligations under this Privacy Policy and its agreements and (ii) have been appropriately and periodically trained on the requirements applicable to the processing, care and handling of the Personal Data (iii) are under confidentiality obligations as required under applicable law. Mindspace takes steps to ensure that its staff who have access to personal data are honest, reliable, competent and trained.

Mindspace shall act in accordance with its policies to promptly notify the relevant authorities and data subjects in the event that any personal data processed by Mindspace is lost, stolen, or where there has been any unauthorized access to it, all in accordance with applicable law and on the instructions of qualified authority. Mindspace shall promptly take reasonable remedial measures.


Data subjects have rights under Data Protection Laws (such as GDPR and other local laws), including, in different circumstances, rights to data portability, rights to access data, rectify data, object to processing, and erase data. It is clarified for the removal of doubt, that where personal data is provided by a customer being the data subject’s employer, such data subject rights will have to be effected through that customer. In addition, data subject rights cannot be exercised in a manner inconsistent with the rights of Mindspace employees and staff, with Mindspace proprietary rights, and third party rights. As such, job references, reviews, internal notes and assessments, documents and notes including proprietary information or forms of intellectual property, cannot be accessed or erased or rectified. In addition, these rights may not be exercisable where they relate to data that is not in a structured form, for example emails, or where other exemptions apply. If processing occurs based on consent, data subjects may have a right to withdraw their consent.

If, for any reason, a data subject wishes to modify, delete or retrieve their Personal Data, they may do so by contacting Mindspace ([email protected]). Note that Mindspace may have to undertake a process to identify a data subject exercising their rights. Mindspace may keep details of such rights exercised for its own compliance and audit requirements. Please note that Personal Data may be either deleted or retained in an aggregated manner without being linked to any identifiers or Personal Data, depending on technical commercial capability. Such information may continue to be used by Mindspace.

Data subjects have the rights to lodge a complaint, principally with the Romanian National Supervisory Authority for Personal Data Processing ([email protected]). If the supervisory authority fails to deal with a complaint or inform you within the time frame set under applicable law, you may have the right to an effective judicial remedy.


Mindspace aims to process only adequate, accurate and relevant data limited to the needs and purposes for which it is gathered. It also aims to store data for the time period necessary to fulfill the purpose for which the data is gathered. Mindspace only collects data in connection with a specific legitimate purpose and only processes data in accordance with this Privacy Policy.

Minors. We do not knowingly collect or solicit information or data from children under the age of 16 or knowingly allow children under the age of 16 to register for Mindspace services. If you are under 16, do not register or attempt to register for any of the Mindspace Service or send any information about yourself to us. If we learn that we have collected or have been sent Personal Data or from a child under the age of 16, we will delete that Personal Data as soon as reasonably practicable without any liability to Mindspace. If you believe that we might have collected or been sent information from a minor under the age of 16, please contact us at: [email protected], as soon as possible.

Changes to this Privacy Policy. The terms of this Privacy Policy will govern the use of the services, websites and application, and any information collected in connection with them. Mindspace may amend or update this Privacy Policy from time to time. The most current version of this Privacy Policy will be available at: We will endeavor to provide notice of material changes to this policy on the homepage of the website or by other means. Material changes will take effect seven (7) days after such notice was provided. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date and your continued use of Services will constitute your active acceptance of, and agreement to be bound by, the changes to the Privacy Policy.

If you have any questions or comments concerning this Privacy Policy, you are welcome to send us an email or otherwise contact us at [email protected] and we will make an effort to reply within a reasonable timeframe.

Relevant contact details:

Mindspace headquarters in Israel is the Data Controller for the Personal Data that is processed through this website and as part of the Mindspace Group marketing campaigns.

Mindspace Ltd.

45 Rothschild Blvd., Tel Aviv, Israel, 6578403, Israel

Company No. 51-497793-3

[email protected]

The EU representative for the Mindspace Group is Mindspace’s Romanian subsidiary:

Mindspace Co-Working SRL

Company No. J40/9933/12.07.2018, sole registration number 39611565

Bucharest, at 15-17 Ion Mihalache Blv., 1th floor, 1st district, Romania

+40 720021738

[email protected]

When booking one of the Services in one of our EU locations, the Controller of your personal data will be the Mindspace office at that location:

In Romania:

Mindspace Co-Working SRL

Company No. J40/9933/12.07.2018, sole registration number 39611565

Bucharest, at 15-17 Ion Mihalache Blv., 1th floor, 1st district, Romania

+40 720021738

[email protected]

In the Netherlands:

Mindspace Benelux B.V.

CCI No. 63311186

Nieuwezijds Voorburgwal 296-298 1012 RT Amsterdam, the Netherlands

+31 202251031

[email protected]

In Poland:

Mindspace Poland SA

KRS No. 0000629705, NIP 70105999976, REGON 365053022

Ul. Koszykowa 61, 00-667, Warsaw, Poland

[email protected]

In the UK:

Mindspace London Limited

Company No. 10641107

The Relay Building, 114 Whitechapel High St, London E1 7PT, United Kingdom

[email protected]

In Germany:

Mindspace Germany GMBH

Company No. 2702434382

Wittestrase 30 haus F13509 Berlin, Germany

Write to Us

A gif of a cat toy

talk soon!

The Mindspace team