Privacy Policy

Who we are

We are Diversified EfW Management Limited (“DEML”, “we”, “us”), a limited liability company incorporated and registered in England and Wales with company number 12754239 and registered office at 1 Bartholomew Lane, London, EC2N 2AX.

DEML is registered as a data controller (as defined under European Data Protection Regulation (Regulation (EU) 2016/679) with the UK Information Commissioner’s Office (“ICO”) and our registration number is ZA834536.

Purpose of this Privacy Policy

We take your privacy very seriously. As such, we ask that you read this Privacy Policy carefully as it contains important information about:

  • what personal data we may collect from you;
  • how we will use, store and protect your personal data;
  • with whom we may share personal data; and
  • your rights under relevant data protection laws.

It is important that you read this Privacy Policy together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

Lawful basis for processing

Under data protection laws, we must have a legal basis in order to process your personal data. The legal bases on which we may process your data are:

  • Legitimate interest: in order to carry on and promote DEML’s energy from waste business and related activities.
  • Consent: where you have consented for us to process your personal data for one or more specific reasons.
  • Performance of a contract: in order to perform a contract that DEML may have with you.
  • Legal obligation: where processing of the data is required by law. For example, to carry out ‘know your client’ checks required by the Financial Conduct Authority, or similar requirements in respect of any of our subsidiaries or group companies.
  • What data we may collect from you

We may collect and process the following personal data:

  • your name, email address, telephone number(s), organisation, role and information related to our business relationship with you;
  • for clients and commercial counterparties, the personal data of its representatives and staff, including the data set out above as well as date of birth, gender, financial information, visual images (such as copies of passports) and data contained in identity documentation;
  • cookie data; and
  • technical data such as internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our website.

Where permitted by law or to fulfil our regulatory requirements, we may process information about criminal convictions or offences and alleged offences for specific and limited activities and purposes, such as to perform checks to prevent and detect crime and to comply with laws relating to money laundering, fraud, terrorist financing, bribery and corruption, and international sanctions. It may involve investigating and gathering intelligence on suspected financial crimes, fraud and threats and sharing data between banks and with law enforcement and regulatory bodies.

How we collect information from you

We collect your personal data in a number of ways:

  • as you browse the DEML website certain information is collected automatically using cookies, server logs and other similar technologies;
  • during the communications between us, such as via email, telephone, correspondence or in meetings;
  • any personal information you provide to us or one of our subsidiaries or group companies during your relationship with us as a client or commercial counterparty of us or one of our subsidiaries or group companies; and
  • from third parties/public sources:
    • technical data may be obtained from the following parties:
      • our website management provider, and
      • data analytics providers, such as Google Analytics,
    • identity and contact data from publicly availably sources such as internet searches, Companies House and Financial Conduct Authority, or from subscription services such as Thomson Reuters, Dun & Bradstreet or ratings agencies (and including updates of such searches from time to time).

How we use your personal data

We may use your personal data for the following purposes:

  • to contact you to discuss any aspect of the DEML business and to respond to any queries you have raised;
  • where you are a client or commercial counterparty of DEML or one of our subsidiaries:
    • to provide the relevant services,
    • to carry out necessary anti-money laundering and anti-fraud checks, including any periodic updates of the same,
    • to enable us or our subsidiaries to conduct day-to-day business activities with you, and
    • to carry out general customer relations activities and communications;
  • to personalise your experience on the DEML website; and
  • as we believe to be necessary or appropriate:
    • in order to comply with a legal obligation,
    • to enforce or apply this Privacy Policy, and
    • to protect our legitimate rights, privacy, property or safety, and/or those of a third party and your rights do not override those intere


We or our group companies contact you about our business and/or services where we are legally entitled to do so and it is in our legitimate interests to provide such information to you. In some cases, we may obtain your consent for such marketing communications.

If you do not wish to be contacted in this way, you can tell us by contacting us at We will process your request to be opted-out of such marketing communications within 30 days of receipt.

Where you opt out of receiving these marketing communications, we may still process your personal data for other required purposes, as specified in section 5 above.

Third party links

The DEML website may contain links to and from other applications, plug-ins and websites of other networks, partners, and affiliates. If you follow a link to any of these websites, please note that they (and any services that may be accessible through them) have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any personal data that may be collected through these apps, websites or services. Please check these policies before you submit any personal data to these websites or use such services.

Retention of your data

We will not retain your personal data for longer than is necessary for the purposes for which the personal data is processed. This means that your data will only be retained for as long as it is still required to provide you with services or is necessary for legal (including regulatory) reasons. When calculating the appropriate retention period for your data, we consider the nature and sensitivity of the data, the purposes for which we are processing the data, and any applicable statutory retention periods. Using these criteria, we regularly review the personal data which we hold and the purposes for which it is held and processed.

