Privacy policy

TM Lewin Shirtmaker Limited Privacy Policy

Effective Date: 8 April 2022


TM Lewin Shirtmaker Limited (referred to as “T.M. Lewin”, “we, “our” or “us”), is committed to protecting the privacy and security of your personal information. We are incorporated in England & Wales with registered office Suite 1, 3rd Floor 11 - 12 St James's Square, London, United Kingdom, SW1Y 4LB (company number: 14029791). The terms of this privacy policy (“Policy”) also cover data collected by other related companies to TM Lewin Shirtmaker Limited (including parent and subsidiary undertakings) and any data previously collected by T.M. Lewin & Sons Limited or Trendbold Limited.

We take care to protect the privacy of our customers and users of our products that communicate (online or offline) with us, in store, events, over the phone, through our mobile applications, websites and social media platforms.

We have therefore developed this Policy to inform you of the data we collect, what we do with your information, what we do to keep it secure as well as the rights and choices you have over your personal information.

Throughout this document we refer to Data Protection Legislation means the Data Protection Act 2018 (“DPA 2018”), United Kingdom General Data Protection Regulation (“UK GDPR”), the Privacy and Electronic Communications (EC Directive) Regulations 2003 and any legislation implemented in connection with the aforementioned legislation. Where data is processed by a controller or processor established in the European Union or comprises the data of people in the European Union, it also includes the EU General Data Protection Regulation (“EU GDPR”). This includes any replacement legislation coming into effect from time to time.

TM Lewin Shirtmaker Limited is the data controller for the personal information we process, unless otherwise stated.

We are registered with the Information Commissioner’s Office (the ICO) with registration number ZB331675.

You can contact us either by phone, email or post. Our main trading/postal address:

Suite 1, 3rd Floor 11 - 12 St James's Square,


United Kingdom,



Our Data Protection Officer is:

Evalian Limited
West Lodge
Leylands Business Park
SO21 1TH

Phone: 03330 500111

EU Representatives:



We only collect personal information that we know we will genuinely use and in accordance with the Data Protection Legislation. The type of personal information that we will collect on you, and you voluntarily provide to us on this website may include some or all of the following:

  • Your name
  • Address (including country)
  • Telephone number
  • Email address
  • Order and purchase information and any specific delivery notes
  • Payment details
  • Account information when you register an account with us
  • When you communicate to us via ticketing request, phone or email, which can include any documents you may include in such communications
  • Your marketing and billing preferences
  • Gender
  • Sizing, height and other body measurements
  • Transcripts through our live chat facility
  • Photos or videos
  • Traffic data, location data, website statistics and other customary website data

The lawful basis for processing your data is based on:

  • Your specific consent (e.g. for marketing communications which you are free to withdraw your consent at any time)
  • Performance of a contract (e.g. for selling and delivering orders and purchases)
  • Compliance with a legal or regulatory obligations (e.g. for requirements of the Financial Conduct Authority, Anti Money Laundering Regulations, accounting and taxation purposes and reporting requirements)
  • Our legitimate interests (e.g. to improve our customer service, improve our website and improve our relationships with customers, suppliers and third party vendors)
  • To help manage your online account
  • To contact you, following your enquiry, reply to any questions, suggestions, issues or complaints you have contacted us about
  • Make available our products and services to you
  • Process your orders
  • Take payment from you or give you a refund
  • Personalise your shopping experience, for example we may provide you with details of products that match a product, which you may have purchased or enquired about previously
  • To power our security measures and services so you can safely access our website and mobile apps
  • Help us understand more about you as a customer, the products and services you consume, so we can serve you better
  • Contact you about products and services from us
  • Provide you with online advertising and promotions
  • Help answer your questions and solve any issues you have (please note we may record calls for training and monitoring purposes)
  • Fraud protection and detection to protect you from fraudsters and crime;
  • Carry out our marketing function
  • For any competitions we may carry out
  • We have online stylists who can help with personalised shopping experiences. You can talk to them on our website and share with them photos and videos. These are our own personalised shoppers, but we use a third party company to help host the software ( but do not share your data with them.
  • To carry out any of the above activities in connection with any other brands owned or operated by TM Lewin Shirtmaker Limited and any of their related companies (including parent and subsidiary undertakings of TM Lewin Shirtmaker Limited).

The above list is non-exhaustive.

  • In order to fulfil our promised delivery and contract to you, we will need to supply your data to our warehouse and our chosen courier or collection depot for your delivery
  • With other departments or other members within the TM Lewin group to help answer any queries or complaints
  • Goods and manufacturing partners who may help with product orders
  • Other associated discount providers (e.g. Uni Days who operate student discounts)
  • If the law or a public authority says we must share the personal data
  • If we need to share personal data in order to establish, exercise or defend our legal rights (this includes providing personal data to others for the purposes of preventing fraud and reducing credit risk)
  • From time to time, employ the services of other parties for dealing with certain processes necessary for the operation of our website
  • We may analyse your personal information to create a profile of your interests and preferences so that we can contact you with information relevant to you.
  • We may share this information to other related companies or associates in our group, and to external agencies connected to our platform.
  • We may make use of additional information about you when it is available from external sources (such as Experian or Personicx data) to help us do this effectively. This may include our agencies who help us analyse our trends, purchase patterns and performance.
  • We may use the above information, including those provided by external agencies for marketing purposes.
  • We use third party payment merchants such as Amazon Pay and PayPal to help with online payments.

