Skip to main content


Privacy Policy

1 WHO ARE WE?

1.1 This is the privacy policy of TalkTalk Business Direct. Registered address is Soapworks, Ordsall Lane, Salford, M5 3TT. Registration No: 11347230. We provide telephony, broadband, fibre, ethernet and cloud and security services. We are responsible for your personal data where we operate as a data controller.

1.2 We have a Data Protection Officer (DPO) who is responsible for all issues relating to the protection of personal data. The data protection officer can be contacted at the below:

The Data Protection Officer, TalkTalk, Soapworks, Ordsall Lane, Salford, M5 3TT, United Kingdom

1.3 This privacy policy replaces all previous versions and applies from 4th September 2025.

2. WHO DOES THIS PRIVACY POLICY APPLY TO?

2.1 This privacy policy applies to:

(a) Customers; (b) Prospective customers; (c) Individuals that use our websites; (d) Former customers; (e) Nominated users or individuals acting under a power of attorney; and (f) Shareholders.

2.2. Our services are not intended for children (unless expressly stated), and we do not knowingly collect or process personal data relating to children or anyone under 18 years of age.

2.3. Please help us keep your information accurate and up to date by updating your Support Centre details or contacting us here.

3. WHAT INFORMATION DO WE COLLECT?

3.1. We may collect, use, store, and transfer the following categories of personal data to deliver our services:

(a) Identity data – name, title, date of birth, gender; (b) Contact data – service address, billing address, correspondence address, landline and mobile number; (c) Financial data – bank account details, payment card details, credit rating; (d) Transaction data – payments to and from you, products and services purchased; (e) Technical data – IP address, login data, browser type/version, time zone, operating system, TalkTalk Business webmail emails, chat logs, and device details; (f) Portal/API profile data – usernames, passwords, interests, preferences, survey responses; (g) Usage – service usage, online activity, websites visited, call details (number, destination, length); (h) Marketing & communications data – preferences and consents. (i) Special category data – limited health data (e.g. accessibility needs) or biometric data (e.g. voice ID) where required to provide services.

3.2 Where we process special category data, we will only do so with your explicit consent or where another lawful condition under Article 9 UK GDPR applies (e.g. vital interests, substantial public interest).

3.3 We may also collect non-personal data, such as statistical or demographic information, which is not considered personal data as it does not identify you.

4. HOW DO WE COLLECT INFORMATION? We collect data in the following ways:

4.1 Information you provide

For example:

(a) when you place an order with us for any of our services (e.g., over the phone)

(b) when you contact us to discuss your services, or

(c) when you take part in trials, surveys, downloads, or competitions/prize draws.

4.2 Information we automatically collect

We may automatically collect information:

(a) when you use our services, and

(b) when you visit our websites, where we use “cookies” and similar technologies to analyse usage and improve services.

4.3 Information we receive from other sources

We may receive personal data about you from third parties, publicly available sources, and other entities within categories such as:

(a) companies contracted by us to help deliver services,

(b) other telecommunications operators (e.g. when transferring services),

(c) marketing organisations,

(d) credit reference agencies or fraud prevention agencies.

5. HOW Do WE USE INFORMATION? 5.1 We use personal data to:

(a) verify your identity; (b) process enquiries, orders, and applications (including some automated decisions); (c) carry out credit checks and manage your account; (Credit Reference Agency Information Notice); (d) record and monitor communications for training, quality, and regulatory compliance; (e) send you information about services, offers, or products (where you have consented); (f) notify you about changes to services or terms; (g) analyse usage to improve services and personalise offers; (h) recover debts; (i) detect and prevent crime, fraud, or misuse of our network; (j) monitor network traffic for problem-solving, backup, and security.

5.2 If we make automated decisions that have a legal or significant effect on you, you have the right to request human intervention, to express your point of view, and to contest the decision.

