Privacy and cookies policy

Website Privacy and Cookies Policy (the “Policy”)

We are committed to protecting and respecting your privacy and personal data.

Cory Riverside Energy Group is made up of different legal entities, details of which can be found below.  This privacy notice is issued on behalf of the Cory Riverside Energy Group so when we mention “Cory Riverside Energy Group”, “We”, “Us”, “Our” in this privacy notice, We are referring to the relevant company in the Cory Riverside Energy Group responsible for processing your data.

This Policy explains when and why We collect personal data about people who visit Our website, how We use it, the conditions under which We may disclose it to others and how We keep it secure.

Please read this Policy (and also Our terms of use carefully to understand Our views and practices regarding your personal data and how We will treat it as well as Our use of cookies. We may change this Policy from time to time so please check this page occasionally to ensure that you’re happy with any changes.  By visiting, and/or (Our “Sites”) you are agreeing to be bound by this Policy and also Our terms of use.

Who are We?

Cory Riverside Energy” is the trading name for each of the Cory Riverside Energy Group of companies comprising Cory Environmental Holdings Limited (Registered company number 5360864) and its operating subsidiaries:

  • Cory Riverside (Holdings) Limited. Registered company number 6505376;
  • Riverside Resource Recovery Limited. Registered company number 3723386;
  • Riverside (Thames) Limited. Registered company number 6427503;
  • Cory Environmental Limited. Registered company number 49722;
  • Cory Ship Repair Services Limited. Registered company number 4087659; and
  • Riverside Energy Park Limited. Registered company number 11536739

All of the Cory Riverside Energy companies are registered in England with their registered offices at 5th Floor, 10 Dominion Street, London EC2M 2EF (together the “Cory Riverside Energy Group”).  The Cory Riverside Energy Group’s ultimate parent company is Dusty Topco Limited (registered company number 11385842). 

For the purpose of the EU General Data Protection Regulation ((EU) 2016/649) as amended from time to time (the “Act”)), the data controller is Cory Environmental Holdings Limited who is responsible for Our Sites.

Our nominated representative for the purpose of the Act is the General Counsel and Company Secretary of Cory Environmental Holdings Limited.  If you have any questions about this privacy notice please contact the General Counsel at

Information We may collect from you

Personal data means any information about an individual from which that person can be identified.  It does not include data where the identity has been removed (anonymous data).

You may give Us information about you by filling in forms on Our Sites (for example the ‘Contact Us’ form) or by corresponding with Us by phone, e-mail or otherwise. The information you give Us may include your name, address, e-mail address and phone number and personal description.

We may collect, use, store and transfer different kinds of personal data about you which We have grouped together as follows:

  • Identity Data includes first name, last name, title, date of birth and gender.
  • Contact Data includes billing address, delivery address, email address and telephone numbers.
  • Financial Data includes bank account and payment card details.
  • Transaction Data includes details about payment to and from you and other details of services you have purchased from Us.
  • Technical Data includes the internet protocol (IP) address used to connect your computer to the internet, browser type and version, time zone setting and location, browser plug-in-types and versions, operating system and platform and other technology on the devices you use to access Our Sites.
  • Usage Data includes information about how you use Our website and services, including the full Uniform Resource Locators (“URL”) clickstream to, through and from Our Sites (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call Our customer service number.
  • Marketing and Communication Data includes your preferences in receiving marketing from Us and Our third parties and your communication preferences.

We also collect, use and share Aggregated Data such as statistical or demographic data for any purpose.  Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity.

Information We receive from other sources. We may receive information about you if you use any of the other websites We operate or the other services We provide. We also work closely with third parties (for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.

How We use your information

We will only use your personal data when the law allows Us to.  Most commonly, We will use your personal data in the following circumstances:

  • When you use the Sites, We may use your IP address and cookies to provide certain functionality to you and to better understand how Our services are being used. You can read more about Our use of Cookies below;
  • Where We need to perform the contract We are about to enter into or have entered into with you;
  • Where it is necessary for Our legitimate interests (or those of a third party) and your interests and fundamental rights do not override these interests;
  • Where We need to comply with a legal or regulatory obligation.

Purposes for which We will use your personal data

We have set out below, in a table format, a description of all the ways We plan to use your personal data, and which of the legal bases We rely on to do so.  We have also identified what Our legitimate interests are where appropriate.  Please note that We may process your personal data for more than one lawful ground depending on the specific purpose for which We are using your data. Please Contact Us  if you need details about the specific legal ground We are relying on to process your personal data where more than one ground has been set out in the table below.

Purpose/Activity Type of data Lawful basis for processing including basis of legitimate interest
To register you as a new customer.



(a)     Identity

(b)    Contact

Performance of a contract with you.
To process and deliver your order including:

(a)  Manage payments, fees and charges

(b)  Collect and recover money owed to us.

(a)     Identity

(b)    Contact

(c)     Financial

(d)    Transaction

(e)     Marketing and Communications


(a)   Performance of a contract with you

(b)  Necessary for our legitimate interests (to recover debts due to us).

To manage our relationship with you.


