T-C-Alliance
← Home

Privacy policy

Last updated: 22 April 2026

Note for your organisation: this policy is a practical template aligned with common EU/UK GDPR expectations. You should insert your legal entity name, registered address, and (if applicable) Data Protection Officer contact, and have qualified counsel review before relying on it in production.

1. Who we are

The website and member platform operated under the name T-C-Alliance (“we”, “us”) processes personal data about visitors and registered users. The data controller is the legal entity that operates this deployment (insert your full legal name and address here in your deployed version).

For privacy questions or requests, contact us via the details on our Contact us page, or through in-platform Help when you are signed in.

2. Scope

This policy covers personal data processed through the public marketing website (e.g. pages you read without an account), the contact form, and the authenticated platform (accounts, profiles, billing, collaboration features, learning and compliance tools) where applicable.

3. Data we collect

Depending on how you use the service, we may process:

  • Identity and contact data: name, email address, organisation, role, and similar profile fields you provide when registering, applying for membership, or contacting us.
  • Account and security data: authentication events, password reset requests, and optional two-factor authentication material handled according to industry practice.
  • Transactional data: membership purchases and related records processed via our payment provider (we do not store full card numbers on our servers).
  • Usage and content data: content you create on the platform (articles, discussions, uploads, compliance records, etc.), operational logs needed for security and reliability, and support correspondence.
  • Technical data: IP address, device/browser type, timestamps, and cookies or similar technologies strictly where needed for session management, security, and basic analytics. You can control cookies through your browser settings.

4. Why we use your data (legal bases)

We process personal data for purposes such as:

  • Contract: providing the platform and membership you request, including authentication, billing, and service communications.
  • Legitimate interests: securing the service, preventing abuse, improving reliability, and understanding aggregate usage—balanced against your rights.
  • Legal obligation: where we must retain or disclose information to comply with applicable law or competent authority requests.
  • Consent: where we rely on consent (for example certain marketing emails or non-essential cookies), you may withdraw consent at any time without affecting prior lawful processing.

5. Recipients and processors

We use carefully selected service providers (“processors”) to host the application, send email, process payments, and similar functions. They may process personal data only on our instructions and under appropriate agreements. Typical categories include hosting, email delivery, and payment processing (e.g. Stripe).

We do not sell your personal data. We may disclose information if required by law or to protect the rights, safety, and integrity of users and the public.

6. International transfers

Your data may be processed in the European Economic Area and/or other countries where providers operate. Where we transfer personal data outside the UK/EEA, we use appropriate safeguards (such as Standard Contractual Clauses) where required by applicable law.

7. Retention

We retain personal data only as long as necessary for the purposes described, including legal, accounting, and reporting requirements. Retention periods vary by data category; account data is generally kept for the life of the account plus a reasonable period thereafter unless a longer period is required by law.

8. Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict processing, object to certain processing, and data portability, as well as the right to lodge a complaint with a supervisory authority. To exercise rights, contact us using the details above. We may need to verify your identity before responding.

9. Children

The service is intended for professionals and organisations in aviation. It is not directed at children, and we do not knowingly collect personal data from children.

10. Changes

We may update this policy from time to time. Material changes will be communicated in an appropriate way (for example via the platform or email). Continued use after changes take effect constitutes acceptance where permitted by law.