Privacy Notice

Last Modified: 9 May 2023


TMA Data Management Limited (TMA) values its customers and is committed to protecting and respecting your privacy and the lawful and correct treatment of personal data.

This Privacy Notice informs and explains how TMA will process and protect any personal data we collect or receive about you. We outline how we use personal data including visitors to our websites, customers, third party service providers (TPAs), potential customers and other visitors, including individuals that get in contact with us, our existing and potential service providers (such as energy suppliers) and those individuals whose personal data we otherwise process in the course of our business, which we will collectively refer to in this Privacy Notice as “you” and “your”.

This Privacy Notice also outlines the procedures which are in place to safeguard your privacy and explains how you can update or change how your data is used to reflect your preferred relationship with us.

If we ask you to provide any information by which you can be identified either when visiting our website or engaging in a relationship with us, you can be assured that it will only be used in accordance with this Privacy Notice.

We are a data controller in respect of the data that we hold about you, and we manage all our personal data whether client data, data relating to our professional contacts, employee data and any other personal data in accordance with the General Data Protection Regulations (GDPR).

Please read this Privacy Notice carefully to understand our practices regarding personal data so you are aware of our practices regarding personal data and how and why we are using your data. If you do not agree to this Privacy Notice, you may wish to cease viewing our websites.

What types of data do we collect and hold

The personal data that we hold about you will be specific to you and your relationship with us at TMA and may include some of the following types of data and other data relevant to our relationship:

  • Full name
  • Job title, who you work for and business activities
  • Phone number(s)
  • Personal email address and/or professional email address(s)
  • Technical information, including the Internet protocol (IP) address used to connect your device to the Internet, browser type and version, browser location, browser plug-in types and versions, time zone setting, device types (including device ID), the date and time of consent and platform, network service provider. Your IP address is processed by Google Analytics and automatically reported in an anonymised form. We may also process information about your visit to our websites, including the full Uniform Resource Locators (URL), clickstream to, through and from our site (including date and time), pages you viewed, or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse the website
  • Lifestyle information and your personal interests
  • Email exchanges
  • Your social media handle/user name details if you engage with us on social media
  • Any feedback that you give us
  • Any other information that you choose to give to us via our website or to our customer services team
  • Recruitment information of current and former employees
  • Background checks and associated information
How do we collect this personal data

We collect most of our information directly from you, as this enables you to have as much control over the data you share with us. We do this when you contact us directly or through our website, when you subscribe to any of our information services or when you interact with us through social media; or email or call us.

We also collect information that is publicly available such as information on any company website, news articles, or other multimedia sources as well as any records held on Companies House website.

If you have a business relationship with one of our professional contacts, they may collect data which is passed on to us to facilitate a specific service.

For our professional business contacts, we also collect data from any networking events you may attend; from any of our employee business contacts, from current or past transactions and from any publicly available source such as a company website.

What do we use your personal data for

Our primary use of your data is to be able to deliver our services. Where we have a contract with you, it is necessary for us to process personal data in order to deliver that contract to you.

If you are a professional contact with whom we have a business relationship, we will use your data to enable us to liaise with you on current or future services.

We also use personal data for our legitimate business interests in monitoring, developing and promoting our products and services. For example, using the data for our e-marketing campaigns, managing invitations, registrations for corporate events, publicising our services; supporting quality and risk management reviews; and administrating our website and reviewing the efficacy of our online services and communications.

We may also need to process your data in order for compliance and auditing reasons and to monitor or enforce our terms and conditions or user policies.

Communicating with you: we also use your data to communicate with you and keep you up to date with company news; and providing you with information on our services. We will also provide information about events we are hosting. We may contact you by email, post or via the telephone. We encourage you to sign up to receive these messages but if you do not wish to receive these communications, please let us know by contacting us at

We may also use information to support us in enforcing our terms and conditions, protecting our legal rights and responsibilities.

Sharing personal data

To allow us to meet our obligations and effectively provide our services to you, it may be necessary to share your personal information within the entities that form part of TMA as part of the administration of our business. For example, we may share personal information as part of our regular reporting activities on company performance, in the context of a business reorganisation or group restructuring exercise, for system maintenance support and hosting of data.

