1. Who we are

Cowork Studio is operated by Code Beef Ltd, a company registered in England.

Code Beef Ltd
142 Chorley New Road
Bolton, Greater Manchester
BL1 4NX

For any data protection queries, please contact us at [email protected].

2. What data we collect

We collect and process the following personal data:

Account information

• Email address
• Password (stored securely using one-way encryption)

Booking information

• Booking dates and times
• Record of terms acceptance
• Cancellation records

Payment information

• Payment amounts and status
• References to payment transactions

Card details and billing addresses are collected and processed by our payment provider, Stripe. We do not store your card details on our systems. Stripe’s privacy policy is available at stripe.com/gb/privacy.

WiFi authentication data

When you connect to our WiFi network, we collect:

• Device MAC address
• IP address
• Device type and browser information (user agent)
• Connection and disconnection times

Advertising and analytics data

We use the Meta (Facebook) Pixel on our website. This collects:

• Pages visited and actions taken on our website
• Browser and device information
• IP address (used by Meta to approximate location)
• Cookie identifiers and pixel-specific identifiers
• Referral source (how you arrived at our website)

This data is sent to Meta Platforms Ireland Ltd. Meta’s privacy policy is available at facebook.com/privacy/policy.

Technical data

• Session data (to keep you logged in)
• Error reports, which may include your IP address and email, sent to our error monitoring service (Sentry)
• Application logs sent to our log management service (Logtail)

3. How we use your data

• Managing your account and processing bookings — Contract (Art. 6(1)(b))
• Processing payments via Stripe — Contract (Art. 6(1)(b))
• Sending password reset emails — Contract (Art. 6(1)(b))
• WiFi network management and security — Legitimate interests (Art. 6(1)(f))
• Advertising measurement and audience building via the Meta Pixel — Consent (Art. 6(1)(a))
• Error monitoring and service reliability — Legitimate interests (Art. 6(1)(f))
• Keeping financial records for tax and accounting — Legal obligation (Art. 6(1)(c))

4. Who we share your data with

We share personal data with the following third parties, all of whom act as data processors on our behalf unless stated otherwise:

• Stripe — Payment processing
• Sentry — Error monitoring
• Logtail — Log management
• Meta Platforms Ireland Ltd — Advertising measurement and audience building

Stripe acts as an independent controller for fraud prevention. Meta acts as a joint controller with us for the collection of data via the Meta Pixel; once the data reaches Meta’s systems, Meta acts as an independent controller. We do not sell your personal data.

5. International transfers

Some of our third-party processors and controllers (Stripe, Sentry, Logtail, Meta) may transfer your data outside the UK. Where this happens, transfers are protected by appropriate safeguards, including Standard Contractual Clauses approved by the UK Information Commissioner’s Office (ICO) or the UK extension to the EU-US Data Privacy Framework.

6. How long we keep your data

• Account data — Until you request deletion
• Booking records — 6 years (tax obligations)
• Payment records — 6 years (tax obligations)
• WiFi authentication logs — 12 months
• Error reports and logs — 90 days

7. Your rights

Under UK GDPR, you have the right to:

• Access — Request a copy of the personal data we hold about you
• Rectification — Ask us to correct inaccurate data
• Erasure — Ask us to delete your data (subject to legal retention requirements)
• Restriction — Ask us to limit how we use your data
• Portability — Request your data in a machine-readable format
• Object — Object to processing based on legitimate interests

To exercise any of these rights, please email [email protected]. We will respond within one month.

8. Cookies

We use a session cookie to keep you logged in. This is strictly necessary for the service to function and does not require consent.

We also use cookies set by the Meta Pixel for advertising measurement and audience building. These cookies are placed only with your consent. You can withdraw consent at any time by adjusting your cookie preferences on our website or by contacting us at [email protected].

9. Security

We take appropriate technical and organisational measures to protect your personal data, including encrypted passwords, HTTPS encryption in transit, and filtered logging to prevent sensitive data appearing in application logs.

10. Complaints

If you are unhappy with how we handle your data, you have the right to complain to the Information Commissioner’s Office (ICO):

ico.org.uk/make-a-complaint
Telephone: 0303 123 1113

11. Changes to this policy

We may update this policy from time to time. Any changes will be posted on this page with an updated revision date.