privacy notice

Terra Management Consulting Ltd (“Terra Management Consulting”, “we” or “us”) is committed to protecting the confidentiality and privacy of information entrusted to us in accordance with the UK Data Protection Act 2018 including its applied GDPR provisions (DPA 2018). Please read this Privacy Notice to learn about your rights, what information we collect, how we use and protect it.

Directly: We obtain personal data directly from individuals in various ways, including business cards, online forms, subscriptions to our newsletters, webinar registrations, event attendances, office visits, or recruitment purposes. Personal data is also obtained directly when establishing business relationships, performing professional services through contracts, or through our hosted software applications.

Indirectly: We obtain personal data indirectly from a variety of sources, including:

• Public sources: Personal data from public registers (e.g., Companies House), news articles, sanctions lists, government agencies, and internet searches.
• Social and professional networking sites: If you register or login using social media (e.g., LinkedIn), we collect information you permit the social media provider to share with us.
• Business clients: Personal data shared by our clients as part of professional services engagements.
• Recruitment services: Personal data from employment agencies, former employers, and credit reference agencies.
• Data subscription services: Business personal data from external data providers to reach new clients.

We may collect the following categories of personal data:

• Personal data: Contact details, professional details, employee next of kin, family and beneficiary details, financial information, and recorded on-premise CCTV images.
• Social and professional networking sites: If you register or login using social media (e.g., LinkedIn), we may collect information you permit the social media provider to share with us.
• Special Categories of Personal Data: Typically collected only about our own employees or as necessary for specific engagements, which may include personal identification documents, expense receipts, adverse information about potential or existing clients and applicants, and health data.
• Child data: We do not collect data from children under 13, unless expressly requried as part of professional services engagements.
• Location-based data: Geographical locations of ASNs and associated with IP addresses are recorded and logged when accessing any of our on-premesis or cloud-hosteed systems or networks.

We may rely on the following lawful reasons:

• Contract: To perform our contractual obligations.
• Consent: With your freely given consent.
• Legitimate interests: To deliver services, direct marketing, monitor IT systems, and comply with corporate responsibility commitments.
• Legal obligations: To meet legal and regulatory obligations.
• Public Interest: To perform a task in the public interest.
• Vital Interests: To protect vital interests.

We collect and use personal data for purposes including:

• Providing professional advice and reports.
• Promoting our services and capabilities.
• Sending event invitations and providing access.
• Personalising online content.
• Administering and securing our information systems.
• Authenticating registered users.
• Processing online requests and communications.
• Contacting journalists.
• Supporting client development programs.
• Complying with legal obligations.
• Compiling health and safety data.
• Collecting health data to control infectious diseases.

We may share personal data with trusted third parties, including:

• Affiliated firms and partners: For administrative purposes and to provide services.
• Service providers: Supporting telecommunications, IT systems, archiving, document production, and cloud-based software services.
• Professional advisers: Including lawyers, auditors, and insurers.
• Potential buyers or merger partners: In connection with business transfers or mergers.
• Law enforcement and regulatory agencies: As required by law.
• Health government bodies and external service providers: To control infectious diseases.

We do not transfer personal information to third parties for their own direct marketing use.

Personal data is stored on servers in the UK and EEA. Transfers to organisations outside these areas are conducted with safeguards in place to protect personal data in accordance with data protection legislation.

Our websites may use cookies. Where cookies are used, a statement will be sent to your browser explaining their use. For more information, please refer to our Cookies Notice.

You have the following rights:

• Access: Verify if we are processing personal data about you.
• Correction: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your personal data.
• Processing restrictions: Temporarily restrict processing of your personal data.
• Data portability: Request transmission of your data to another company.
• Automated decision-making: Request a review of automated decisions affecting you.
• Object to direct marketing: Object to the use of your data for direct marketing.
• Withdraw consent: Withdraw your previously given consent.

To exercise your rights, email us at privacy@terra-consulting.co.uk. Verification of identity may be required.

We have implemented security policies and procedures to protect personal data from loss, misuse, alteration, or destruction. Access to personal data is limited to those who need it. Users of our services are responsible for maintaining the confidentiality of their user ID and password.

Personal data is retained for the duration necessary to provide services, maintain contact, and comply with legal obligations. Generally, data is retained for seven years unless otherwise required by law.

Our websites may contain links to other sites. Please review the privacy notices of those sites as we are not responsible for their content, security, or privacy practices.

For questions or concerns about this Privacy Notice or our data handling practices, contact:

You may also contact the UK Information Commissioner’s Office (ICO) to report concerns.

• ICO Address:
Wycliffe House, Water Lane
Wilmslow, Cheshire
SK9 5AF

• Helpline number: 0303 123 1113
• ICO website: https://www.ico.org.uk

We regularly review this Privacy Notice and will post updates on this webpage. This Privacy Notice was last updated on 30 May 2024.