Privacy Policy

Last updated: 20 January 2026

This Privacy Policy explains how TAS Partnership Ltd (“we”, “us”, “our”) collects, uses, stores, shares, and protects personal data when you use our website, contact us, engage with our services, or interact with us in a professional capacity.

We process personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR) where applicable.

1. Who we are (Data Controller)

Data Controller: TAS Partnership Ltd
Address: Guildhall House, 59–61 Guildhall Street, Preston, Lancashire, PR1 3NU, United Kingdom
Email: info@taspartnership.co.uk
Telephone: 01772 204 988
Website: https://taspartnership.co.uk

Where this Privacy Policy refers to “personal data”, it means any information that identifies or could identify an individual, directly or indirectly.

2. When this Privacy Policy applies

This Privacy Policy applies to personal data we process when:

  • You visit or use our website
  • You contact us (email, phone, web enquiry forms, social media, in person)
  • You engage us for consultancy, research, training, auditing, review, or advisory work
  • You subscribe to our updates, newsletters, publications, or event invitations (if offered)
  • You attend our events, webinars, workshops, or training sessions (if offered)
  • You are a representative of a client, supplier, partner, regulator, authority, operator, or other organisation we work with
  • You interact with us in relation to procurement, contracts, invoicing, or business administration

3. The personal data we collect

3.1 Data you provide to us

We may collect personal data you provide directly, including:

  • Identity and contact data: name, job title, employer/organisation, business address, email address, telephone number
  • Enquiry data: information you provide in messages, forms, email correspondence, or calls
  • Contract and service data: details required to provide our services (e.g., project contacts, meeting notes, requirements, deliverables)
  • Billing data: billing contact details, purchase order references, invoice details, payment status (note: card details are not stored by us if payments are handled by a third party)
  • Event/training data: attendance records, accessibility requirements you share, feedback forms (if applicable)
  • Recruitment data: CVs, work history, qualifications, references, and recruitment correspondence (if you apply for roles or contract work)

3.2 Data we collect automatically (website usage)

When you use our website, we may collect:

  • Technical data: IP address, browser type and version, device type, operating system, language settings, time zone
  • Usage data: pages viewed, time spent on pages, clicks, referring/exit pages, navigation paths, approximate location (derived from IP), and similar analytics information
  • Cookie data: information stored via cookies and similar technologies (see “Cookies and similar technologies” below)

3.3 Data we receive from third parties

We may receive personal data from third parties where lawful and relevant, such as:

  • Organisations that introduce you to us or engage us (e.g., a client providing a project contact list)
  • Publicly available sources (e.g., official websites, professional directories, Companies House entries, LinkedIn or equivalent professional profiles)
  • Service providers that support our operations (e.g., IT, security, analytics, communications tools), where you interact with them in relation to us

4. How we use personal data (purposes)

We use personal data for the following purposes:

  • To respond to enquiries and provide requested information
  • To deliver our services, including research, consultancy, training, evaluation, reporting, audits, and advisory work
  • To manage client relationships, including meetings, communications, project administration and delivery
  • To manage contracts and procurement, including onboarding, due diligence, and compliance checks where necessary
  • To issue invoices and manage payments, credit control, and record keeping
  • To maintain website functionality, performance, and security
  • To analyse website usage and improve our content and user experience
  • To send service communications (e.g., operational updates, changes, or important project messages)
  • To send marketing communications where permitted by law (see “Marketing” below)
  • To comply with legal obligations and respond to lawful requests
  • To establish, exercise, or defend legal claims

5. Lawful bases for processing (UK GDPR Article 6)

We process personal data only where we have a lawful basis. Depending on the context, the lawful bases may include:

  • Consent – where you have given clear permission for us to process your data for a specific purpose (e.g., optional newsletters, non-essential cookies).
  • Contract – where processing is necessary to perform a contract with you or take steps at your request before entering a contract (e.g., delivering contracted services, preparing proposals).
  • Legal obligation – where processing is required to comply with law (e.g., tax, accounting, regulatory requirements).
  • Legitimate interests – where processing is necessary for our legitimate interests (or those of a third party) and does not override your rights and freedoms. Examples include: responding to business enquiries, maintaining security, improving our services, and managing business relationships.

If we rely on legitimate interests, we assess necessity and balance this against your rights. You can object to processing based on legitimate interests (see “Your rights”).

6. Special category data and criminal offence data

We do not intentionally collect special category data (e.g., health information, religious beliefs, biometric data) or criminal offence data through our website.

In limited situations, you may voluntarily share special category data (for example, accessibility requirements for training or events). Where this happens, we will process it only where a lawful condition applies under UK GDPR (e.g., explicit consent, employment obligations, or other applicable conditions), and we will minimise access and retention.

7. Marketing communications

We may send marketing communications about our services, insights, events, or publications where permitted by law.

  • If you have opted in, we will send communications based on your consent, and you can withdraw consent at any time.
  • If you are a business contact, we may send relevant communications under legitimate interests where permitted by PECR, provided you have not opted out.

You can opt out at any time by using an unsubscribe link (where provided) or by emailing
info@taspartnership.co.uk.

8. Cookies and similar technologies

Our website may use cookies and similar technologies to ensure it functions correctly, to remember preferences, and to understand how visitors use the site.

8.1 Types of cookies

  • Strictly necessary cookies: required for the website to operate (cannot be switched off in our systems).
  • Functional cookies: enable enhanced functionality and personalisation (e.g., remembering preferences).
  • Analytics/performance cookies: help us understand site usage and improve performance.
  • Marketing cookies: used to track visitors across sites to deliver relevant ads (only if used and consented to).

