Legal · Tommy & Spartan
Privacy Notice
How we handle information on tommyspartan.com, what cookies and identification tools we use, and the choices you have. What applies to you depends on where you are.
Last updated 15 July 2026
Who we are
Tommy & Spartan is operated by TMK. This notice covers the website tommyspartan.com. For questions about it, or to exercise any of the rights below, write to mike@tokenomik.com.
What we collect
- Information you give us. When you complete a form, apply, or book a call, we collect the details you enter, such as your name, work email, company and message.
- Usage information. As you browse, we collect standard technical data such as your IP address, device and browser type, the pages you view, and how you reached us.
- Business-identification data. On some pages we use third-party tools that match your visit to their own business datasets to identify the visiting organisation and, where permitted, associated professional contact details. This is described in full below.
Cookies and tracking technologies
We group the technologies we use into three categories:
- Necessary. Required for the site to work. Always on.
- Analytics. HubSpot analytics cookies, which help us understand how the site is used so we can improve it.
- Visitor identification. The business-identification tools described below.
How these run depends on where you are:
- In the EEA and the UK, analytics and visitor-identification tools stay off until you accept them through our cookie banner. You can accept or reject each category, and you can change or withdraw your choice at any time using the Cookie preferences link in the footer.
- In the United States and other opt-out regions, these tools run by default. You can opt out at any time using the Do Not Sell or Share My Personal Information link in the footer, or manage each category through Cookie preferences. We also honour the Global Privacy Control (GPC) browser signal as a valid opt-out.
Visitor identification
On some pages we use third-party business-identification services to help us understand which organisations visit our site:
- RB2B (US visitors only). RB2B matches technical signals from US-based visits against its own B2B dataset to identify the visiting company and, where available, an associated professional contact.
- Warmly. Warmly performs similar company and, where permitted, contact-level identification for visits globally.
We use this to recognise businesses that show interest in our services so our team can follow up with relevant organisations. Where you are in the EEA or the UK, these tools load only after you consent, and you may withdraw consent at any time. Where you are in the United States or another opt-out region, you may opt out using the Cookie preferences control or by writing to us. You can read each provider's own privacy information at RB2B (getrb2b.com) and Warmly (warmly.ai).
How we use information
- To respond to your enquiries and provide the services you request.
- To operate, measure and improve the website.
- To identify and follow up with organisations that may benefit from our services.
- To meet our legal and regulatory obligations.
Legal bases (EEA and UK)
Where GDPR or UK GDPR applies, we rely on your consent for analytics and visitor-identification tools; on our legitimate interests in operating and promoting our business, balanced against your rights, for business-to-business follow-up; and on the performance of a contract or steps taken at your request when you engage us.
Who we share it with
We share information with service providers that operate the site and our marketing on our behalf, including HubSpot (analytics and contact management), RB2B and Warmly (visitor identification), and our hosting provider. These providers process data under contract and only for the purposes we set. We do not sell your information for money. Some sharing with our identification providers may count as "sharing" under US privacy laws; you can opt out as described above.
International transfers
Our providers may process data in the United States and other countries. Where we transfer personal data out of the EEA or the UK, we rely on appropriate safeguards such as the providers' standard contractual clauses.
Retention
We keep personal data only for as long as needed for the purposes above, and to meet our legal obligations, after which it is deleted or anonymised.
Your rights
Depending on where you are, you may have the right to access, correct, delete or receive a copy of your personal data, to object to or restrict certain processing, and to withdraw consent at any time. In the EEA and the UK you may also complain to your data-protection authority. In California and other US states with similar laws, you may request access to or deletion of your information and opt out of its sale or sharing.
To exercise any of these, use the Cookie preferences or Do Not Sell or Share My Personal Information links in the footer, or write to mike@tokenomik.com. We honour the Global Privacy Control (GPC) signal as an opt-out.
Changes to this notice
We update this notice from time to time. The date at the top shows when it last changed.