5.3 We may use your data for other purposes where you give consent or where required by law.5.1 The information we collect helps us to better understand what you need from us and to improve the provision of our services to you.

5.4 We may supplement the information directly collected by us with data from third parties (for example socio-demographic data) to further improve the services or products we offer customers.

6. WHEN WILL WE SHARE YOUR DATA WITH OTHERS? 6.1 We may share your data with trusted third parties to deliver our services. 6.2 Categories of recipients include: (a) suppliers assisting us in providing services; (b) professional advisers (e.g. auditors, lawyers); (c) regulators (Ofcom, ICO, FCA); (d) law enforcement agencies; (e) other telecom providers (e.g. when transferring services); (f) potential buyers in the event of a business sale. 6.3 Third parties are contractually required to protect your information, use it only as instructed, and comply with UK data protection laws.

7 PROTECTING INFORMATION 7.1 We use appropriate organisational and technical measures to protect your personal data against unauthorised access, disclosure, alteration, or destruction.

7.2 While we take steps to protect data in transit, no internet transmission is 100% secure. Once received, we apply strict security procedures and controls to keep your data safe.

8 WHY DO WE PROCESS YOUR DATA? 8.1 We process personal data because: (a) it is necessary to perform a contract with you; (b) we have a legitimate business interest; (c) we are legally required to; or (d) you have provided consent (which you can withdraw at any time). 8.2 If you don’t provide us with the data we need then we may not be able to perform our contract with you and may need to terminate the contract. If this happens we will notify you as set out in our Terms and Conditions .

9 TRANSFERS OF DATA OUTSIDE OF THE UNITED KINGDOM 9.1 From time to time the third parties we share our data with may be outside of the United Kingdom in countries that do not always have the same standard of data protection laws as the UK. However, we will have a contract in place to ensure that your information is adequately protected, and we will remain bound by our obligations under applicable UK data protection laws even when your personal information is processed outside of the UK. The sorts of measures we use to protect your data in this instance are security reviews of the organisations, contractual model clauses approved for use by the European Commission or other approved transfer mechanisms.

10 HOW LONG DO WE HOLD YOUR INFORMATION FOR? 10.1 Unless there is a specific regulatory or legal requirement for us to keep your information longer, we will keep your information for as long as it is necessary for the purpose for which it was collected.

10.2 To determine the appropriate retention period for personal data, we consider: (a) the nature and sensitivity of the data; (b) the risk of harm from unauthorised use or disclosure; (c) the purposes of processing; (d) applicable legal/regulatory requirements

11 YOUR RIGHTS 11.1 Under UK data protection law, you have the right to: (a) Access – request a copy of your personal data; (b) Rectification – correct inaccurate data; (c) Erasure – request deletion of your data in certain circumstances; (d) Restrict processing – limit how we use your data; (e) Object – to processing based on legitimate interests or for direct marketing; (f) Portability – request transfer of data in a machine-readable format; (g) Withdraw consent – where we rely on consent (e.g. marketing).

11.2 To exercise your rights, email dataprivacy@talktalk.business. We will need to verify your identity before processing your request.

12 COMPLAINTS 12.1 If you are unhappy with how we handle your personal data, please contact our DPO in the first instance.

12.2 If we cannot resolve your concern, you have the right to complain to the Information Commissioner’s Office (ICO): (a) Website: www.ico.org.uk (b) Telephone: 0303 123 1113

13 CHANGES TO THIS PRIVACY POLICY 13.1 We may update this policy from time to time. Updates will be posted on this page with a revised effective date.

__14 WORKSAFE __
14.1 If you activate WorkSafe, we will process the following data to provide the service in line with your instructions: (a) your activation of anti-malware and web filtering; (b) website categories you block; (c) websites added to your Whitelist or Blacklist; (d) times/days when filters are set to operate.

14.2 This data will only be used to deliver Worksafe and not for other purposes.

👋

Need help? We're here to help! Click the chat button to start a conversation.