Privacy Policy

The Platinum Capital is a global business-news publication operated by TPC Media Ltd(“we”, “us”, “our”), a company registered in England and Wales. Our registered office is Sterling House, Suite 310e East Wing, Langston Road, Loughton, Essex IG10 3TS, United Kingdom.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, TPC Media Ltd is the data controller of personal data processed through this website.

Our data protection contact is the Data Protection Officer at dpo@theplatinumcapital.com. If you prefer to write to us, please use the registered office address above.

This Privacy Policy describes how we collect, use, store, and share personal data when you:

• Visit, browse, or read content on www.theplatinumcapital.com or any of its subdomains.
• Subscribe to our newsletter or other email communications.
• Send us a message through the contact form, by email, or by any other channel.
• Submit an awards nomination or sponsorship enquiry.
• Create an account on the site or sign in with a third-party identity provider.
• Apply for a role with us, pitch a story, or otherwise correspond with the editorial team.

This policy does not cover third-party websites we link to. When you click through to an external site, that site’s own privacy policy applies to your interaction with it.

We collect the following categories of personal data:

Information you give us directly

• Contact form submissions: name, email address, mobile number with country code, subject category, and the content of your message.
• Newsletter signup: email address and (optionally) name and country.
• Awards nominations: nominator details, nominee details, supporting evidence you choose to share, and any contact information for related parties.
• Account data: if you sign in via Google or by phone OTP, your name, email address, and/or verified phone number; preference flags such as saved articles or topic interests.
• Story tips and editorial pitches: any information you choose to send, including names, contact details, and supporting documents.

Information we collect automatically

• Technical data: IP address, device type, browser type and version, operating system, screen resolution, and approximate location derived from IP.
• Usage data: pages viewed, time spent, referring URL, search terms used on the site, and which articles you have interacted with.
• Cookies and similar technologies: see our Cookie Policy for the full list and categorisation.

Information from third parties

• If you sign in with Google, Google shares your name, email address, and profile picture with us. We do not receive your Google password.
• We may receive analytics aggregates from Google Analytics, Cloudflare Web Analytics, or similar providers that allow us to understand how the site is used in aggregate. These aggregates are not by themselves identifiable but may be combined with cookie identifiers.

UK GDPR requires us to identify a lawful basis for each processing activity. We rely on the following:

You may withdraw consent at any time where consent is the basis. Withdrawal does not affect the lawfulness of processing already carried out before the withdrawal.

We use personal data for the following purposes:

• To provide, operate, and maintain the website and our editorial product.
• To respond to your messages, story tips, awards nominations, and partnership enquiries.
• To send you the newsletter you have subscribed to.
• To authenticate you when you sign in and to remember your preferences.
• To improve our content, our user experience, and our overall service.
• To prevent and detect fraud, abuse, and unauthorised access to our systems.
• To comply with applicable laws and respond to lawful requests from authorities.

We do not sell your personal data, and we do not share it for cross-context behavioural advertising.

We share personal data only with the categories of recipients listed below, and only to the extent necessary for the purposes set out above:

Service providers (data processors)

• Google Cloud Platform / Firebase — hosts our database (Firestore) and authentication services. Data is processed in Frankfurt, Germany (Firestore region: europe-west3).
• Cloudflare, Inc. — provides our content delivery network, R2 object storage for media assets, and DNS resolution.
• Vercel Inc. — hosts and serves the website application.
• Resend, Inc. — sends transactional and newsletter emails on our behalf.
• Google LLC — provides Google Sign-In and Google Analytics (where consent has been given).

Each of these providers has been selected with regard to its data-protection commitments. Where a provider is located outside the United Kingdom, transfers are made under appropriate safeguards (see “International transfers” below).

Other recipients

• Professional advisers (lawyers, auditors, insurers) where we are required to do so to obtain advice or to defend our rights.
• Public authorities where disclosure is required by law, court order, or other lawful process.
• Buyers or successors if we sell or restructure the business; in such cases, the receiving party will be bound by terms at least as protective as those in this policy.

The United Kingdom is the primary jurisdiction in which TPC Media Ltd processes personal data. Some of our service providers, however, may process personal data in the European Economic Area, the United States, or other locations.

