This Privacy Policy explains what personal data we collect, why we collect it, how we use it, who we share it with, how long we keep it, and what rights you have over it. We are committed to handling your data responsibly and in compliance with applicable privacy laws including the UAE Federal Decree-Law No. 45 of 2021 (PDPL), the DIFC Data Protection Law 2020, and where applicable, the EU General Data Protection Regulation (GDPR).
By using our website or engaging our services, you acknowledge you have read and understood this Privacy Policy.
📥 Information We Collect
1.1 Information You Provide Directly
We collect information you voluntarily give us when you:
- Submit a contact or enquiry form — name, email address, phone number, company name, job title, country and your message
- Book a training course or consultation — name, contact details, company information, course selection and payment information
- Register for an event or webinar — name, email, job title and organisation
- Subscribe to our newsletter or updates — email address and communication preferences
- Communicate with us via email, WhatsApp Business, LinkedIn or phone — we may retain those communications
- Provide payment information — processed securely via Stripe or bank transfer. We do not store card numbers or banking credentials on our systems
1.2 Information Collected Automatically
When you visit our website, certain technical data is collected automatically by our server and analytics tools:
- IP address and approximate geographic location (country/city level)
- Browser type and version, operating system, device type
- Pages visited, time spent on each page, links clicked, referring URL
- Session duration and visit frequency
- Zoho SalesIQ chat data — if you interact with our chat widget, session transcripts are stored in our Zoho CRM
1.3 Information from Third Parties
We may receive information about you from:
- LinkedIn — if you contact us or connect via LinkedIn, we may retain publicly available profile information
- Referral partners — companies or individuals who refer you to our services may share your name and contact details with your consent
- Event organisers — if we present at a conference or event, attendee lists shared by organisers
🎯 How We Use Your Information
We use your personal data only for the following purposes:
- Service delivery — to provide training, consulting, events and other services you have requested
- Communication — to respond to enquiries, provide course confirmations, send calendar invites and deliver training materials
- Payment processing — to process transactions and issue invoices via Zoho Books
- Marketing communications — to send newsletters, course announcements and industry updates only if you have opted in. You can unsubscribe at any time
- Website improvement — to analyse traffic patterns and improve user experience using anonymised analytics data
- CRM management — to maintain records of client interactions and service history in Zoho CRM
- Legal compliance — to comply with applicable laws, regulations and court orders
- Security — to protect our website, systems and clients from fraud, abuse and security threats
⚖️ Legal Basis for Processing (GDPR)
For individuals in the European Union or UK, we process your personal data under the following legal bases:
- Contract performance — processing necessary to deliver services you have purchased or requested
- Legitimate interests — for enquiry management, CRM records, website security and business communications with existing clients and prospects
- Consent — for marketing email communications, newsletter subscriptions and cookies beyond essential functionality
- Legal obligation — to comply with applicable laws, tax regulations and regulatory requirements
For UAE residents, we process data in accordance with Federal Decree-Law No. 45 of 2021 on Personal Data Protection (PDPL) and relevant sectoral regulations.
🔧 Third-Party Tools & Data Processors
We use the following trusted third-party platforms to operate our business. Each is bound by its own privacy policy and applicable data protection regulations:
| Platform | Purpose | Data Stored | Location |
|---|---|---|---|
| Zoho One (CRM, Forms, Books, Campaigns) | CRM, forms, booking, invoicing, email campaigns | Name, email, phone, company, communications | UAE / Global (Zoho data centres) |
| Google Analytics 4 | Website traffic analysis | Anonymised usage data, IP (anonymised) | USA (Google Ireland Ltd for EU users) |
| Stripe | Payment processing | Transaction data (no card numbers stored by us) | USA / EU (PCI DSS compliant) |
| WhatsApp Business | Direct client messaging | Message content, phone number | Meta servers (end-to-end encrypted) |
| ChemiCloud / cPanel Hosting | Web hosting & email | Website files, email data, server logs | USA / EU (selected at account setup) |
| Zoho SalesIQ | Live chat widget | Chat transcripts, IP, browser data | Zoho data centres |
| Social media & lead generation | Profile data if you connect or message us | USA (LinkedIn Corp) |
🌍 Data Storage & International Transfers
TACMinds is based in the UAE. Your personal data may be stored and processed in the following locations:
- United Arab Emirates — primary business operations and CRM data
- European Union / EEA — where Zoho or Google route data through EU data centres
- United States — Stripe payment processing and some Google Analytics processing
Where we transfer data outside the UAE or EEA, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) with data processors
- Adequacy decisions recognised by applicable authorities
- Transfers only to vendors with equivalent data protection standards
For EU/UK individuals, all international data transfers comply with GDPR Chapter V requirements.
🗓️ Data Retention
We retain your personal data only for as long as necessary for the purposes described in this policy:
- CRM and contact records — retained for 3 years after the last interaction, then deleted or anonymised
- Invoices and financial records — retained for 7 years in compliance with UAE Commercial Transactions Law
- Training records and certificates — retained for 5 years after course completion for verification purposes
- Marketing consent records — retained until you unsubscribe or withdraw consent, plus 1 year as a record of consent
- Website logs — retained for 90 days, then deleted
- Chat transcripts (Zoho SalesIQ) — retained for 12 months
You may request early deletion of your data at any time — see Section 7 (Your Rights) for how to submit a deletion request.
✋ Your Rights
Depending on your location, you have the following rights regarding your personal data. We will respond to all requests within 30 days:
To exercise any of these rights, email us at [email protected] with the subject line "Data Rights Request". We may need to verify your identity before processing the request.
🍪 Cookies
Our website uses cookies — small text files stored in your browser — to enable core functionality and improve your experience:
- Essential cookies — required for the website to function (session management, security). These cannot be disabled without breaking core functionality
- Analytics cookies — Google Analytics 4 tracks anonymised usage statistics (pages visited, session duration, geographic region). IP addresses are anonymised before storage
- Chat cookies — Zoho SalesIQ uses cookies to maintain chat session state and visitor identification
- Preference cookies — remember your settings (e.g. language, currency preference on training pages)
You can manage or disable non-essential cookies in your browser settings at any time. Most browsers offer options to:
- See which cookies are set and delete individual cookies
- Block all cookies from a specific site
- Block all third-party cookies by default
👶 Children's Privacy
Our services are directed exclusively at business professionals and organisations. We do not knowingly collect personal information from anyone under the age of 18.
If you believe we have inadvertently collected personal data from a minor, please contact us immediately at [email protected] and we will delete that information promptly.
🔄 Changes to This Privacy Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements or services. When we make material changes, we will:
- Update the "Last updated" date at the top of this page
- Notify active clients by email for significant changes
- Where required by law, obtain fresh consent
We encourage you to review this page periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.
📬 Contact Us
If you have any questions about this Privacy Policy, how we handle your personal data, or wish to exercise your rights, please reach out to us:
Within 2 business days (general)
For EU/UK residents, if you are dissatisfied with our response, you have the right to lodge a complaint with your national data protection supervisory authority (e.g. the UK ICO or your EU Member State's authority).