Privacy Policy
Last updated: 11 June 2026
Meet Me At Work (the “Service”) is a meeting room booking system operated by Puresoft Ltd, a company registered in Northern Ireland (company number NI051340) with its registered office at 27 Enterprise House, 6 Enterprise Crescent, Lisburn, BT28 2BP, United Kingdom. Puresoft Ltd is the data controller for the personal data described in this policy for the purposes of the UK General Data Protection Regulation and the Data Protection Act 2018. This policy explains what personal data we collect, why we collect it, how we use it, and the choices you have. If you have questions, email support@meetmeat.work.
The short version
- We collect the minimum we need to make bookings work: email address, the bookings you make, and a device push-notification token if you install our mobile app.
- We don’t sell your data, share it with advertisers, or use it for advertising profiling.
- We don’t use third-party analytics or tracking SDKs.
- You can delete your account and your organisation’s data at any time from the customer portal.
- Card payments are handled by a third-party payment provider; we don’t see or store card numbers.
What we collect, and why
| Data | Why | Retention |
|---|---|---|
| Email address | Magic-link sign-in, booking confirmations, attendee invitations, and admin notifications. | For the life of your account; deleted within 90 days of account closure. |
| Bookings (room, time, title, description, attendee emails, recurrence rule) | Running the calendar, sending iCal attachments, conflict resolution. | For the life of the booking. Past bookings retained for 12 months for usage statistics, then deleted. |
| Organisation details (name, address, billing email, currency) | Generating invoices and processing payments. | Retained for 7 years to satisfy UK / EU bookkeeping obligations. |
| Device push-notification token (mobile app only) | Sending booking confirmation, update, cancellation, and start-time reminder pushes. | Until you sign out of the app or revoke the device. We delete tokens that the platform reports as expired. |
| Camera (mobile app only) | Used solely to scan QR codes on meeting room signs. We never read or upload images, and the camera is only active when the user opens the Scan screen. | Not stored. |
| IP address and basic request logs | Abuse prevention, debugging, and rate-limiting. | 30 days. |
| Payment-provider customer and subscription identifiers (paid customers only) | Recurring billing, refunds, payment-failure recovery. | Retained per UK / EU bookkeeping obligations; can be deleted on closure of the account, subject to those obligations. |
Where the data is stored
Your data is processed and stored within the European Union (EU), using established third-party service providers under appropriate data-protection terms.
Card payments are handled by a third-party payment provider; we don’t see or store card numbers. We share your email and organisation details with that provider only so it can process your payments and send you receipts and statements.
What we don’t do
- We don’t use any third-party analytics or tracking services.
- We don’t use advertising identifiers or run ad-targeting cookies.
- We don’t share your data with data brokers or third-party marketing platforms.
Push notifications
The mobile app uses your device platform’s standard push-notification service to deliver booking notifications. The push payloads contain only the data needed to render the notification — typically a room name, start time, and a deep link. The platform handles delivery and does not see your booking detail beyond what we put in the payload.
You can disable notifications system-wide in your device settings, or selectively in the app’s Account screen. Revoking your device from the app immediately deletes its push token from our database.
Outlook add-in & Microsoft 365 integration
Meet Me At Work offers an optional Microsoft Outlook add-in, “Book a Meeting Room”, that lets you browse room availability and add a room to a meeting while you compose it in Outlook. The add-in is published by Puresoft Ltd and is covered by this same policy.
How you sign in
The add-in signs you in by sending a one-time magic link to your own mailbox — possession of the mailbox is the proof of identity. There is no separate account to create, and we never receive your Outlook or Microsoft password.
What the add-in accesses
- The meeting you’re composing. The add-in sets the room as the location and aligns the start and end time on the meeting you currently have open. It cannot read your other messages or mailbox content.
- Your own calendar (optional, off by default). If your organisation’s administrator switches on the Microsoft 365 integration, the add-in is given access to your own calendar so it can keep your room bookings in step with the meetings you create — for example, freeing a room when you delete its meeting. This access is limited to your own account and is never used to read other people’s calendars or your mailbox content.
Keeping this access secure
Any access we hold to provide the optional calendar integration is secured with encryption, is limited to your own account, and is used only to manage the room bookings you made through Meet Me At Work. You can withdraw your consent at any time, which immediately revokes that access, and the integration stays off until an administrator turns it on. We never receive or store your Microsoft password.
What we receive
When you make a booking through the add-in, we receive your email address (verified by the magic link) and the booking details — room, date and time, and any title or attendee emails you choose to include. This is the same booking data described in the table above, handled the same way. We do not receive your wider calendar, your contacts, or your message content.
Trust and visibility
The rooms you can see and book are limited to the organisations that recognise your email address — via the organisation’s trusted email domains or invited-user list, configured by that organisation’s administrator in the Meet Me At Work portal.
Cookies
The web Service uses one cookie: a session cookie (__session) that keeps you signed in. It expires after 7 days of inactivity. We don’t use tracking, advertising, or analytics cookies.
Your rights
If you live in the United Kingdom, the European Union, or any jurisdiction with comparable data-protection law, you have the right to:
- Ask what personal data we hold about you.
- Have inaccurate data corrected.
- Have your data deleted (the “right to be forgotten”) — this is built into the customer portal as “Delete my organisation”.
- Export a copy of your data in a portable format (email support@meetmeat.work).
- Object to processing or restrict it.
- Lodge a complaint with the UK Information Commissioner’s Office (ico.org.uk) or your national supervisory authority.
Children
The Service is intended for use by adults in a workplace context. We do not knowingly collect data from children under 13.
Data breaches
If we discover a personal data breach that is likely to result in risk to your rights and freedoms, we will notify you and the relevant supervisory authority within 72 hours of becoming aware of it, as required by UK GDPR Article 33.
Changes to this policy
If we change this policy in a way that affects your rights, we’ll notify users by email at least 30 days before the change takes effect. Minor wording or clarifications are made silently — check this page’s “Last updated” date to see when it was last revised.
Questions, requests, or complaints about your data:
support@meetmeat.work
Puresoft Ltd
27 Enterprise House, 6 Enterprise Crescent
Lisburn, BT28 2BP
United Kingdom
Company number NI051340