Where we transfer personal data outside the United Kingdom, we rely on one or more of the following safeguards:

• Adequacy regulations made by the UK Government (for example, transfers to EEA countries).
• UK International Data Transfer Agreement(IDTA) or the UK Addendum to the European Commission’s Standard Contractual Clauses, where appropriate.
• UK extension to the EU–US Data Privacy Framework, where the receiving organisation is certified.

You can request a copy of the safeguards in place by contacting our DPO at the address above.

We keep personal data only for as long as necessary for the purposes for which we collected it, and in line with our data retention schedule:

You have the following rights in relation to the personal data we hold about you:

• Right of access: obtain a copy of the personal data we hold about you.
• Right to rectification: ask us to correct inaccurate or incomplete data.
• Right to erasure (“right to be forgotten”): ask us to delete your personal data, where one of the grounds in UK GDPR applies. Note that this right is qualified where we rely on freedom-of-expression grounds in our journalism.
• Right to restriction: ask us to suspend processing in certain circumstances (for example, while we verify the accuracy of data you have challenged).
• Right to data portability: receive a structured, machine-readable copy of data you have provided to us under consent or contract.
• Right to object: object to processing based on our legitimate interests (including profiling) and to direct marketing.
• Rights in relation to automated decision-making: we do not make decisions about you that have legal or similarly significant effects using purely automated means.
• Right to withdraw consent: where we rely on consent, you may withdraw it at any time.

To exercise any of these rights, email dpo@theplatinumcapital.com. We will respond within one calendar month. We may need to verify your identity before processing your request.

You also have the right to lodge a complaint with the UK supervisory authority, the Information Commissioner’s Office (ICO), at ico.org.uk. We would, however, appreciate the chance to deal with your concerns first.

As a news publisher, much of our work involves processing personal data for journalistic purposes. Section 174 of, and Schedule 2 paragraph 26 to, the Data Protection Act 2018 provides a qualified exemption from certain data protection rights where processing is carried out for the special purposes of journalism, art, or literature, and where compliance with those provisions would be incompatible with the purposes of the journalism.

We rely on the journalism exemption only when we reasonably believe that publication is in the public interest, having regard to applicable codes of practice including the IPSO Editors’ Code of Practice. Editorial decisions about whether to publish information about an individual are made by senior editorial staff and, where appropriate, with legal advice.

We send marketing communications (such as our newsletter and event invitations) only to individuals who have given prior consent.

Every marketing email contains an unsubscribe link in the footer. You can also email newsletter@theplatinumcapital.com to unsubscribe at any time.

Unsubscribing from marketing communications does not affect transactional emails such as replies to your enquiries, awards-nomination confirmations, or security notifications related to your account.

The Platinum Capital is a business publication intended for an adult, professional audience. We do not knowingly collect personal data from individuals under the age of 16.

If you believe a child under 16 has provided us with personal data, please contact our DPO and we will take steps to delete that information.

We use a combination of technical and organisational measures designed to protect personal data against unauthorised access, alteration, disclosure, or destruction. These include:

• Encryption of personal data in transit (TLS 1.2 or higher).
• Encryption of stored data at rest where supported by the underlying provider.
• Restricted access to production systems on a need-to-know basis, protected by multi-factor authentication.
• Continuous monitoring and logging of access to systems containing personal data.
• Regular review of third-party processors and their security commitments.

No system is perfectly secure. If we become aware of a personal-data breach that is likely to result in a risk to your rights and freedoms, we will notify the ICO within 72 hours and, where required, notify you without undue delay.

We may update this Privacy Policy from time to time. The version in force is the one published on this page. The “Last updated” date at the top of the page indicates when the most recent change was made.

For material changes, we will give reasonable advance notice on the homepage and, for registered users, by email.

For any privacy-related question, request, or complaint, please contact us:

• By email: dpo@theplatinumcapital.com
• By post: Data Protection Officer, TPC Media Ltd, Sterling House Suite 310e East Wing, Langston Road, Loughton, Essex IG10 3TS, United Kingdom

You may also contact the UK Information Commissioner’s Office at ico.org.uk.