Privacy Policy

How Thames Technology handles your personal data


This website (Website) is operated by Thames Card Technology (the Company or we or us).

This Privacy Policy explains what personal data we may collect about you, how we use it, and the steps we take to ensure that it is kept secure. We also explain your rights and how to contact us.

Links to other websites

Please note, this Website may contain links to other websites that are not controlled by us.   These links are provided for your convenience. We are only responsible for our privacy practices and our security. We recommend that you check the privacy and security policies and procedures of each and every other website that you visit and each organisation that holds your personal data.

Legal compliance

Unless stated otherwise, the Company is the data controller in respect of all personal data collected by us on this Website or otherwise.  This means that we are responsible for ensuring that we do so in full compliance with the General Data Protection Regulation and Data Protection Act 2018, all other related privacy laws and any codes of practice issued by the Information Commissioner.


We typically collect the following information:

  • your name and contact details
  • social media information
  • details of the goods or services that you have ordered or in which you have expressed an interest
  • details of any enquiries or requests for information you have made
  • details of the newsletters you have subscribed to
  • where relevant, payment card details or other applicable payment information


We obtain personal data:

  • directly from you such as when you register for any of our services, send us emails, [contribute to our blogs and forums] [, attend any of our events]
  • from another organisation for example, where you receive information or services from one of our suppliers [(click here to see our Supplier Directory)]. These organisations may share your personal data with us if you allow them to do s
  • from social media sites or apps. If your settings and preferences allow, we may obtain information (including personal data) from social media services such as Facebook and LinkedIn
  • from publicly available sources such as Companies House.

IP addresses and other device information

In order to understand how users use this Website and our services, we may collect information such as details of the browser you used, your operating system, the website you visited immediately before visiting our website and your Internet Protocol addresses (also known as IP addresses).  Your IP address is a unique address that computer devices (such as PCs, tablets and smartphones) use to identify themselves and in order to communicate with other devices in the network.

We use this information to analyse how our site is accessed and used so that we improve our service and make it relevant to you.


In common with many other website operators, we may use standard technology called ‘cookies’ on this Website. Cookies are small pieces of information that are stored by your browser on your computer’s hard drive and they are used to record how you navigate this Website on each visit.

Our cookies are used to enable us to develop our Website and to enable you to properly navigate it. We use cookies to collect personal information to enable us to understand our visitors’ interests and by noting who has seen which pages and advertisements (including any ‘click through’ from emails), how frequently particular pages are visited and to enable us to determine the most popular areas of our Website. We may use cookies to enrich your experience of using the Website by allowing us to tailor what you see and what information you receive where you have agreed do so you (see ‘Invitations, newsletters and opportunities’ below) to what we have learned about your preferences during your visits to our Website. Sometimes we may use services of third parties and they may use cookies on our behalf in order to provide their services.

The cookies we use on this Website are shown below (name, type and purpose of cookie):

  • _ga - Third Party - To analyse Website traffic using an analytics package. Aggregated usage data helps us improve the Website structure, design, content and functions. Used to distinguish users and has an expiration of 2-years.
  • _gid - Third Party - To analyse Website traffic using an analytics package. Aggregated usage data helps us improve the Website structure, design, content and functions. Used to distinguish users and has an expiration of 24-hours.
  • _gat_gtag - Third Party - To analyse Website traffic using an analytics package. Aggregated usage data helps us improve the Website structure, design, content and functions.Used to throttle requests and has an expiration of 10-minutes
  • wordpress - Session - Used to store your authentication details when logged in. Its use is limited to the admin console are.
  • WordPress_logged_in_ - Session - Indicates when you’re logged in, and who you are.
  • Wp-settings-{time}-[UID] - Session - This is used to customise your view of admin interface, and possibly also the main site interface if you are logged in.

You may also get cookies (including Flash cookies) from our suppliers and advertisers if you click on their links or adverts. In addition, some of our pages may contain embedded content such as YouTube videos or a Google Plus share and you may receive cookies from these sites. These cookies are not within our control and you should check their privacy and security policies to understand how they use these.

Preventing use of cookies

Most browsers automatically accept cookies, but you can usually change your browser to prevent cookies being stored. With experience, you can usually choose to switch off all cookies or to allow only certain ‘trusted’ sites to place cookies.

For further information on cookies and Flash cookies and how to switch them off see the Information Commissioner’s website at or visit or



All personal data that we obtain about you will be recorded, used, and protected by us in accordance with current data protection law and this Privacy Policy. We will primarily use the personal data for the following purposes:

  • To provide the goods and services you request (including newsletters) and to communicate with you in the event that any of them are unavailable or if there is a query or problem with your request
  • market research. To carry out market research so that we can improve the goods and services we offer
  • To create an individual profile for you which includes analysing demographic and geographic information so that we can enhance your experience and relationship with us, understand and respect your preferences and to provide information and details of other initiatives where you have agreed to receive them

Consent and lawful processing of personal data

The legal basis for the collection and use of your personal data is that you have given your consent and/or that it is in our legitimate interests to do so in order to contact you and your rights and freedoms are not prejudiced by this.

