A Cookie Policy is a formal legal notice that outlines how a website utilises small text files, known as cookies, and similar tracking technologies to collect data from a user’s device. For a regulated entity such as My Office Address Limited, this policy serves as a critical transparency tool. Cookies are not merely technical components; they are data processing tools that can impact your privacy and digital security. This policy identifies which cookies are strictly necessary for the technical operation of our registered office and mail handling services and which are used for secondary purposes such as performance analysis or preference memory. By providing this detailed breakdown, we ensure that you are fully informed and empowered to manage your digital footprint while interacting with our professional platform.
Under the current United Kingdom legal framework, specifically the 2026 revisions to the UK GDPR, a Cookie Policy must be clear, comprehensive, and easily accessible. It must bridge the gap between complex web architecture and user understanding. This document explains the distinction between first-party cookies, which we set ourselves to manage your account and security, and third-party cookies, which are deployed by our essential service partners such as Stripe for financial transactions and Veriff for biometric identity verification. This policy ensures that our use of these technologies is not opaque, but rather a well-documented part of our commitment to maintaining a secure and regulator-compliant business environment for our clients.
At My Office Address Limited, transparency is not an optional feature but a foundational principle of our professional conduct. As a Trust or Company Service Provider (TCSP) supervised by HM Revenue & Customs (HMRC), we handle sensitive corporate data and private correspondence daily. We believe that this responsibility extends to how we manage your data in the digital space. Our commitment to transparency means that we do not hide tracking pixels in the background of our website, nor do we use dark patterns to trick you into consenting to non-essential cookies. We maintain a privacy by default stance, ensuring that any tracker not strictly required for security or core functionality is disabled until you proactively choose to enable it via our consent management interface.
Our commitment also involves regular cookie audits. As web technologies evolve and our service integrations with partners like Google APIs or payment gateways change, we manually review our tracking ecosystem to ensure that our documentation remains accurate and up to date. We aim to provide you with the granular control required by the Information Commissioner’s Office (ICO), allowing you to accept functional cookies that improve your user experience while rejecting analytical cookies that you may find intrusive. By being forthright about our use of tracking technologies, we reinforce the trust that is essential for a long-term professional relationship between a business address provider and its corporate clients.
While this Cookie Policy focuses specifically on the technical trackers deployed on your browser, it does not exist in a vacuum; it is a vital sub-component of our broader Privacy Policy. The Privacy Policy provides the macro view of how we handle your personal, financial, and biometric data, whereas the Cookie Policy provides the micro view of the automated data collection that occurs during your website session. Any personal information gathered through the use of cookies such as your IP address or your login session data is handled with the same level of cryptographic protection and regulatory care detailed in our main privacy framework.
The intersection of these two policies is most visible in our handling of special category data. For example, while the Privacy Policy explains why we need your biometric data for identity verification, the Cookie Policy explains how the Veriff integration uses temporary session cookies to ensure your liveness check is not interrupted by a server timeout. By reading these documents in tandem, you gain a complete understanding of the legal and technical safeguards My Office Address Limited has implemented to protect your business interest. We ensure that our contractual obligations under the Terms of Service are supported by a transparent data policy that respects both the Letter and the Spirit of United Kingdom data protection law.
Cookies are small data files, typically consisting of letters and numbers, that are downloaded to your computer, tablet, or smartphone when you access our website. They serve as a memory for the website, allowing it to recognise your device upon subsequent visits or during a single continuous session. At My Office Address Limited, we utilise two primary types of cookies. Session Cookies are transient in nature; they are stored in your browser’s temporary memory and are automatically purged the moment you close your web window or log out of your dashboard. Their primary professional function is to maintain your authenticated state as you navigate between different pages of our site for example, ensuring that you do not have to re-enter your password when moving from your inbox to your billing settings.
In contrast, Persistent Cookies remain on your hard drive for a predetermined period or until you manually delete them. These cookies allow our website to remember you over the long term. For instance, a persistent cookie might be used to store your preference for a “Dark Mode” interface or to remember that you have already acknowledged our cookie consent banner, so you are not prompted with the same notice every time you visit. While persistent cookies enhance the efficiency of your user experience, we ensure that their “Time to Live” (TTL) is set to the minimum duration necessary for their specific purpose, in accordance with the data minimisation principles of the UK GDPR.
