Privacy Policy

Effective date: July 2025

TEP Services ("us", "we", or "our") operates the www.tep.uk website (hereinafter referred to as the "Service").

This page informs you of our policies regarding the collection, use, and disclosure of personal data when you use our Service and the choices you have associated with that data.

We use your data to provide and improve the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Conditions.

Please note that this Privacy Policy pertains solely to the use of the TEP Services website (www.tep.uk) and ImpactEd Group Limited website (www.impactedgroup.uk). It does not relate to usage of the ImpactEd monitoring and evaluation platform or The Engagement Platform user platform. Details on privacy relating to partners using the TEP platform are available in our Data Sharing Agreement.

For the purposes of research and business development initiatives, we may share relevant personal data between TEP Services and ImpactEd Group Limited. Within this sharing agreement we adhere to the restrictions of the data protection policy and any other individual confidentiality agreements

TEP Services will comply with all obligations and procedures set out under the UK Data Protection Act 2018 and UK General Data Protection Regulation (“GDPR”).

Definitions

Service

The Service is the www.tep.uk websites operated by TEP Services.

Personal Data

Personal Data means data about a living individual who can be identified from those data (or from those and other information either in our possession or likely to come into our possession).

Usage Data

Usage Data is data collected automatically either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

Cookies

Cookies are small files stored on your device (computer or mobile device).

Data Protection Legislation

The UK Data Protection Act 2018 and UK General Data Protection Regulation (“GDPR”), or any equivalent or similar legislation implemented in the United Kingdom.

Information and Collection Use

We collect several different types of information for various purposes to provide and improve our Service to you.

Types of Data Collected

Personal Data

While using our Service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data"). Personally identifiable information may include, but is not limited to:

Cookies and Usage Data

Usage Data

We may also collect information on how the Service is accessed and used ("Usage Data"). This Usage Data may include information such as your computer's Internet Protocol address (e.g. IP address), browser type, browser version, the pages of our Service that you visit, the time and date of your visit, the time spent on those pages, unique device identifiers and other diagnostic data.

Tracking Cookies Data

We use cookies and similar tracking technologies to track the activity on our Service and we hold certain information.

Cookies are files with a small amount of data which may include an anonymous unique identifier. Cookies are sent to your browser from a website and stored on your device. Other tracking technologies are also used such as beacons, tags and scripts to collect and track information and to improve and analyse our Service.

You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Service.

Examples of Cookies we use:

Session Cookies. We use Session Cookies to operate our Service.
Preference Cookies. We use Preference Cookies to remember your preferences and various settings.
Security Cookies. We use Security Cookies for security purposes.

Use of Data

TEP Services uses the collected data for various purposes:

To provide and maintain the Service
To notify you about changes to our Service
To allow you to participate in interactive features of our Service when you choose to do so
To provide customer care and support
To provide analysis or valuable information so that we can improve the Service
To monitor the usage of the Service
To detect, prevent and address technical issues

Transfer of Data

Your information, including Personal Data, will not be processed in any country outside the United Kingdom or European Economic Area unless under such frameworks as approved by the European Commission as offering adequate levels of protection.

If you are located outside the United Kingdom and choose to provide information to us, please note that we transfer the data, including Personal Data, to the United Kingdom and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

TEP Services will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

Disclosure of Data

Legal Requirements

TEP Services may disclose your Personal Data in the good faith belief that such action is necessary to:

To comply with a legal obligation
To protect and defend the rights or property of TEP Services
To prevent or investigate possible wrongdoing in connection with the Service
To protect the personal safety of users of the Service or the public
To protect against legal liability

TEP Services will implement and maintain all appropriate technical and organisational security measures to ensure a level of security appropriate to the risk to data when it is processed by TEP Services including, as appropriate, the measures referred to in Article 32(1) of the UK GDPR.

Security of Data

The security of your data is important to us but remember that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

Service Providers

We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

Analytics

We may use third-party Service Providers to monitor and analyse the use of our Service.

