๐Ÿ”ฅ New: SC-100, AZ-305 & FinOps Bootcamps โ€” View Upcoming Dates โ†’

๐Ÿ”’ Privacy Policy

Privacy Policy

Effective date: 1 January 2025 ยท East Africa

๐Ÿ›๏ธ Applicable Data Protection Law

Kenya Data Protection Act 2019

For services in East Africa, TACMinds complies with the Kenya Data Protection Act 2019. Participants may lodge complaints with the ODPC.

Office of the Data Protection Commissioner (ODPC) โ†—

1. Who We Are

TACMinds Global (referred to as "TACMinds", "we", "us", or "our") is an IT training and certification organisation headquartered in Dubai, UAE. We deliver instructor-led training across East Africa and globally. Our registered contact is [email protected].

2. What Data We Collect

We collect information you provide directly and data generated by your use of our services:

  • Identity data: Full name, job title, company name
  • Contact data: Email address, phone number (including WhatsApp)
  • Payment data: Billing details processed securely via Razorpay or bank transfer
  • Training data: Course enrolments, attendance, exam results, certificates
  • Usage data: Pages visited, browser type, IP address (anonymised)
  • Communication data: Enquiries, feedback, support messages

3. How We Use Your Data

  • To process enrolments and issue certificates
  • To send course confirmations, reminders and materials
  • To respond to enquiries and provide support
  • To send occasional updates about new courses and promotions (you may unsubscribe at any time)
  • To comply with legal and regulatory obligations in East Africa

4. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract performance โ€” to deliver training services you have purchased
  • Legitimate interests โ€” to improve our services and communicate with existing customers
  • Consent โ€” for marketing communications (you may withdraw consent at any time)
  • Legal obligation โ€” where required to comply with laws in East Africa

Jurisdiction note: For services in East Africa, TACMinds complies with the Kenya Data Protection Act 2019. Participants may lodge complaints with the ODPC.

5. Data Sharing

We do not sell your personal data. We share data only with trusted third parties who help us deliver services:

  • Cloud infrastructure providers (Microsoft Azure โ€” data centres in UAE, EU, and UK)
  • Payment processors (Razorpay โ€” PCI DSS compliant)
  • Email communication tools (Resend)
  • Video conferencing (Zoom, Microsoft Teams)

All third parties are bound by data processing agreements to process data securely and only for specified purposes.

6. International Data Transfers

As a global training provider serving East Africa and other regions, your data may be processed in countries outside your jurisdiction, including the UAE and European Economic Area. We ensure appropriate safeguards are in place:

  • GDPR-equivalent contractual protections with all processors
  • Data minimisation and purpose limitation principles applied globally

7. Data Retention

We retain your data for as long as necessary to provide services and comply with legal obligations. Training records and certificates are retained for 7 years. You may request deletion of your account and data at any time (subject to legal retention requirements).

8. Your Rights

Under Kenya Data Protection Act 2019, you have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Request deletion (right to be forgotten) where applicable
  • Object to or restrict processing
  • Data portability (receive your data in a structured format)
  • Withdraw consent for marketing communications at any time
  • Lodge a complaint with Office of the Data Protection Commissioner (ODPC)

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

9. Cookies

We use essential cookies for site functionality and anonymised analytics to improve the website. We do not use third-party advertising cookies. You can control cookies through your browser settings. A full cookie policy is available on request.

10. Security

We implement industry-standard security measures including TLS encryption, role-based access controls, and regular security reviews. All payment processing uses PCI DSS-compliant providers. In the event of a data breach affecting your rights, we will notify you and the relevant authority (Office of the Data Protection Commissioner (ODPC)) within 72 hours as required by Kenya Data Protection Act 2019.

11. Children's Privacy

Our services are directed at working professionals aged 18 and over. We do not knowingly collect data from individuals under 18.

12. Changes to This Policy

We may update this policy periodically. We will notify you of significant changes via email or a notice on our website. The effective date at the top of this page reflects the latest revision.

13. Contact Us

Questions about this policy or to exercise your data rights:

Supervisory authority in East Africa: Office of the Data Protection Commissioner (ODPC)