In addition to traditional cookies, we employ “Web Beacons” (also referred to as clear GIFs, web bugs, or tracking pixels). These are essentially invisible, one-pixel-by-one-pixel images that are embedded into the HTML of our website or within our service-related emails, such as mail scanned notifications or invoice issued alerts. Unlike cookies, which are stored on your device, web beacons operate as a request to a server to download the pixel, which in turn provides us with confirmation that a specific page has been viewed or that an email has been opened and interacted with.
This technology is a critical component of our professional audit trail. For a registered office provider, the ability to prove that a client has opened a statutory notification is a vital compliance safeguard. It allows us to maintain a log of successful communications, which can be essential in the event of a dispute regarding the receipt of legal documents. These pixels do not collect your personal content but they do record technical metadata, such as the time of access, the IP address of the device used, and the type of browser. Their use is strictly governed by our legitimate interest in ensuring the reliable delivery of our mail handling and regulatory alert services.
Modern web applications, particularly those requiring high-security integrations like Stripe (for payments) and Google Maps (for address verification), utilise Local Storage and Session Storage. These are HTML5 technologies that allow a website to store larger amounts of data locally within your browser than a standard cookie would permit. Local storage is often used to facilitate the seamless handshake between our platform and our third-party compliance partners. For example, when you use the Google Address Autofill API to enter your forwarding address, local storage may temporarily hold the address suggestions to provide a faster, more responsive typing experience.
Furthermore, we utilize API Trackers (Application Programming Interfaces). When you initiate a payment via Stripe or an identity check via Veriff, these third-party scripts may deploy their own identifiers to ensure the security and integrity of the transaction. These trackers are essential for detecting man-in-the-middle attacks or session hijacking. Because these technologies function similarly to cookies by storing or accessing information on your device, they are subject to the same disclosure requirements under the Data (Use and Access) Act 2025. We ensure that any data stored through these methods is either encrypted or pseudonymised, and we only engage with world-class API providers who meet the highest standards of United Kingdom data security.
The foremost reason for our use of cookies is the maintenance of a secure and robust professional environment. Under the Data (Use and Access) Act 2025, cookies that are strictly necessary for the security of a service requested by the user are exempt from the standard consent requirements. At My Office Address Limited, we utilise these trackers to verify your identity during the login process and to maintain the integrity of your session as you access sensitive corporate data, such as scanned mail from HMRC or legal correspondence. These cookies prevent session hijacking, a cyber-attack where an unauthorised party attempts to steal your active login token to gain access to your business records.
Furthermore, our security cookies play a vital role in fraud prevention. By utilising unique identifiers, our systems and those of our partners like Stripe and Veriff can detect suspicious patterns, such as multiple failed login attempts from different geographical locations or the use of automated bots attempting to scrape data from the client dashboard. For a Trust or Company Service Provider (TCSP), these security measures are not merely optional features; they are a mandatory component of our commitment to protecting the UK’s financial system from illicit activity. By ensuring that only verified users can interact with our infrastructure, we maintain the high level of digital trust required for a professional business address service.
To ensure that our website remains responsive and available 24/7, we utilise performance cookies and load balancing trackers. When a high volume of clients attempts to access their mail scans simultaneously, these cookies help our infrastructure distribute the incoming digital traffic across multiple secure servers. This process ensures that no single server becomes overwhelmed, which would otherwise result in slow loading times or service outages. By maintaining an even distribution of data requests, we can guarantee that you have seamless access to your account regardless of the overall traffic on our platform.
These cookies do not track your personal identity or your specific browsing habits; instead, they focus on the “Health” of the connection between your device and our data centres. They collect technical metadata, such as response times and error rates, which allows our technical team to identify and resolve bugs in real-time. This technical integrity is essential for a digital-first business model where time-sensitive mail handling is the core service. These trackers are deployed based on our Legitimate Interest in providing a professional, reliable, and high-performance website that meets the expectations of a modern corporate client base.