Statcounter

Statcounter is a web traffic analysis tool. You can read the Privacy Policy for Statcounter here: https://statcounter.com/about/legal/

Links to Other Sites

Our Service may contain links to other sites that are not operated by us. If you click a third party link, you will be directed to that third party's site. We strongly advise you to review the Privacy Policy of every site you visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, or would like to register a request or complaint, please contact us:

By email: hello@impactedgroup.uk

The Engagement Platform Fair Usage Policy

Purpose This policy ensures optimal platform performance and equitable access for all subscribers while preventing misuse of TEP's services.

Reasonable Usage Guidelines

User Accounts:

User accounts are intended for individual use only and may not be shared.
Account creation should reasonably reflect actual staff at your organisation.
Inactive accounts may be archived after 12 months of non-use.

Survey Distribution:

Surveys should be distributed to legitimate stakeholder groups (staff, pupils, families, governors or defined stakeholder group).
Bulk or automated survey distribution outside your organisation (e.g. general public) is prohibited unless explicitly agreed in writing with TEP.
Survey frequency should align with standard census windows (typically termly).

Data Processing:

Platform usage should correspond to your organisation's size and subscription level.
Excessive data uploads, exports, or API calls that impact system performance may be restricted.

Platform Access:

Platform access is for your organisation's internal use only.
Providing access to external consultants or third parties requires prior written approval.
Commercial redistribution of platform access is prohibited.

Support Resources:

Support requests should relate directly to platform use, data collection, understanding and utilising data, and engaging with community content.
TEP provides technical platform and data guidance but is not a consultancy or advisory service.
We may signpost you to appropriate external support where your needs fall outside our scope.
Data review calls are provided on a reasonable-use basis following census collection points.
Requests for multiple concurrent calls or repeated training sessions with different teams may be subject to additional charges.
Excessive or repetitive support requests may be subject to additional charges.

Enforcement TEP reserves the right to monitor usage patterns and may contact subscribers whose usage significantly exceeds normal parameters. Continued excessive usage may result in service restrictions or additional charges.

Questions? Contact support@tep.uk for clarification on appropriate usage.

Subprocessors

Last amended: 11/07/2025

The following page contains an up-to-date list of authorised Subprocessors used by TEP Serviced Limited to process Data. This list may be updated from time to time following the procedures as outlined in our Data Sharing Agreement.

‍

Entity Name	Entity Type	Purpose	Web Address
Amazon Web Services	Cloud Service Provider	Cloud hosting service for the operation of the Platform.	https://aws.amazon.com
Appsignal B.V.	Analytics Provider	Service provider used to monitor Platform uptime and error tracking.	https://appsignal.com
Google Inc.	Cloud Service Provider	Integration used to input Data in an encrypted format.	https://cloud.google.com
Mailchimp	Email Service Provider	Cloud Service Provider used for customer newsletters.	https://mailchimp.com/
Mailgun	Email Service Provider	Cloud Service Provider used to automate Platform emails.	https://www.mailgun.com
New Relic, Inc	Cloud Service Provider	Service provider used to monitor Platform responsiveness and pinpoint memory and performance issues.	http://www.newrelic.com/
Papertrail	Analytics Provider	Logs application actions: used for maintenance and bug fixing.	https://papertrailapp.com
Pusher	Notifications Provider	To provide real-time notifications when enabled/requested.	https://pusher.com/
Salesforce.com, Inc (Heroku)	Cloud Service Provider	Cloud management service for the operation of the Platform. TEP Services Ltd uses Heroku, a Salesforce platform.	https://www.heroku.com
Wonde Ltd	Integration Provider	Integration provider used for REST API access to school MIS.	https://www.wonde.com/
Zimuth, Inc (as Scout APM)	Cloud Service Provider	Service provider used to monitor Platform responsiveness and pinpoint memory and performance issues.	https://scoutapm.com/