8.2 Cookie control

Where required, we will request your consent for non-essential cookies. You can also control cookies through your browser settings. Disabling some cookies may affect website functionality.

If the website uses a cookie consent banner/tool, you can change your preferences at any time using that tool (where available).

9. Analytics and tracking

We may use analytics tools to understand how users interact with our website. This can include information such as page visits, navigation paths, time on site, and approximate location derived from IP address.

Where analytics cookies are used, we will only set them where permitted by law and (where required) with your consent. If you decline analytics cookies, we will not use them for your visit.

10. How we share personal data

We do not sell personal data. We may share personal data with trusted third parties where necessary for business operations, service delivery, or legal compliance.

10.1 Categories of recipients

  • IT and security providers (hosting, backups, managed services, security monitoring)
  • Communication tools (email, collaboration platforms)
  • Professional advisers (legal advisers, accountants, auditors, insurers)
  • Suppliers and subcontractors engaged to support service delivery (where applicable and subject to confidentiality)
  • Regulators, authorities, or law enforcement where required by law or to protect rights

10.2 Data processors

Where third parties process personal data on our behalf, they act as “data processors”. We ensure appropriate contractual protections are in place, including confidentiality, security obligations, and restrictions on further use.

11. International transfers

Some of our service providers or their infrastructure may be located outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, such as:

  • Transfers to countries deemed adequate by the UK Government
  • The UK International Data Transfer Agreement (IDTA) or the UK Addendum to EU Standard Contractual Clauses
  • Other lawful safeguards recognised under UK GDPR

You can contact us for further information about the safeguards used for specific transfers.

12. Data security

We implement appropriate technical and organisational measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. Measures may include:

  • Access controls and least-privilege permissions
  • Secure authentication practices
  • Encryption where appropriate
  • Secure backups and disaster recovery procedures
  • Security monitoring and patch management
  • Staff confidentiality obligations and data-handling procedures

No website or system is completely secure. If you believe your interaction with us is no longer secure, contact us immediately at
info@taspartnership.co.uk.

13. Data retention

We keep personal data only for as long as necessary for the purposes for which it was collected, including for legal, accounting, and reporting requirements.

Retention periods vary depending on the nature of the data and the context. Examples:

  • Enquiry correspondence: typically retained for a reasonable period to manage follow-up and record keeping
  • Client project records: retained for the duration of the relationship and a reasonable period thereafter (often several years) to support service continuity, audits, and legal claims
  • Financial records: retained for statutory periods required by tax and accounting law
  • Marketing preferences: retained until you opt out or we no longer have a lawful basis
  • Website logs/security records: retained for as long as necessary for security and fraud prevention

Where possible, we anonymise data rather than deleting it, so it can no longer be linked to individuals.

14. Your data protection rights

Under UK GDPR, you have rights in relation to your personal data. These rights are not absolute and may apply depending on the context.

  • Right of access – request a copy of your personal data
  • Right to rectification – request correction of inaccurate or incomplete data
  • Right to erasure – request deletion of your personal data in certain circumstances
  • Right to restrict processing – request we limit processing in certain circumstances
  • Right to data portability – receive personal data in a structured format and transfer it to another controller (where applicable)
  • Right to object – object to processing based on legitimate interests or for direct marketing
  • Rights relating to automated decision-making – protections if decisions are made solely by automated means with legal or similarly significant effects (we generally do not do this)

To exercise your rights, contact us at
info@taspartnership.co.uk.
We may need to verify your identity before responding.

15. Complaints

If you have concerns about our use of your personal data, please contact us first so we can try to resolve the issue.

You also have the right to lodge a complaint with the UK supervisory authority:
Information Commissioner’s Office (ICO).

We recommend checking the ICO website for the most up-to-date contact details and complaint process.

16. Third-party links

Our website may contain links to third-party websites. We are not responsible for the privacy practices of other websites. This Privacy Policy applies only to our website and services.

If you follow a link to another site, you should read their privacy policy and cookie information.

17. Children’s privacy

Our website and services are intended for professionals and organisations. We do not knowingly collect personal data relating to children.

If you believe a child has provided personal data to us, please contact us and we will take appropriate steps to remove it.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in law, guidance, technology, or our practices. The updated version will be posted on this page with a revised “Last updated” date.

If changes are material, we may provide additional notice where appropriate.

19. How to contact us

If you have questions about this Privacy Policy or how we process personal data, contact:

TAS Partnership Ltd
Guildhall House, 59–61 Guildhall Street, Preston, Lancashire, PR1 3NU
Email: info@taspartnership.co.uk
Telephone: 01772 204 988

IMPRINT

The TAS Partnership Limited
Guildhall House
59–61 Guildhall Street
Preston
Lancashire
PR1 3NU

Tel:
01772 204 988

Email:
info@taspartnership.co.uk

The TAS Partnership Limited is a limited company registered in England and Wales.
Company number: 02929880

DISCLAIMER

The information contained on this website is provided for general information purposes only. While The TAS Partnership Limited endeavours to ensure that the information on this website is accurate and up to date, we make no representations or warranties of any kind, express or implied, regarding the completeness, accuracy, reliability, suitability, or availability of the information, services, or related content contained on the website.

Any reliance you place on such information is strictly at your own risk. The TAS Partnership Limited will not be liable for any loss or damage, including without limitation indirect or consequential loss or damage, arising from the use of, or reliance upon, this website.

COOKIES

We use cookies to ensure that we give you the best experience on our website. By continuing to use this site, you agree to our use of cookies.

About | Contact | Privacy PolicyCookie Policy | GDPR

© 2026 The TAS Partnership Limited. All rights reserved.