The final category of cookies we employ is dedicated to enhancing the user experience (UX) through preference memory. We recognise that our clients have diverse requirements for how they interact with their virtual office. Consequently, we use functionality cookies to remember the specific settings you have selected. For example, if you have opted for a specific layout in your mail inbox, or if you have selected a preference for summary view rather than full scan preview, a persistent cookie stores this choice on your device. This eliminates the need for you to re-configure your dashboard every time you log in, providing a more fluid and efficient administrative experience.
This preference memory also extends to legal and compliance acknowledgements. Once you have interacted with our cookie consent banner or reviewed an updated version of our Terms of Service, a cookie is used to record that this interaction has taken place. This prevents you from being repeatedly interrupted by the same pop-up notices during subsequent visits. While these cookies are not strictly necessary for the site to function, they significantly reduce the administrative friction of managing your account. In accordance with UK law, these preference-based trackers are only activated if you provide your consent through our privacy settings, ensuring that you remain the ultimate arbiter of your digital environment.
These cookies do not store any information for marketing purposes, nor do they track your browsing history across other websites. Instead, they focus on the here and now of your current session. For example, a strictly necessary cookie might be used to maintain your unique security token as you navigate from your mail dashboard to your billing settings, ensuring your session remains private and uninterrupted. Because these cookies are vital for the protection of your account and the legal integrity of our financial transactions, they are deployed automatically upon your arrival at our website. Disabling these cookies via your browser settings will likely result in a total loss of website functionality, preventing you from managing your registered office or viewing your scanned mail.
Functionality cookies are designed to provide a more tailored and efficient user experience by remembering the choices you make on our platform. Unlike strictly necessary cookies, these are considered consensual, meaning we will only activate them if you grant us permission via our cookie banner. These trackers allow our website to remember your username (though never your password), your language preference, and your specific dashboard configuration. For a busy professional, these cookies reduce administrative friction by ensuring that your workspace looks and behaves exactly as you left it during your previous visit.
For instance, if you have customised your mail-forwarding notification settings or selected a specific viewing mode for your digital PDFs, a functionality cookie ensures these settings persist across different sessions. While these cookies do not identify you on other websites, they do collect data about your interactions within our specific domain. We treat this data with the same level of care as your primary account details. If you choose not to consent to functionality cookies, the website will still be operational, but you will find that you have to re-select your preferences and re-enter certain non-sensitive details each time you log in, resulting in a less fluid user experience.
Analytical and performance cookies are used to gather data on how visitors interact with the My Office Address Limited website. This information is critical for our continuous service improvement, as it tells us which pages are most popular, how long users stay on certain sections, and whether they encounter technical errors or broken links. We primarily utilise Google Analytics for this purpose. These cookies collect pseudonymised technical data, such as your browser type, device category, and the referral source (the site you visited before ours). This allows us to understand the general journey of our users without identifying them as individuals.
Under the 2026 UK GDPR standards, these cookies are consensual and require your proactive Opt-In. We use the insights gained from these cookies to optimise our mail handling workflows and to ensure that our most important regulatory notices are easy to find. For example, if analytical data shows that users are struggling to find the “Upload ID” section, we can redesign the interface to be more intuitive. It is important to note that this data is aggregated and used purely for statistical and performance-tuning purposes. Declining these cookies has no impact on your ability to use our services, but it does limit our ability to refine the platform based on your specific usage patterns.
Targeting and marketing cookies are the most intrusive category of trackers, as they are designed to follow your activity across different websites to build a profile of your interests. At My Office Address Limited, we maintain a very conservative stance regarding these cookies. We do not currently use third-party behavioural advertising trackers to sell your data to brokers or to target you with unrelated products. However, we may occasionally use Retargeting pixels from platforms like LinkedIn or Google to show relevant adverts for our business address services to individuals who have previously visited our site but did not complete their registration.
These cookies are strictly consensual and are disabled by default. We will never use marketing cookies to track your activity within the sensitive client Dashboard or to link your identity verification results to an advertising profile. If you consent to these cookies, you may see adverts for My Office Address Limited on your social media feeds or on other websites you visit. You can withdraw this consent at any time via our Cookie Preference Centre. By keeping these trackers separate from our core service delivery, we ensure that your professional corporate identity is never commoditised for advertising purposes.
