Learning Teams

Privacy & Policy

LearningTeams.tech (“we”, “us”, “our”) is committed to protecting the privacy and security of individuals who use our collaborative learning platform (the “Services”). This Privacy Policy explains how we collect, use, share, and safeguard personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).

By using the Services, you acknowledge that you have read this Policy

1. Data Controller

The data controller is: GRIT UK Ltd.

Company number: 15150296

Registered address: 167–169 Great Portland Street, 5th Floor, London, W1W 5PF

Email: privacy@learningteams.tech

If we appoint a Data Protection Officer (DPO), their contact details will be published here:

DPO: Ben McCullough

Email: Ben@getthegrit.com

2. Our Commitment to UK GDPR Principles

We process personal data in accordance with the UK GDPR Article 5 principles:

  • Lawfulness, fairness, transparency
  • Purpose limitation
  • Data minimisation
  • Accuracy
  • Storage limitation
  • Integrity and confidentiality
  • Accountability

3. Personal Data We Collect

  • 3.1 Data You Provide Directly

Account and Identity Data: name, email, username, password, organisation affiliation.

Billing Data: payment details (processed via third-party processors), invoice records.

User Content: uploaded documents, collaboration notes, educational materials, team workspace content.

Communications: support tickets, enquiries, feedback.

  • 3.2 Data Collected Automatically

IP address, browser type, device identifiers, usage logs, feature interactions.

Cookie and tracking data (see Section 12).

  • 3.3 Data from Third Parties

Payment processors (e.g., Stripe)

Cloud hosting providers

Optional integrations you authorise (e.g., educational APIs)

We do not intentionally collect special category data. If users voluntarily submit such data, the safeguards in Section 9 apply.

4. Mandatory vs Optional Data

  • Certain data is required to create and maintain your account and to provide the Services (e.g., name, email, password, billing data for paid plans).
  • If this information is not provided, we may be unable to offer the Services.

All other data is optional.

5. Purposes and Legal Bases for Processing

We process personal data only where we have a lawful basis under UK GDPR Article 6.

Purpose Examples of Processing Lawful Basis
Account creation & service delivery registration, authentication, collaboration features Contract (Art. 6(1)(b))
Platform functionality & improvement analytics, performance monitoring Legitimate Interests (Art. 6(1)(f)) – improving and securing the Service
Billing & financial administration invoices, receipts, fraud checks Contract (6(1)(b)); Legal Obligation (6(1)(c))
Customer support & communications responding to queries, service notices Contract (6(1)(b)); Legitimate Interests (6(1)(f))
Marketing communications newsletters, product updates Consent (6(1)(a))
Legal compliance & security audit logs, security monitoring, law-enforcement requests Legal Obligation (6(1)(c)); Legitimate Interests (6(1)(f))

We conduct legitimate-interest balancing tests to ensure our interests do not override your rights.

6. Special Category Data (If Provided)

We do not require special category data for the Services. If users voluntarily include such data within User Content, we rely on:

  • Explicit consent (Article 9(2)(a)), or
  • Substantial public interest (DPA 2018 Schedule 1), where applicable.
  • Additional safeguards include access restrictions, encryption, and purpose limitation.

7. How We Share Personal Data

We share personal data only where necessary and subject to appropriate contracts:

7.1 Processors

AWS (infrastructure hosting)

Stripe (payments)

Google Analytics (usage analytics)

Email delivery providers (transactional messages)

Each processor is bound by a Data Processing Agreement.

7.2 Business Transfers

If we undergo a merger or acquisition, personal data may be transferred in accordance with UK GDPR requirements.

7.3 Legal Requirements

We may disclose data to governmental authorities if required by law.

7.4 With Your Consent

For integrations that you activate.

We do not sell personal data.

8. International Data Transfers

  • Some processors may be located outside the UK/EEA.
  • Transfers occur only where adequate protections are in place, including:
  • UK adequacy regulations
  • International Data Transfer Agreements (IDTA)
  • Approved Standard Contractual Clauses (SCCs)
  • We conduct Transfer Risk Assessments (TRAs) in accordance with ICO guidance.
  • Copies of SCCs/IDTAs are available on request.

9. Data Retention

We retain personal data only for as long as necessary:

  • Account data: duration of your account plus 6 years (legal record-keeping).
  • Usage logs: 12 months.
  • Marketing data: until you withdraw consent.
  • User Content: retained until deleted by you or your organisation.
  • Data is securely deleted or anonymised once retention periods expire.

10. Your Rights

Under UK GDPR, you have the right to:

  • Access your data
  • Rectify inaccuracies
  • Request erasure (“right to be forgotten”)
  • Restrict processing
  • Data portability
  • Object to processing based on legitimate interests
  • Withdraw consent at any time
  • Request human review of any automated decisions (we do not make any with legal effects)
  • Requests are handled within one month. Submit requests to: privacy@learningteams.tech
  • Right to complain
  • You may lodge a complaint with the ICO: Information Commissioner’s Office
  • Wycliffe House
  • Water Lane
  • Wilmslow
  • Cheshire
  • SK9 5AF

11. Security Measures

We implement technical and organisational controls including:

  • Encryption in transit and at rest
  • Multi-factor authentication for administrative access
  • Role-based access control
  • Regular vulnerability scanning
  • Staff training and access auditing
  • Incident response and breach-notification procedures

12. Cookies and Tracking Technologies

We use cookies for:

  • Essential operations (required for login, security)
  • Analytics (platform usage and performance)
  • Preferences (saved settings)
  • Under PECR, essential cookies do not require consent.
  • All non-essential cookies require opt-in consent via our cookie banner.
  • Withdrawal of cookie consent
  • You can adjust cookie preferences at any time through:

Our cookie settings panel

Your browser settings

A detailed Cookie Policy is available separately.

13. Children’s Privacy

  • The Services are not intended for children under 13.
  • We do not knowingly collect data from children.
  • If we become aware that child data has been collected, it will be deleted promptly.

14. Changes to This Policy

  • We may update this Policy to reflect operational or legal changes.
  • Significant updates will be communicated via email or in-app notifications.

Contact Information

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us at:

Email

Email: support@learningteams.com

Phone

Number: +44 02081370136

Location

Address: 167–169 Great Portland Street, 5th Floor, London, W1W 5PF

Learningteams

Empowering Insights, Driving Excellence: Transforming Work with Operational Learning.

Facebook Instagram X (Twitter) LinkedIn YouTube

Industries

  • Manufacturing
  • Construction
  • Logistics
  • Oil & gas
  • Retail
  • Hospitality

Resources

  • Blog
  • Case Studies
  • FAQs

Company

Contact us

Phone 1-307-206-2003
Email support@learningteams.com
Location US Office 28A Spring Valley Drive,
Lander, Wyoming, 82520

Copyright © 2025 Learningteams™. All Rights Reserved.

Term & Conditions Privacy Policy Cookies Policy