Privacy Policy

How we handle and protect your personal information

Last updated: 1 January 2024

Introduction

ThamesoroTechAI Ltd ("we", "our", "us") is committed to protecting and respecting your privacy. This policy explains how we collect, use, and safeguard personal information when you use our website or engage with our services.

We are the data controller for the personal information we process, unless otherwise stated. Our registered address is 47 Queen Victoria Street, London, EC4N 4SA, United Kingdom.

Information We Collect

We may collect and process the following categories of personal information:

Information You Provide Directly

  • Contact details including name, email address, and postal address
  • Financial information you share during consultations (income, expenses, debts, assets)
  • Employment and business information relevant to our services
  • Communication records including emails and consultation notes
  • Feedback and survey responses

Information Collected Automatically

  • Technical data including IP address, browser type, and operating system
  • Usage data including pages visited, time spent on pages, and navigation paths
  • Cookie data as described in our Cookies Policy

How We Use Your Information

We use your personal information for the following purposes:

  • To provide our financial guidance and consultation services
  • To respond to your enquiries and communicate with you
  • To personalise recommendations based on your financial situation
  • To send service updates and relevant information about our offerings
  • To improve our website and services based on usage patterns
  • To comply with legal and regulatory obligations
  • To protect our legitimate business interests

Legal Basis for Processing

We process your personal information under the following legal bases:

  • Contract: Processing necessary to fulfil our service agreement with you
  • Consent: Where you have given explicit consent for specific processing activities
  • Legitimate interests: Processing necessary for our legitimate business interests, provided these do not override your rights
  • Legal obligation: Processing required to comply with applicable laws and regulations

Data Sharing

We do not sell your personal information to third parties. We may share your information in the following circumstances:

  • With service providers who assist in delivering our services (subject to confidentiality agreements)
  • With professional advisers such as lawyers and accountants when necessary
  • With regulatory bodies or law enforcement when required by law
  • With your explicit consent for any other purpose

Any third parties with whom we share data are required to maintain appropriate security measures and process data only in accordance with our instructions.

Data Retention

We retain your personal information only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements.

Retention periods vary depending on the type of information:

  • Client records: 7 years after the end of our business relationship
  • Financial consultation records: 7 years (in line with HMRC requirements)
  • Marketing communications preferences: Until you opt out or withdraw consent
  • Website analytics data: 26 months

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • Encryption of sensitive data in transit and at rest
  • Access controls limiting data access to authorised personnel
  • Regular security assessments and updates
  • Staff training on data protection practices
  • Secure disposal procedures for records no longer required

Your Rights

Under data protection law, you have rights including:

  • Access: Request a copy of your personal information
  • Rectification: Request correction of inaccurate information
  • Erasure: Request deletion of your information in certain circumstances
  • Restriction: Request restricted processing of your information
  • Portability: Request transfer of your information to another organisation
  • Objection: Object to processing based on legitimate interests
  • Withdraw consent: Withdraw previously given consent at any time

To exercise any of these rights, please contact us using the details provided below. We will respond to your request within one month.

International Transfers

Your personal information is primarily stored and processed within the United Kingdom and European Economic Area. If we transfer data outside these regions, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the Information Commissioner's Office.

Changes to This Policy

We may update this privacy policy periodically to reflect changes in our practices or legal requirements. We will notify you of significant changes by posting a notice on our website or contacting you directly where appropriate. We encourage you to review this policy regularly.

Contact Us

If you have questions about this privacy policy or wish to exercise your rights, please contact us:

ThamesoroTechAI Ltd
47 Queen Victoria Street
London, EC4N 4SA
United Kingdom

Email: [email protected]

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe your data protection rights have been violated. The ICO can be contacted at ico.org.uk.