Disclosing your personal data

We do not sell personal data but we will, however, if you request information, products or services that is from one of our suppliers (see our Supplier Directory) or partners (see our Partner List), we will share your data with them in order for them to deal with your request. We update the Supplier Directory and Partner List regularly and you can see the most up-to-date version on our websites.

In order to operate our website and to provide our products and services, we may, occasionally, appoint other organisations to carry out some of the processing activities on our behalf. These may include, for example, technology hosts and email distribution services.  In these circumstances, we will ensure that your personal data is properly protected and that it is only used in accordance with this Privacy Policy.

Sale or other disposal of our business

If, for any reason, we dispose of any part of our business, we may transfer any records (which may include your personal data) to the new owner.


The Company, our Suppliers and our Partners would each like to contact you about products, services and a range of other initiatives.  You can choose how you receive these on the Website form you complete.   Details of how to opt-in to or opt-out of receiving information are on relevant pages of this Website and/or in the message you receive.

We will usually try to tailor the communications we send to you so that they are relevant and in line with the preference options you have chosen which form part of the personal profile we will create for you.

Preferences / Subscribe / Unsubscribe

You can change your mind about whether you wish to receive information at any time and can tell us of your preferences by emailing us at or by following the instructions with each communication you receive.

Please note it may take up to one month for your changes to be implemented and for communications to cease.


We take the security of personal data seriously.  We employ security technology, including firewalls, and encryption to safeguard personal data and have procedures in place to ensure that our systems and databases are protected against unauthorised disclosure, use, loss and damage.

We only use third party service providers where we are satisfied that the security they provide for your personal data is at least as stringent as we use ourselves.


We will normally keep your personal data for 10 years after your last interaction with us, or our Website.  If we consider that you are no longer an active user of our Website or our services we may delete your personal data sooner than this.

We expect to contact you at least every two years to ensure you are still happy to hear from us according to the preferences you have provided to us.


To provide our services to you, we transfer personal data to [our trusted service provider in [specify where]]. We have taken proper steps to ensure that it is protected in accordance with this Privacy Policy and applicable privacy laws.

[Some of our Suppliers and Partners are located in regions outside of Europe (our Supplier Directory and Partner List show the world region for each of them). If you agree to us providing your details to our Suppliers or Partners, your data may be transferred to the relevant one to satisfy your requirements.


Privacy laws and practice are constantly developing and we aim to meet high standards.  Our policies and procedures are, therefore, under continual review. We may, from time to time, update our security and privacy policies.  If we want to make any significant changes in how we will use your personal data we will contact you directly and, if required, seek your consent.

We will ensure our Website has our most up to date policy and suggest that you check this page periodically to review our latest version.


You may update or correct your personal data yourself online at [l], or can contact us and ask us to do it for you (see the section ‘How to contact us’ below). Please include your name and/or email address when you contact us as this helps us to ensure that we accept amendments only from the correct person.

We encourage you to promptly update your personal data if it changes.  If you are providing updates or corrections about another person, we may require you to provide us with proof that you are authorised to provide that information to us.


You have a number of legal rights in respect of your personal data.  These include:

  • The right to receive a copy of the personal data that we hold about you. We will require proof of identity and proof of authority if the request comes from someone other than the person whose data we are asked to provide. This will ensure we only provide information to the correct person.  We normally expect to respond to requests within 28 days of receiving them.
  • withdraw consent to direct marketing. You can exercise this right at any time and can update your preferences yourself or ask us to do it for you.  See section ‘Updating and correcting your personal data’ above for details.
  • withdraw consent to other processing. Where the only legal basis for our processing your personal data is that we have your consent to do so, you may withdraw your consent to that processing at any time and we will have to stop processing your personal data.  Please note, this will only affect a new activity and does not mean that processing carried out before you withdrew your consent is unlawful.
  • If you consider any of your personal data is inaccurate, you can correct it yourself or ask us to do it for you (see section ‘Updating and correcting your personal data’ above for details).
  • In limited circumstances you may be able to require us to restrict our processing of your personal data.  For example, if you consider what we hold is inaccurate and we disagree, the processing may be restricted until the accuracy has been verified.
  • Where we have no lawful basis for holding onto your personal data you may ask us to delete it.
  • In limited circumstances you may be entitled to have the personal data you have provided to us sent electronically to you for you to provide to another organisation.
  • to complain to the Information Commissioner’s Office. If you have a concern or complaint we would prefer you to contact us (see the section ‘How to contact us’ below) and we will try to resolve it for you.  If you want to make a complaint to the Information Commissioner’s Office, you can find information on how to do this at


Thames Technology
Thames House
Arterial Road