GDPR Commitment
ThamesoroTechAI respects the UK GDPR and the Data Protection Act 2018. This page explains our lawful basis for processing and your rights.
Lawful basis for processing
We process personal data primarily under legitimate interests and contractual necessity. Where optional analytics are used, we rely on consent.
Data categories
The data we handle is limited to contact details, project context, and minimal analytics metadata. We do not collect sensitive categories of data.
Your rights under UK GDPR
You can exercise these rights at any time by contacting us.
- Right of access Request a copy of the personal data we hold.
- Right to rectification Ask us to correct inaccurate or incomplete data.
- Right to erasure Request deletion when data is no longer needed.
- Right to restrict processing Limit how we use your data in certain situations.
- Right to object Object to processing based on legitimate interests.
- Right to data portability Receive data in a structured, commonly used format.
International data transfers
We aim to store and process data within the UK and EEA. If a trusted supplier operates outside these regions, we ensure appropriate safeguards are in place.
Data protection contact
For GDPR-related questions or requests, email our data protection contact: [email protected].
We respond to GDPR requests within one calendar month.
Supervisory authority
You can raise concerns with the UK Information Commissioner's Office (ICO) if you believe your data rights have been violated.