When we determine that personal data can no longer be retained (or where you request us to delete your data in accordance with your right to do so (please see section 12 below for more information)), we ensure that this data is securely deleted or destroyed.

For more details about our retention periods, please contact us at

Accuracy of your data

It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.

Security of your data

We seek to ensure that we have appropriate organisational and technical security measures to protect your personal data. These measures include ensuring our internal IT systems are suitably secure and implementing procedures to deal with any suspected data breach.  All company desktops have relevant antivirus and endpoint protection installed.

In the unlikely event of a data breach, we will take steps to mitigate any loss or destruction of data and, if required, will notify you and any applicable authority of such a breach.

Transfer of your data

Transfers within our group

We may share your data with other companies within the DEML group, including our ultimate shareholders iCON Infrastructure LLP and any of its subsidiary companies connected with the DEML business.

Transfers to third parties

There may be circumstances in which we may also need to share your personal data with certain third parties, including third parties located outside of the UK and the European Economic Area (EEA).

The third parties to which we may transfer your personal data include:

  • We employ other companies and individuals to perform functions on our behalf, including our software suppliers, data hosting providers, data analytics providers, and anti-money laundering tools;
  • Joint venture partners with whom we jointly own assets and/or jointly perform or procure services;
  • Banks who assist us or our subsidiaries or group companies;
  • Other professional advisors such as accountants, lawyers, consultants and other business advisors engaged by us or our subsidiaries or group companies; and
  • Other third parties where required under law or applicable regulation, or in connection with legal or regulatory proceedings.

The security of your data is important to us and DEML will, therefore, only transfer your data to such third parties if:

  • the third party has agreed to comply with DEML’s instructions, required data security standards, policies, and procedures and put adequate security measures in place;
  • the transfer complies with any applicable cross border transfer restrictions and suitable safeguards have been put in place; and
  • a written contract containing suitable obligations and protections has been entered into between the parties.

As mentioned above, DEML will only transfer your data where suitable safeguards have been put in place. These safeguards are intended to ensure a similar degree of protection is afforded to your data wherever it may be transferred and include:

  • only transferring your personal data to countries which have been deemed to provide an adequate level of protection for personal data by the European Commission; or
  • where your data will be transferred by DEML outside of the EEA, entering into specific contractual terms which have been approved by the European Commission and which give personal data the same protection as within the EEA;

We may also share your personal information with a purchaser or potential purchaser of businesses connected with DEML or its subsidiaries and in some circumstances, we may have to disclose your personal information by law, either because our regulator, the courts or other law enforcement agency has asked us for it, or to enforce our legal rights.

For more information on the safeguards used by DEML when transfers of personal data to third parties, please contact us at

Your rights

You have certain rights in relation to the personal data DEML processes and holds about you. These include:

  • Right to rectification: you have the right to require DEML to correct any inaccuracies in your data.
  • Right to erasure: you have the right to require DEML to delete your data, subject to certain legal requirements.
  • Right to restriction of processing: you have the right to require DEML to restrict the way in which DEML processes your personal data. You may wish to restrict processing if, for example:
    • You contest the accuracy of the data and wish to have it corrected;
    • You object to processing but DEML is required to retain the data for reasons of public interest; or
    • If you would prefer restriction to erasure.
  • Right to data portability: you have the right to obtain from DEML easily and securely the personal data we hold on you for any purpose you see fit.
  • Right to object to processing: you have the right to require DEML to stop processing your personal data should you wish the data to be retained but no longer processed.
  • Right of access: you have the right to request access to personal data that DEML may process about you.
  • Right to withdraw consent: you have the right at any time to withdraw consent allowing DEML to process your personal data.

If you would like to exercise any of the above rights, please contact DEML at We will respond to requests made by you within one month.

Amendments to this Privacy Policy

No changes to this Privacy Policy are valid or have any effect unless agreed by DEML in writing. DEML reserves the right to vary this Privacy Policy from time to time. Our updated terms will be displayed on the DEML website. It is your responsibility to check this Privacy Policy from time to time to verify such variations.

Questions in relation to this Privacy Policy

You should also be aware that you have the right to raise any concerns in relation to how DEML processes your personal data to the ICO (

We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.  DEML has appointed a data privacy lead (DPL) who is responsible for dealing with any such concerns, in addition to overseeing questions in relation to this Privacy Policy and handling requests in relation the exercise of your legal rights. If you have any concerns, questions, or requests, please contact the DPL using the details set out below.

F.A.O Data Privacy Lead
Diversified EfW Management Limited
1 Bartholomew Lane

Email address:

Do you have a project you would like to discuss with us?