Locked padlockIdentity and contact details

You can find out more about The Grey Matter Group on our About TGMG page. We are registered with the Information Commissioner’s Office; our registration number is Z1710421. Our designated statutory authority under the General Data Protection Regulation (GDPR) and UK data protection legislation is the Information Commissioner’s Office. We are based in England.

Data protection officer

The individual in charge of Data Protection within The Grey Matter Group is Eddie Stevens. Contact Eddie by email. Call our main line (+44 1635 890373) to contact Eddie by telephone.

Are TGMG a data controller or a data processor?

The Grey Matter Group work as data processors for the majority of our work. Some products and services are delivered with the Grey Matter Group working as data controllers.

Where TGMG is a data processor

Where we work under contract with the organisation that employs you, or work with a public body that makes our services available to organisations within its boundaries to provide our learning and competence recording products, we are working as data processors. We are processing your data under contract for the data controller at your organisation. Consequently, if you would like to exercise your GDPR rights regarding your data you must make this request to your data controller.

Where TGMG is a data controller

Where you as an individual have contracted directly with us through a license to use our learning and competence recording, face-to-face training and consultancy products or you have requested that we send you information on our products, we are working as a data controller. To exercise your GDPR rights regarding your data, please contact our data protection officer.

Data we collect

For customers, business partners and prospective customers, we capture the following information:

Our competence recording systems collects:

  • First name
  • Last name
  • Email address
  • The organisation that you work for

A portfolio of evidence of your learning and competence

Our eLearning systems collects:

  • First name
  • Last name
  • Email address
  • The organisation that you work for
  • A record of any eLearning that you have completed or part-completed

Our Customer Relationship Management System (CRM) collects:

  • First name
  • Last name
  • Email address
  • Organisation name
  • Organisation address
  • Telephone numbers
  • Contract details (if applicable)
  • Records of contact made between you and us
  • Opt-ins for communication

We capture and audit when, where and how we communicate with the contacts.

Why we collect data

We collect information on existing customers and business partners so that we can manage contracts and carry out our business.

We collect personal data on prospective customers either through interactions with people, from information that is publically available (including data on the web), or from face-to-face meetings.

We use the personal data on prospective customers to communicate how we can help the organisation to optimise the learning and development of their staff through the use of our products and services. The Grey Matter Group have a ‘legitimate interest’ in communicating information on The Grey Matter Group offerings to this prospective client base.

We send out a regular sector-relevant content, including newsletters, whitepapers, sector updates and updates on our product and service offerings to prospective customers, existing customers and business partners. Where individuals receive this communication regularly, they have consented to receive it.

We collect information from individuals who exercise their various rights under the GDPR through profile pages and emails triggered by links on this web site.

We do not collect special category data.

When we delete data

We retain data for as long as the prospective customer, existing customer or business partner has an active license or we have a lawful reason to process data. Where people consent to receive information from us, we retain data for as long as the individual wishes, we provide a mechanism to opt-out with each communication that we send. We retain information on our business partners until a partnership ends.

Other information on what we do with data

We store and process data for which we act as data controllers or data processors in the UK.

We do not carry out profiling or automated decision making on data.

We do not provide information to any third-parties without the express consent of the data subject where we act as a data controller, or the data controller where we process data on their behalf.

How we look after data

We take reasonable technical and procedural precautions to prevent the loss, misuse or unauthorised alteration of personal data.

We store the personal data that we collect securely.

We have a Supplier Statement available with more information on how we look after data.

Your rights

The Grey Matter Group recognises the rights of data subjects as defined in the General Data Protection Regulation (GDPR).

We will always seek to uphold those rights and the links provided will enable you to communicate with us to exercise those rights, where relevant.

The Grey Matter Group recognises your right to lodge a complaint with a supervisory authority. For more information you can access the the ICO’s website