We may also share your personal information:

  • with government authorities or professional bodies, such as HM Revenue & Customs in the United Kingdom (for tax purposes);
  • with our professional advisors including tax, legal or other corporate advisors who provide professional services to us;
  • with regulators, supervisory authorities, fraud prevention agencies, as well as our legal advisers, courts, the police and any other authorised law enforcement bodies, for the purposes of investigating any actual or suspected criminal activity or other regulatory or legal matters etc.;
  • in the event that we consider selling or buying any business or assets we will disclose your personal information to any prospective sellers or buyers of such business or assets;
  • with credit reference companies;
  • in the event of any insolvency situation (e.g. administration or liquidation);
  • if we, or substantially all of our assets, are acquired by a third party, in which case your personal information will be one of the transferred assets;
  • to protect the rights, property or safety of our employees, workers, contractors, clients, or others. This includes exchanging your personal information with other companies and organisations (including without limitation the local police or other local law enforcement agencies) for the purposes of our employee, worker, contractor and client safety, crime prevention, fraud protection and credit risk reduction; or
  • if we are under a duty to disclose or share your personal information in order to comply with any legal obligation or regulatory requirements, or otherwise for the prevention or detection of fraud or crime.
How we protect your information

We are committed to ensuring that your personal information is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect. For example, your personal information is stored on secure cloud-based computer files or computer servers within our secure premises; any hard copy client files are kept within our secure premises; and our staff are trained about the secure handling of personal information.

Your data subject rights

As an individual you have several rights under the relevant data protection laws, including:

  • the right to request from us access to your own personal information;
  • the right to ask us not to process your personal data for personalised direct marketing;
  • the right to request any inaccurate information we hold about you is corrected;
  • the right to request your information is deleted in certain circumstances;
  • the right to request that we stop using your personal information for certain purposes; and
  • the right to request that decisions are not taken by wholly automated means.

Please see the Information Commissioner Officer’s (ICO), the supervisory authority for the UK. For further information on the above rights see:

These rights may be limited to certain defined circumstances and we may not be able to comply with your request. If you request to exercise these rights, we aim to respond to you within one calendar month.

If you wish to exercise any of these rights, please email us at or write to us at the address below stating your request and contact details.

Data Protection
TMA Data Management Ltd
145 London Road
United Kingdom


Whilst we will always strive for excellent service, if you feel we have not met your expectations, or your  data has not been handled correctly or if you have any concerns, we’d like to know so we can try to resolve any issues. You can submit your complaint or raise any issues with us at or writing to the address below:

TMA Data Management Ltd
145 London Road
United Kingdom

We would expect that any complaints can best be dealt with by contacting us in the first instance, and we will take complaints made to us seriously. However if you to complain about our use of your personal data and do not wish to contact us first, you also have the right to complain to the ICO. Details of how to complain to the ICO can be found at

How long we keep your personal data for

We will only retain your personal information for as long as is necessary to fulfil the purposes for which it was collected and processed, including for the purposes of satisfying any legal, tax, health and safety, reporting or accounting requirements. This means your personal data will be erased from our systems when we no longer need it.

Personal information which is no longer to be retained will be securely and effectively destroyed or permanently erased from our IT systems and we will also require third parties to destroy or erase such personal information where applicable.

In some circumstances we may anonymise your personal information so that it can no longer be associated with you. In this case, we may retain such information for a longer period without further notice to you.

Changes to our Privacy Notice

Any changes we may make to our Privacy Notice in the future will be posted on this page. Please check back frequently to see any updates or changes to our Privacy Notice.

Third party websites

Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.


Our websites use cookies to distinguish you from other users of our websites. This helps us to provide you with a good experience when you browse our websites and allows us to improve our websites and our services.

We will not place cookies other than “strictly necessary” cookies on your device unless you have told us that you are happy for us to do so. For information on how we use cookies, please see our cookie policy.

Comments and concerns

If there is anything in this notice that you are unclear about, please contact us at or by writing to us at the address below and we shall be happy to answer any queries you may have concerning this Privacy Notice or the way in which we process your personal data.

This website is operated by TMA Data Management Limited located at 145 London Road, Kingston-upon-Thames, KT2 6SR, United Kingdom.

All other feedback, comments, requests for technical support and other communications relating to the website should be directed to +44 (0) 20 8549 1060.