Privacy & Cookies



 

Privacy Policy for Website Visitors, Customers and Learners

Last updated: 11/06/2025

TACK TMI is committed to protecting the privacy of our website visitors, our customers, and the individuals participating in our learning and development programmes. This privacy policy will help you understand how we collect, use and process your personal data in accordance with data protection regulations.

Data controller:

TACK TMI UK Ltd and TACK International Ltd, as part of the Gi Group of companies, registered at Unit A, The Glass Yard, Sheffield Road, Chesterfield, S41 8JY – hereby referenced as “THE ORGANISATION”.

THE ORGANISATION has appointed a Data Protection Officer (DPO), who can be contacted at: uk.privacy@gigroup.com

For any enquiries about this privacy policy or to exercise your rights under this policy, please contact: uk.privacy@gigroup.com

Changes to THE ORGANISATION’s Privacy Policy

We may update or change our privacy policy at any time without giving you direct notice, so you may wish to review this page periodically. The date of the most recent revisions will appear at the top of this page. If material changes are made to the Privacy Policy, we will notify you by placing a prominent notice on our website.

Why do we have a privacy policy?

Your privacy is important to us. We are committed to protecting and safeguarding your personal data in accordance with applicable data protection law, including the UK GDPR and the Data Protection Act 2018.

This Privacy Policy details the information we collect, how we use and process that information, how it is stored, who may have access to it, and how long it is retained.

What information does THE ORGANISATION collect?

THE ORGANISATION may collect and process a range of personal information. This includes:

Name, job title, company name, and contact details (such as email address and telephone number)

  • Training programme registration details
  • Preferences relating to learning and development
  • Attendance and participation records for courses and learning activities
  • Assessment results, progress tracking, and certifications (where applicable)
  • Feedback or survey responses
  • Communication records, including email, letters, phone and other correspondence
  • Payment or billing information, processed securely via third-party provider Stripe
  • Website usage data collected automatically using cookies (see below)

We collect this information in a variety of ways, including through registration forms, email correspondence, our learning platforms, feedback forms, and surveys. We may also collect certain usage data automatically via our websites and online services.

Data is stored in a range of secure systems including our CRM, learning management platforms, and financial systems.

Cookies

A cookie is a small text file that is stored on your device when you visit our website. Cookies help us to understand website usage, improve functionality and deliver a better user experience.

When you visit the website for the first time (or return after 12 months), a cookie banner will appear that allows you to accept, reject, or manage your cookie preferences. Essential cookies are required for the site to function properly.

You can manage or disable cookies through your browser settings. Please note that disabling cookies may affect site functionality.

Why does THE ORGANISATION process personal data?

We rely on several legal grounds for processing personal data, depending on the context:

  • To fulfil a contract with you, such as registering you for a learning programme or issuing certificates of completion
  • To pursue our legitimate interests, such as improving our services, responding to enquiries, or evaluating learning outcomes
  • To comply with legal obligations, for example in relation to financial record keeping or accreditation standards
  • With your consent, where required, for activities such as direct marketing or collecting feedback

Where we process special categories of personal data (e.g. accessibility requirements or dietary needs for event attendance), we do so based on your explicit consent or where necessary to deliver an inclusive service.

Who has access to data?

Your personal information will be shared internally within THE ORGANISATION with employees who need access to perform their roles (such as learning consultants, programme managers, and IT staff).

We may also share data with:

  • Our approved learning partners, facilitators and survey providers
  • Technology and service providers who support our learning delivery (e.g. learning platforms, feedback tools, analytics)
  • Stripe, for secure online payment processing
  • Gi Group companies for administrative or IT support purposes
  • Legal and regulatory authorities where required by law

All third-party providers are subject to confidentiality and data protection agreements.

Will your data be used for marketing purposes?

THE ORGANISATION may, from time to time, send you email, SMS, postal mail or otherwise contact you for marketing purposes, such as informing you of new learning programmes, webinars, thought leadership content, or upcoming events. We may tailor content based on your preferences or past engagement.

You can unsubscribe at any time by clicking the “Unsubscribe” link in our communications or updating your preferences via your online portal.

How does THE ORGANISATION protect data?

THE ORGANISATION takes the security of your data seriously. We have robust internal policies and controls in place to ensure that your personal information is not lost, misused, accessed without authorisation, or disclosed inappropriately.

Our systems use encryption, secure access protocols, and regular security monitoring. Third parties who process data on our behalf do so under strict contractual agreements and are required to implement appropriate technical and organisational measures to protect your data.

For how long does THE ORGANISATION keep data?

We retain personal data only for as long as necessary for the purposes it was collected, or as required by applicable law. The following retention periods apply:

  • Learner records, including participation and certification: up to 7 years
  • Feedback and assessment results: up to 3 years
  • Payment and billing records (via Stripe): up to 7 years, in line with financial regulations
  • Contact information for marketing purposes: until consent is withdrawn or a request is made to unsubscribe

Will data be transferred outside the UK/EEA?

We may transfer personal data outside the UK or EEA where necessary for service delivery. In such cases, we ensure appropriate safeguards are in place including:

  • Standard Contractual Clauses approved by the UK Information Commissioner or European Commission
  • Transfers to countries with adequacy decisions
  • Transfers under the Data Privacy Framework (for transfers to the US)
  • Your consent, where applicable

Please contact us for further details about data transfer mechanisms.

Your rights

As a data subject, you have the following rights:

  • Right of access – to request copies of your data
  • Right to rectification – to correct inaccurate or incomplete information
  • Right to erasure – to ask us to delete your data in certain cases
  • Right to restrict processing – to limit how we use your data
  • Right to object – to object to processing in certain circumstances
  • Right to data portability – to request your data be transferred to you or another provider
  • Right to withdraw consent – at any time, where we rely on consent as the legal basis

If you would like to exercise any of these rights, please contact: uk.privacy@gigroup.com

You may also submit a subject access request using THE ORGANISATION’s SARs form.

If you are not satisfied with how your data is handled, you have the right to complain to the UK Information Commissioner’s Office: https://ico.org.uk

What if you do not provide personal data?

Where the provision of data is required for us to fulfil a contract (such as enrolling you in a course), failure to provide that information may limit our ability to provide services to you effectively.

Offensive or inappropriate content

If you post or send offensive, inappropriate or unlawful content via any of our digital platforms or channels, THE ORGANISATION may use your data to take appropriate action and may notify relevant authorities if necessary.

Links

THE ORGANISATION’s website may contain links to third-party websites. These websites have their own privacy policies and cookie usage, which we recommend you review. We do not accept responsibility for the content or practices of third-party sites.

Automated decision-making

THE ORGANISATION does not make decisions about customers or learners based solely on automated processing.

Contacts

Registered Office:

TACK TMI UK Ltd, The Glass Yard, Sheffield Road, Chesterfield, S41 8JY

Email contact: uk.privacy@gigroup.com

Signed: Jim O’Brien – CEO Tack TMI

Date: June 2025

 

Back to the top