Privacy and Cookie Policy
WHO WE ARE
Rivenmoor is a trading name of TMG UK Services Limited, with a company number 13737761, and having a registered office at Kanaloa House, 4-7 Great Pulteney Street, London, United Kingdom, W1F 9NA (“us” and “we”) is based in the UK and is the controller responsible for your personal data. This privacy policy sets out how we collect and process your personal data when you use this website, contract with us or otherwise correspond with us. The privacy policy also covers the CCTV privacy policy that we follow when you visit our premises. Subject to the requirements of applicable law, your continued use of the website will constitute your deemed consent to the terms of this privacy policy.
Should you have any concerns with the way we have dealt with your personal data, you have the right to make a complaint at any time to the Information Commissioner's Office (“ICO”) (www.ico.org.uk). We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.
WHAT DATA WE COLLECT ABOUT YOU
Personal data means any information about an individual from which that person can be identified.
We may collect, use and store different kinds of personal data about you including:
Identity and Contact Data such as your photo, full name, date of birth, gender, occupation, country of residence, residence status, nationality, physical address, telephone number, email address and any other personal data you may provide us when you contact us.
Employment Data relating to your employment history, education, family or personal circumstances and interests, and any other personal data you may provide when you send us your CV or apply to any of our job vacancies.
Financial Data such as your bank account, payment card details, details about payments to and from you and details of products or services you have purchased from us or vice versa.
Marketing and Communications Data such as your preferences in receiving marketing from us and your communication preferences.
Technical and Usage Data such as system log information about how you interact with and use our website, your IP address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, website usage data and other technology on the devices you use to access this website.
Information collected from the use of closed-circuit television (“CCTV”) systems and other security systems.
Cookies Data – you can find more information on this under the section entitled ‘Cookies’.
We may also collect, use and share aggregated data such as statistical or demographic data which is not personal data as it does not directly (or indirectly) reveal your identity. For example, we may aggregate individuals’ usage data to calculate the percentage of users accessing a specific website feature in order to analyse general trends in how users are interacting with our website to help improve the website and our product and service offering. You can find more information on this under the section entitled ‘Cookies’.
HOW WE COLLECT PERSONAL DATA
We use different methods to collect data from and about you including through:
Your interactions with us: you may give us your personal data by filling in online forms or by corresponding with us by post, phone, email or otherwise.
Automated technologies or interactions: as you interact with our website, we will automatically collect Technical and Usage Data about your equipment, browsing actions and patterns. We collect this personal data by using cookies, server logs and other similar technologies.
Technical Data is collected by analytics providers such as Google Analytics and reCAPTCHA based outside the UK. Your ability to opt-out of Google Analytics and refuse to opt-in to reCAPTCHA are described in more detail under the section entitled ‘Cookies’
HOW WE USE YOUR PERSONAL DATA
We only use your personal data when the law allows us to. We rely on one or more of the following legal bases for collecting and using your personal data.
Performance of a contract with you. We process your personal data where it is necessary for the performance of a contract to which you are a party, or to take steps at your request before entering into such a contract. This includes, for example, to:
manage and administer our relationship with you as an investor, client, counterparty, supplier, or service provider;
perform or receive investment, advisory, or administrative services in accordance with our agreements;
communicate with you in relation to our or your services, transactions, or other business activities;
carry out or receive operational and compliance processes connected with your engagement with us; and
manage any requests, instructions, or correspondence you send us.
Compliance with a legal or regulatory obligation. We process your personal data where it is necessary for compliance with a legal obligation to which we are subject, such as:
anti-money laundering and know-your-customer (KYC) checks;
reporting and/or being audited by regulatory bodies;
maintaining business and accounting records;
complying with tax, data protection, financial services, and other applicable laws;
and complying with court orders or defending our legal rights.
Legitimate interests. We may process your personal data where it is necessary for our legitimate business interests (or those of a third party) and your interests and fundamental rights do not override those interests. This may include, for example:
managing and administering our business and day-to-day operations;
analysing and improving our services, communications, and client engagement;
Seeking advice on our rights and obligations from organisations such as Compliance Specialists The Tower (https://thetower.com/).
protecting the security of our information technology systems, websites, and communication networks, including preventing and detecting security threats, fraud, or other criminal or malicious activities;
insurance purposes;
detecting, preventing, or reducing the incidence of crime and creating a safer environment;
managing health and safety obligations in respect of employees, contractors, and visitors;
assisting with serious occurrences, including disciplinary or compliance investigations;
recognising and counting the number of visitors to our website and analysing how visitors use it, to improve its functionality and user experience;
marketing our services to you, provided that we do not share personal data with third parties for their own marketing purposes; and
where you have submitted a CV or application, for vetting or verification purposes prior to or during an employment assessment.
Consent: Where required by law, we will obtain your consent before processing your personal data - for example, in relation to direct marketing communications or where consent is required to transfer data to third parties.
