Contact Us

Privacy Policy

We are committed to protecting the privacy and security of your personal data. This Privacy Policy explains how Enterprise Hub (“we”, “us”, “our”) may collect, use, store, and share personal data in connection with our website, enquiries, bookings, workspace services, and visits to our premises in the Kingdom of Saudi Arabia.

Depending on the context, Enterprise Hub may act as:

  • a controller(where we determine why and how personal data is processed), or
  • a processorin limited cases (where we process personal data on behalf of a client, for example, where a client provides visitor or employee details for access and guest management).

This Policy reflects Enterprise Hub’s operations in Saudi Arabia and is applied in line with applicable Saudi data protection requirements.

Last updated: [Insert Date]

1) The personal data we collect

We process personal data only to the extent necessary to deliver our services, operate our facilities, and meet legitimate operational and legal requirements.

1.1 Information you provide to us

You may provide personal data when you:

  • submit an enquiry through our website,
  • request information, pricing, availability, or a tour,
  • book meeting rooms or services (where applicable),
  • register interest in events or activations we organize (where applicable), or
  • become a client.

This may include:

  • Identity and contact information:name, email address, phone number
  • Business information:company name, job title/role
  • Service preferences:serviced offices, coworking/flexi desks, meeting rooms, virtual office services (and related requests)
  • Communications content:details included in your messages and correspondence
  • Billing details:invoicing information and payment references (where applicable)

Where relevant to service delivery, we may request additional details required for administrative or access purposes (for example, visitor information for reception and entry management).

1.2 Information collected through technology (website and digital channels)

When you interact with our website or digital platforms, we may automatically collect:

  • Device and technical data:IP address, browser type, device type, operating system, language settings
  • Usage data:pages viewed, time spent, clicks, referring pages, and general interaction patterns
  • Cookies and similar tools:used to support website functionality and understand usage (see Section 6)
1.3 Information collected when you visit our premises or use our facilities

To operate a secure, well-managed business environment, we may collect:

  • Visitor information:name, company, visit time/date, host details (as part of reception and guest management)
  • Booking details:meeting room reservations and service requests (time/date, room type, on-site support requirements)
  • Security monitoring data:CCTV footage in and around our premises where CCTV is in place, for security and incident management

 

2) What personal data is used for

We may use personal data for the following purposes:

2.1 Enquiries and relationship management
  • responding to enquiries and requests,
  • sharing proposals, availability, pricing, and service information,
  • arranging tours, visits, and follow-up discussions.
2.2 Service delivery and administration
  • onboarding and account administration,
  • providing workspace services (serviced offices, coworking/flexi desks, meeting rooms, virtual office services),
  • managing bookings, access coordination, and operational support,
  • invoicing, billing, and payment administration (where applicable).
2.3 Communications and marketing
  • sending service-related updates and communications,
  • sending marketing communications where permitted, and managing preferences/opt-outs where applicable.
2.4 Service improvement and business operations
  • improving our website, facilities, and service experience,
  • measuring demand for services and optimizing operations,
  • training and quality assurance (for example, internal review of service interactions).
2.5 Security and compliance
  • maintaining a safe environment for clients, guests, and staff,
  • preventing misuse, fraud, or unauthorized access,
  • complying with applicable legal obligations and responding to lawful requests.

 

3) What happens to personal data once it is collected (sharing)

We do not sell personal data. We may share personal data only where necessary, including:

  • within Enterprise Hub for service delivery and internal administration,
  • with our parent company (The Place) and/or affiliated entities where relevant for operational support,
  • with third-party service providers who support our operations (for example, IT systems, hosting, customer relationship tools, communications systems, security providers, and professional advisers), under appropriate confidentiality and security obligations,
  • with payment service providers to process transactions (where applicable),
  • with government authorities or regulators where required by law or lawful request,
  • in connection with a corporate transaction (such as a restructuring), where data may be transferred subject to appropriate safeguards.

We aim to share only the minimum personal data required for the purpose.

4) International transfers

Some of our service providers (for example, cloud or IT providers) may process data outside Saudi Arabia. Where cross-border transfers occur, we take steps intended to ensure an appropriate level of protection consistent with applicable Saudi requirements, including contractual and operational safeguards.

5) Security

We maintain reasonable technical and organizational security measures designed to protect personal data against unauthorized access, loss, misuse, alteration, or disclosure. Measures may include access controls, secure systems, and internal governance and training. No method of transmission or storage is completely secure, but we apply protections appropriate to the nature of the data and the purpose for which it is used.

6) Cookies and similar technologies

Our website may use cookies and similar technologies to:

  • support core website functionality,
  • remember preferences,
  • understand how visitors use our pages,
  • improve performance and user experience.

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

7) Minimizing risk

While we take precautions to protect personal data, cybersecurity risks cannot be fully eliminated. Please take care when sharing personal information and be cautious of unsolicited messages requesting sensitive details.

8) Retention

We retain personal data only as long as necessary for the purposes described in this Policy, including:

  • responding to enquiries and maintaining operational records,
  • delivering and administering services,
  • meeting legal, regulatory, tax, and accounting obligations,
  • resolving disputes and enforcing agreements.

Retention periods vary depending on the type of data and the purpose for which it is processed.

9) Your rights

Subject to applicable Saudi laws and requirements, you may have rights in relation to your personal data, which may include:

  • requesting access to personal data,
  • requesting correction of inaccurate or incomplete data,
  • requesting deletion in certain circumstances,
  • withdrawing consent where processing is based on consent,
  • objecting to or restricting certain processing where applicable.

We may request verification of identity before processing certain requests.

10) Updates to this Policy

We may update this Privacy Policy from time to time to reflect operational, legal, or regulatory changes. The “Last updated” date at the top will reflect the most recent version.