First-party cookies are those placed directly by our own servers to manage your professional relationship with us. These are primarily strictly necessary or functionality cookies that are fundamental to the operation of your business address account. We do not use first-party cookies for cross-site tracking or advertising profiling.
Cookie Name | Category | Purpose | Duration |
moa_session | Strictly Necessary | Maintains your secure login state as you navigate the dashboard. | Session |
moa_security_xsrf | Strictly Necessary | Prevents Cross-Site Request Forgery (CSRF) attacks on our forms. | 2 Hours |
moa_consent | Functionality | Stores your preferences for our cookie consent banner. | 1 Year |
moa_ui_prefs | Functionality | Remembers your display settings (e.g., Dark Mode or Inbox View). | 6 Months |
moa_cart_id | Strictly Necessary | Holds service plan selections in your cart during the checkout phase. | 24 Hours |
As a regulated entity, we integrate industry-standard tools to ensure high-security identity verification, financial processing, and address accuracy. These third parties set their own cookies to facilitate their specific functions. We have conducted a professional audit to ensure these providers meet the stringent requirements of the Data (Use and Access) Act 2025.
The primary tool for managing your digital privacy on our platform is our integrated Cookie Preference Centre. Upon your first visit to https://myofficeaddress.co.uk/, you are presented with a clear and prominent consent banner. Unlike dark patterns used by some service providers, our interface does not pre-select non-essential categories. You are provided with granular toggle switches that allow you to independently enable or disable Functionality, Analytical, and Targeting cookies. Your choices are recorded immediately, and a persistent first-party cookie is used to remember these preferences for a period of 12 months, ensuring you are not repeatedly prompted during subsequent sessions.
You may revisit and modify these settings at any time by clicking the cookie settings link located in the footer of every page on our website. Our consent manager is designed to be audit-ready, maintaining a timestamped log of consent events that allows us to demonstrate compliance to the Information Commissioner’s Office (ICO) if required. We ensure that the process of withdrawing consent is unambiguous and positive, and we do not penalise or restrict your access to our core business address services if you choose to disable non-essential trackers.
In addition to our on-site tools, you have the ability to manage cookies through the settings of your internet browser. Most modern browsers (such as Google Chrome, Microsoft Edge, Safari, and Mozilla Firefox) provide comprehensive controls that allow you to block all cookies, delete existing cookies, or receive a notification before a new cookie is stored. For a professional user, these browser-level settings offer a universal layer of protection that applies across all websites you visit. However, it is important to note that if you configure your browser to block all cookies, including strictly necessary ones, you will be unable to log in to your My Office Address Limited dashboard or complete secure payments via Stripe.
For detailed instructions on how to manage these settings, we recommend visiting the official support pages for your specific browser. Many browsers also offer Incognito or Private modes, which automatically delete all cookies and browsing history once the window is closed. This can be a useful tool for clients who wish to perform sensitive administrative tasks without leaving a persistent digital footprint on their local hardware. We respect these browser configurations and do not attempt to bypass or circumvent any user-initiated blocks on tracking technologies.
As of February 2026, the legal status of automated privacy signals has been clarified under the Data (Use and Access) Act 2025. While the traditional “Do Not Track” (DNT) header remains a voluntary signal with no binding legal obligation for websites to honour it, My Office Address Limited has chosen to support it as a matter of professional courtesy. If your browser sends a DNT signal, our systems will treat this as a request to disable non-essential analytical and marketing trackers, even if you have not yet interacted with our consent banner.
Furthermore, we fully support the Global Privacy Control (GPC) signal. Unlike DNT, the GPC signal is increasingly recognised by UK and international regulators as a legally binding expression of the right to object to data processing. If our platform detects a GPC signal from your browser, we automatically set your preferences to “Opt-Out” for all non-essential cookies. This privacy by design approach ensures that you can exercise your data rights globally without having to manually interact with individual consent banners on every site. By honouring these machine-readable signals, we reinforce our commitment to a transparent, user-centric digital environment that respects the high-tech privacy standards of 2026.
