Privacy Policy

TrainMeUK ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our automated compliance training platform and related services.

This policy applies to information we collect when you use our website, mobile applications, or services, or otherwise interact with us.

Personal Information

We may collect personal information that you provide directly to us, such as:

• Name and contact information (email address, phone number)
• Company information and job title
• Azure AD integration data
• Training completion records
• Communication preferences

Automatically Collected Information

When you use our services, we automatically collect certain information, including:

• Device information (IP address, browser type, operating system)
• Usage data (pages visited, features used, time spent)
• Log data (access times, error logs)
• Cookies and similar technologies

We use the information we collect to:

• Provide, maintain, and improve our services
• Process transactions and send related information
• Send technical notices, updates, and support messages
• Respond to your comments and questions
• Monitor and analyze trends, usage, and activities
• Detect, investigate, and prevent fraudulent transactions
• Comply with legal obligations

We do not sell, trade, or otherwise transfer your personal information to third parties except in the following circumstances:

• Service Providers: We may share information with trusted third-party service providers who assist us in operating our platform
• Legal Requirements: We may disclose information if required by law or in response to valid legal process
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred
• Consent: We may share information with your explicit consent

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit and at rest
• Regular security assessments and updates
• Access controls and authentication
• Employee training on data protection
• Incident response procedures

Under the UK GDPR, you have the following rights regarding your personal information:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your personal data
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing of your data
• Rights in Relation to Automated Decision Making: Request human review of automated decisions

To exercise these rights, please contact us at privacy@trainmeuk.co.uk

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. The retention period depends on the type of data and the purpose for which it was collected:

• Account information: Retained while your account is active and for 7 years after deactivation
• Training records: Retained for 7 years for compliance purposes
• Communication data: Retained for 3 years
• Log data: Retained for 12 months

We use cookies and similar technologies to enhance your experience on our website. These technologies help us:

• Remember your preferences and settings
• Analyze website usage and performance
• Provide personalized content
• Improve our services

You can control cookie settings through your browser preferences. However, disabling certain cookies may affect the functionality of our website.

Your personal information is primarily processed in the United Kingdom. However, some of our service providers may be located outside the UK. When we transfer data internationally, we ensure appropriate safeguards are in place, including:

• Adequacy decisions by the UK government
• Standard contractual clauses
• Other appropriate safeguards as required by law

Our services are not intended for children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of any material changes by:

• Posting the updated policy on our website
• Sending an email notification to registered users
• Displaying a prominent notice on our platform

Your continued use of our services after any changes indicates your acceptance of the updated policy.

If you have any questions about this Privacy Policy or our data practices, please contact us:

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) if you believe we have not handled your personal information appropriately.