arrow-down arrow-right projects-caring facebook projects-learning linkedin projects-living pinterest projects-public-realm twitter projects-working urban-design communities sketchbook close menu youtube muted email email solid instagram
Outerspace UKOuterspace UK OOuterspace UK

Privacy Policy


Outerspace (Urban Design) Ltd is committed to protecting your privacy

This policy sets out the basis on which many personal data we collect from you, or that you provide to us, will be processed by us. The following sets out how we define and identify data and its use.

GDPR (General Data Protection Regulation) provides additional protection for individuals and their data, providing greater transparency and control over where their data is saved and used.  The following sets out the basis for processing personal data for our type of business and how long we will hold that information for.

Outerspace (Urban Design) is the data controller.


The purpose of processing your personal data:

Outerspace (Urban Design) Limited use your personal data to:

  1. Maintaining contact and communication with you during the course of a project, potential project, or new project
  2. To maintain our own records and accounts
  3. To inform you of news, events and activities
  4. To purchase goods, materials and services from you


Data Protection Principles

In relation to your personal data, we will:

  1. Process it fairly, lawfully and in a clear, transparent way
  2. Collect your data only for reasons we find proper for the course of your employment in ways that have been explained to you
  3. Only use it in the way we have told you about
  4. Ensure it is correct and up to date
  5. Keep your data for only as long as we need it
  6. Process it in a way that ensures it will not be used for anything that you are not aware of or have consented to (as appropriate), lost or destroyed.


The categories of personal data concerned

  1. Your personal data may include your names, address, e-mail, phone number, financial data for payments such as VAT registration and bank details


Collection of data

  1. We collect data about you usually when we enter into project/ contract negotiations where we will collect data from your directly


Sharing Your data

Your data will be shared with colleagues within Outerspace (Urban Design) Limited where it is necessary for them to undertake their duties. This includes;

  1. Landscape Architects to handle your project requirements and attend project meetings/ design team reviews
  2. Operational staff to communicate with you with regards technical aspects of the contract
  3. Finance staff to contracts, invoicing and payment queries
  4. Management to handle client reviews
  5. Sales & Marketing to issue information about the industry, events and other Outerspace services

We do not share your data with bodies outside of the European Economic Area.


Protecting Your Data

We are aware of the requirement to ensure your data is protected against accidental loss or disclosure, destruction and abuse. We have implemented the following processes to ensure:

  1. We have prevented unauthorised access to its processing systems
  2. Our employees only have access to personal data specific to their job role
  3. Personal data cannot be copied, modified or removed without authorisation during processing or transmission
  4. Security measures implemented protect personal data against Accidental or unauthorised destruction or loss, alteration, disclosure or access
  5. We will notify the Customer of any notifiable breach without undue delay and at the latest within 72 hours of it becoming aware of the breach.
  6. Personal data is kept within the our IT systems, with limited information in hardcopy format. All soft copy personal data is held in systems that are access controlled.

The Outerspace (Urban Design) Servers have the following security features;

  1. Firewall protection
  2. All drives are password protected
  3. Backup tapes are encrypted

The Outerspace (Urban Design) Limited email system has the following security features;

  1. Symantec email spam filter is used to block viruses
  2. Data securely held in the cloud


How long do we keep your personal data?

We keep your personal data for no longer than reasonably necessary but this may be for a period of seven years beyond the end of the contract with you.

Cases of any legal claims/complaints, accounting etc. we must keep records for six years from the end of the last company financial year they relate to.

For contracts under seal details need to be kept for 12 years for legal purposes.


Providing us with your personal data

You are under no statutory or contractual requirement or obligation to provide us with your personal data, but failure to do so will have the following consequences:

  1. Reduce or prevent communication with you during the contract
  2. Delay or prevent payment for goods and services.


Your rights and your personal data

Unless subject to an exemption under the GDPR, you have the following rights with respect to your personal data:

  1. The right to request a copy of the personal data which we hold about you;
  2. The right to request that we correct any personal data if it is found to be inaccurate or out of date;
  3. The right to request your personal data is erased where it is no longer necessary to retain such data;
  4. The right to withdraw your consent to the processing at any time, WHERE CONSENT WAS YOUR LAWFUL BASIS FOR PROCESSING THE DATA
  5. The right to request that we provide you with your personal data and where possible, to transmit that data directly to another data controller (known as the right to data portability), (where applicable, i.e. where the processing is based on consent or is necessary for the performance of a contract with the data subject and where the data controller processes the data by automated means);
  6. The right, where there is a dispute in relation to the accuracy or processing of your personal data, to request a restriction is placed on further processing;
  7. The right to object to the processing of personal data, (where applicable i.e. where processing is based on legitimate interests (or the performance of a task in the public interest/exercise of official authority); direct marketing and processing for the purposes of scientific/historical research and statistics).


Transfer of Data Abroad

We do not generally transfer personal data outside the EEA, unless on a project by project basis the client or main supplier is a company based outside the EEA, in which case project team contact details may be shared with them for communication purposes only.


Automated Decision Making



Further processing

If we wish to use your personal data for a new purpose, not covered by this Data Privacy Notice, then we will provide you with a new notice explaining this new use prior to commencing the processing and setting out the relevant purposes and processing conditions.


Changes to our privacy policy

Any changes we may make to our Privacy Policy in the future will be posted on our website and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our privacy policy.


How to make a complaint

To exercise all relevant rights, queries or complaints please in the first instance contact the data processor who is the Practice Manager, Kate Kershaw on 0208 973 0070 email

If this does not resolve your complaint to your satisfaction, you have the right to lodge a complaint with the Information Commissioners Office on 03031231113 or via email or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.



Version Date: August 2019

Revision Date: August 2021