(a)     Identity

(b)    Contract

(a)   Performance of a contract with you

(b)  Necessary to comply with a legal obligation

(c)   Necessary for our legitimate interests (to keep our records update).


To administer and protect our business and our Sites (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data). (a)     Identity

(b)    Contact

(c)     Technical

(a)   Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restricting exercise)

(b)  Necessary to comply with a legal obligation.


To use data analytics to improve our Sites, services, customer relationships and experiences. (a) Technical

(b) Usage

Necessary for our legitimate interests (to define types of customers for our services, to keep our Sites updated and relevant and to develop our business.


Disclosure of your information

We may share your personal data with any member of the Cory Riverside Energy Group.

We may share your information with selected third parties including:

  1. Business partners, suppliers and sub-contractors for the performance of any contract We enter into with them or you.
  2. Analytics and search engine providers that assist Us in the improvement and optimisation of Our site.
  3. Credit reference agencies for the purpose of assessing your credit score where this is a condition of Us entering into a contract with you.

We may disclose your personal data to third parties:

  1. In the event that We sell or buy any business or assets, in which case We may disclose your personal data to the prospective seller or buyer of such business or assets.
  2. If the Cory Riverside Energy Group or substantially all of its assets are acquired in whole or part by a third party, in which case personal data held by it about its customers will be one of the transferred assets.
  3. If We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply Our terms of use and other agreements; or to protect the rights, property, or safety of Cory Riverside Energy Group, Our customers, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.

Where We store your personal data

The data that We collect from you may be transferred to, and stored at, a destination outside the European Economic Area (“EEA”). It may also be processed by staff operating outside the EEA who work for Us or for one of Our suppliers. Such staff maybe engaged in any services We provide for you or seek as a result of providing services to you. By submitting your personal data, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

Data Security

We have appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed.  Unfortunately, the transmission of information via the internet is not completely secure. Although We will do Our best to protect your personal data, We cannot guarantee the security of your data transmitted to Our Sites; any transmission is at your own risk. Once We have received your information, We will use strict procedures and security features to try to prevent unauthorised access. We also have procedures in place to deal with any suspected personal data breach and We will notify you and any applicable regulator of a breach where We are legally required to do so.

In addition, We limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.  They will only process your personal data on Our instructions and they are subject to a duty of confidentiality.

Third-Party Marketing

We will get your express opt-in consent before We share your personal data with any company outside of the Cory Riverside Energy Group for marketing purposes.

Opting out

You have a right to ask Us not to process your personal data for marketing purposes.  We will inform you (before collecting your data) if We intend to use your data for such purposes or if We intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms We use to collect your data.  You can ask Us or third parties to stop sending you marketing message at any time by following the opt-out links on any marketing message sent to you. Otherwise, please Contact Us.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to Us as a result of service experience or other transaction.

Our Sites may contain links to websites of Our partner networks, advertisers and affiliates.  If you follow a link to any of these websites, please note that these websites have their own privacy policies and that We do not accept any responsibility or liability for these policies.  Please check these policies before you submit any personal data on these websites.

Access to information

The Act gives you the right to access information held about you.  You will not have to pay a fee to access your personal data (or to exercise any of the other rights).  However, We may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.  Alternatively, We may refuse to comply with your request in these circumstances. If you wish to exercise your rights of access granted by the Act, please Contact Us or email

We may need to request specific information from you to help Us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  We may also contact you to ask you for further information in relation to your request to speed up Our response.

We try to respond to all legitimate requests within one month.  Occasionally it may take Us longer if your request is particularly complex or you have made a number of requests.  In this case, We will notify you and keep you updated.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes We collected it for, including the purposes of satisfying any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal data, We consider the amount, sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which We process your personal data and whether We can achieve these purposes through other means, and the applicable legal requirements.  Details of retention periods for different aspects of your personal data are available in Our retention policy which you can request from Us by Contacting Us or email

Our use of Cookies

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used to make websites work, or work more efficiently, as well as to provide information to the owners of the website. We don’t use cookies to personally identify you; Our aim in using them is to be able to make the Sites better for you.

The below explains the cookies We use and what each is for.

  • Statistic cookies – are used to help Us understand how visitors interact with Our Sites
  • Other/unclassified cookie – the unclassified cookies is used for the purposes of the cookie consent pop-up
  • Marketing cookies—are used to track visitors to Our Thames Ship website

Changing your browser settings for cookies

You can adjust the settings in your web browser to refuse all or some browser cookies, or to alter you when websites set or access cookies.   If you disable or refuse cookies, please note that some parts of Our Sites may become inaccessible or not function properly.

Review and changes to Our Policy

Any changes We make to Our Policy in the future will be updated on this Site page.  Please check back frequently to see any updates or changes to Our Policy.

We keep this Policy under regular review.  This Policy was last updated November 2018.


Questions, comments and requests regarding this Policy are welcomed and should be sent via Contacting Us or addressed to the Cory Riverside Energy Group, Attention: General Counsel, 5th Floor, 10 Dominion Street, London EC2M 2EF.