We use data processors who are third parties who provide elements of services for us and we have Data Processor Agreements in place with them. This means that they cannot do anything with your personal information unless we have agreed with them to do so in accordance with the Data Processor Agreement. They will not share your personal information with any organisation apart from us or further sub-processors who must comply with our Data Processor Agreement. They will hold your personal data securely and retain it for the period we instruct in accordance with the terms of the Data Processor Agreement.


We work with carefully selected websites to serve up adverts to personalise your online experience even more. We will market to you under a blended option of legitimate interest and your specific consent. You may change your opt in status at any time through your relationship with us, either by utilising the account option online or by clicking the unsubscribe link in any email you receive from us. You can also contact us directly as set out above in this Policy.


It is in our legitimate interests to hear our customer reviews on our products and purchases they have made. When you have made a purchase we would like to send to you via email a short survey to give us feedback. These are completely optional and you do not need to do complete if you prefer not to. We utilse a third party company called Yotpo to help carry out these surveys. If you prefer not to receive surveys in the future you can unsubscribe in the opt out links in the survey emails.


6.1.1 The right to be informed about our collection and use of personal data
You have the right to be informed about the collection and use of your personal data. We ensure we do this with our internal data protection policies and through our external website policy. These are regularly reviewed and updated to ensure these are accurate and reflect our data processing activities.

6.1.2 Right to Access Your Personal Information
You have the right to access the personal information that we hold about you in many circumstances, by making a request. This is sometimes termed ‘Subject Access Request’. If we agree that we are obliged to provide personal information to you (or someone else on your behalf), we will provide it to you or them free of charge and aim to do so within 1 month from when your identity has been confirmed.

We would ask for proof of identity and sufficient information about your interactions with us that we can locate your personal information.

If you would like to exercise this right, please contact us as set out below.

6.1.3 Right to Correction Your Personal Information
If any of the personal information we hold about you is inaccurate, incomplete or out of date, you may ask us to correct it.

If you would like to exercise this right, please contact us as set out below.

6.1.4 Right to Stop or Limit Our Processing of Your Data
You have the right to object to us processing your personal information for particular purposes, to have your information deleted if we are keeping it too long or have its processing restricted in certain circumstances.

If you would like to exercise this right, please contact us as set out below.

6.1.5 Right to Erasure
You have the right to have personal data erased. This is also known as the ‘right to be forgotten’. The right is not absolute and only applies in certain circumstances.

If you would like to exercise this right, please contact us as set out below.

6.1.6 Right to Portability
The right to portability gives you the right to receive personal data you have provided to a controller in a structured, commonly used and machine readable format. It also gives them you the right to request that a controller transmits this data directly to another controller.

If you would like to exercise this right, please contact us as set out below.

6.1.7 For more information about your privacy rights
The Information Commissioner's Office (ICO) regulates data protection and privacy matters in the UK. They have information accessible to consumers on their website and ensure that the registered details of all data controllers are available publicly. You can access them here If you are based anywhere else within the European Union (or European Economic Area) a list of supervisory authorities can be found here

You can make a complaint to the ICO (or other supervisory authority) at any time about the way we use your information. However, we hope that you would consider raising any issue or complaint you have with us first. Your satisfaction is extremely important to us, and we will always do our very best to solve any problems you may have.


We may transfer data that we collect from you to locations outside of the UK and European Economic Area (EEA) for processing and storing. Also, it may be processed by staff operating outside the EEA who work for us or for one of our suppliers. For example, such staff maybe engaged in the processing and concluding of your order, the processing of your payment details and the provision of support services. Where we transfer your information outside of the UK/EEA we will ensure safeguards are in place to ensure it remains secure and adequately protected.


We retain a record of your personal information in order to provide you with a high quality and consistent service. We will always retain your personal information in accordance with the Data Protection Legislation and all other applicable laws and regulations. We do hold certain types of personal information for the below period of time – by way of an example:

Purchases – We will maintain order information for 7 years since last purchase or otherwise in accordance with relevant tax and accounting legislation.


Our website uses cookies. Please refer to our separate cookies policy to understand how we use cookies and how you can change your consent and preferences.


Data security is of great importance to TM Lewin Shirtmaker Limited and to protect your data we have put in place appropriate technical and organisational security measures to safeguard and secure your collected data.

We take security measures to protect your information including:

  • Implementing access controls to our information technology
  • We use appropriate procedures and technical security measures (including strict encryption, anonymisation and archiving techniques) to safeguard your information across all our computer systems, networks, websites, offices and stores
  • Advising you never to enter your account number or password into an email or after following a link from an email
  • All payment details are fully anonymised in our internal systems and we utilise the Stripe and/or Ingenico payment systems to provide a secure payment portal.

Our website may contain links to other third party websites and are not affiliated with us. These websites may have their own privacy policy available. We are not responsible for any content of these websites.


We may, from time to time, expand or reduce our business and this may involve the sale and/or the transfer of control of all or part of our business. Any personal data that you have provided will, where it is relevant to any part of our business that is being transferred, be transferred along with that part and the new owner or newly controlling party will, under the terms of this Privacy Policy, be permitted to use that data only for the purposes for which it was originally collected by us.


We may change this Policy from time to time (for example, if the law changes). We recommend that you check this Policy regularly to keep up-to-date.


If you would like to exercise one of your rights as set out above, or you have a question or a complaint about this Policy, the way your personal information is processed, please contact us using our details above, or you can contact our DPO or EU Representative with their details above if needed.