PURPOSES FOR WHICH WE USE YOUR PERSONAL DATA
We have set out below, in a table format, a non-exhaustive list of the ways we plan to use the various categories of your personal data and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
WHO CAN WE SHARE YOUR PERSONAL DATA WITH
We may share your personal data with:
Group companies. Members of the TMG UK Services Limited group, meaning any direct or indirect subsidiary, holding company, or subsidiary of any such holding company (as defined in section 1159 of the Companies Act 2006). We will only share your personal data with group companies located in the UK or EU, unless you have expressly consented to the transfer of your personal data to group companies located outside those jurisdictions.
Service Providers and Business Partners. Third parties engaged to support our business operations or to provide services to you, such as agents, advisors, banks, brokers, insurers, auditors, accountants, IT and software providers, and other professional or administrative service providers.
Marketing and Communications Partners. Agencies that assist us with marketing, event management, and newsletter distribution, but only where you have given your express opt-in consent to receive such communications.
Professional and Regulatory Bodies. Legal, tax, and other professional advisors, auditors, and regulators, as well as law enforcement agencies where disclosure is required to comply with legal or regulatory obligations or to protect our rights.
IT and Infrastructure Providers. Companies providing website hosting, cybersecurity, data storage, and other technology-related services, including Wi-Fi access at our premises.
Corporate Transactions. Third parties involved in a potential or actual sale, merger, transfer, or restructuring of our business or assets. If such a change occurs, the new owners may use your personal data in the same way as set out in this Privacy Policy.
We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes and only permit them to process your personal data for specified purposes and in accordance with our instructions.
HOW LONG WE KEEP YOUR PERSONAL DATA
We will retain your personal data for as long as you maintain a relationship with us. After that relationship ends, we will only keep your data for as long as is reasonably necessary to fulfil the purposes for which it was collected, including to meet any legal, regulatory, tax, accounting, or reporting requirements.
We may also retain your personal data for a longer period if a complaint has been made or we reasonably believe there is a prospect of litigation relating to our relationship with you.
In general, we do not keep personal data for longer than 6 years, unless a longer period is required by law or regulation.
Retention periods are determined based on the nature, amount, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure, the purposes for which we process it, and any applicable legal or regulatory requirements.
By law, we are required to retain certain basic information about our clients (such as identity, contact, and financial data) for five years after they cease to be clients for tax and anti-money laundering purposes.
We will not retain your personal data once it is no longer required or where you withdraw your consent (where consent was the basis for processing), unless we are legally required or otherwise permitted to retain it.
DATA SECURITY
We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality.
Please be aware that where data is transmitted via the internet, such transmission is not completely secure. Although we take appropriate and proportionate steps to manage the risk posed we cannot guarantee the security of your data transmitted to our online services.
TRANSFERRING YOUR DATA OVERSEAS
Your personal data may be transferred and stored as set out in this Policy to countries outside European Economic Area or to countries not approved as providing an adequate level of protection for personal data. This may include countries which do not provide the same level of protection for personal data. When this happens, we will ensure any such transfers are made subject to appropriate or suitable safeguards.
Such transfers will occur where you have given explicit consent, or where the recipient has entered into standard contractual clauses.
LINKS TO THIRD-PARTY WEBSITES
Our website may provide links to third party sites, including social networking sites. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit. We have no control over and assume no responsibility for the content, privacy policy of any third-party sites or services.
COOKIES
What are Cookies?
Our website uses cookies which are small text files that are placed on your device when you visit a website. Our use of cookies aims to provide you with an optimum user experience when you browse our website and allows us to monitor the performance of the website on an ongoing basis.
What type of cookies do we use?
We may use third-party cookies by Google Analytics in order to monitor and analyse the use of our website. Google Analytics is a web analytics service offered by Google that tracks and reports website traffic. Google uses the data collected to track and monitor the use of our website. You can learn more about data collected by Google and what this data is used for in Google's Privacy Policy. Additional information on Google services and products is available in Google's Terms of Service.
What data is collected by the cookies?
If you consent to the use of cookies, we may collect from you the following data: your browser type, language, operating system, device ID, geolocation data, the state or country from which you accessed the website’s services, the webpages you visited, and the date and the time of a visit. Please note that this data is aggregated and therefore the data is anonymous and will not be traced back to you.
How to manage cookies?
You can opt-out of having your activity made available to Google Analytics across all websites by installing the Google Analytics opt-out browser add on, which you can access here Google Analytics Opt-out Browser Add-on Download Page. You may also opt-out of tracking by Google Analytics on our website by pressing the ‘Reject’ button on our cookies banner. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy.
YOUR LEGAL RIGHTS
You have rights in relation to your personal data including the right to:
Request a copy of the personal data we hold about you.
Request us to share your personal date with another party.
Request us to update incorrect or incomplete details.
Request us to erase your personal data.
Object to or restrict our processing activities of your data.
Make a complaint.
Withdraw your consent to our processing of your personal data.
We reserve the right to update and change this Policy from time to time in order to reflect regulatory changes or changes to the way we process your personal data. In case of such changes, we post the amended Policy on our website. The changes will come into effect upon publication.
Last updated 05 November 2025.