The duration for which a cookie remains on your browser is determined by its specific function and is categorised into two distinct temporal groups: Session Cookies and Persistent Cookies. Session cookies are the most ephemeral; they are designed to exist only for the duration of your active visit. These are used primarily for security and to manage your logged-in state within the client dashboard. As soon as you terminate your session by closing your web browser or logging out, these cookies are irretrievably purged from your device’s memory. This ensures that no sensitive session tokens or authenticated states remain on your hardware where they could be exploited by unauthorised users.
Persistent cookies, however, are assigned a specific “Time to Live” (TTL) at the moment of creation. These trackers remain on your device until they reach their designated expiry date or until you manually delete them. We set these expiry periods based on the minimum time required for the cookie to remain effective. For example, our moa_consent cookie, which records your privacy preferences, is set to expire after 12 months. This ensures that we re-verify your consent on an annual basis, which is considered best practice by the Information Commissioner’s Office (ICO). Conversely, third-party cookies from partners like Stripe or Veriff may have different retention periods often ranging from 30 minutes for transaction security to 2 years for fraud detection governed by their own rigorous global security standards.
The digital landscape is inherently dynamic, with third-party APIs and web technologies evolving at a rapid pace. To maintain the accuracy of this policy and the integrity of our tracking ecosystem, My Office Address Limited conducts Bi-Annual Cookie Audits. Every six months, our technical and compliance teams perform a comprehensive scan of our website to identify any new trackers that may have been introduced by software updates or integrated partners (such as new features within Google Maps or Stripe’s payment gateway). During these audits, we evaluate each cookie against our necessity test to ensure it remains a valid tool for our service delivery.
If an audit reveals a new tracker, we immediately update our Detailed Cookie Inventory (Section 5) and re-configure our Consent Management Platform to include the new identifier. Furthermore, if a cookie is no longer required for its original purpose for instance, if we discontinue a specific analytical tool we ensure that all associated scripts are removed from our codebase and the data is purged from our servers. This continuous housekeeping is a mandatory component of our professional accountability. By maintaining an up-to-date record of our digital identifiers, we ensure that My Office Address Limited remains fully compliant with the 2026 UK GDPR reforms and that our clients are never subjected to zombie cookies or undocumented tracking.
My Office Address Limited is committed to a proactive approach regarding digital privacy. If you have any technical or legal questions concerning the specific trackers used on our platform including the logic behind our automated fraud detection or the data sharing practices of our partners like Veriff and Stripe we encourage you to reach out to our dedicated Compliance and Data Protection Lead. We understand that for many business owners, the intersection of web technology and data law can be complex; our goal is to provide clear, jargon-free explanations that help you maintain confidence in your professional digital environment.
All enquiries regarding this Cookie Policy should be directed to our compliance team via email at admin@myofficeaddress.co.uk. Please use the subject line cookie policy enquiry to ensure your request is prioritised. We are committed to acknowledging all enquiries within 48 hours and providing a detailed, professional response within one calendar month, in accordance with the UK GDPR. For those who prefer physical correspondence, you may write to our registered headquarters: My Office Address Limited, 665 North Circular Road, London, England, NW2 7AX United Kingdom. By maintaining this direct channel, we ensure that your privacy concerns are addressed by qualified professionals rather than automated response systems.
While we strive to resolve all matters through our internal compliance and support channels, you maintain the fundamental statutory right to lodge a formal complaint with the UK’s independent supervisory authority for data protection and privacy. If you believe that My Office Address Limited has failed to comply with the Privacy and Electronic Communications Regulations (PECR), the Data Protection Act 2018, or the Data (Use and Access) Act 2025, you may escalate your concerns to the Information Commissioner’s Office (ICO). The ICO oversees the use of cookies and tracking technologies across the United Kingdom and has the authority to issue enforcement notices and penalties for non-compliance.
We suggest that you contact us in the first instance to allow us to rectify any technical errors or provide the necessary clarifications. However, should you wish to proceed with a formal complaint, the ICO can be contacted through their official website at https://ico.org.uk/make-a-complaint/ or via their telephone helpline at 0303 123 1113. Our registration with the ICO as a data controller demonstrates our commitment to these high standards of professional accountability. By providing this information, we ensure that you are fully aware of the regulatory protections available to you as a client of My Office Address Limited.