top of page

The Eight Mindsets Privacy Policy


1. About this Policy

The Eight Mindsets is run by individuals based in Sydney, NSW, Australia and New Jersey, United States. This policy describes the types of personal information we may collect in our role as a data controller, the purposes for which we may use the information, the circumstances in which we may share the information and the steps we take to safeguard this information. We may also process other data in our role as a data processor on behalf of other data controllers in strict accordance with their instructions, which may differ from what is described in this Policy.

2. The Information We Collect

The Eight Mindsets provides a number of different training services and courses, and maintains a number of online applications, each of which may collect different kinds of personal information. Depending upon the service, product and application, the following personal information may be collected:

  • Login credentials, IP addresses, website cookies, internal unique identifiers, and other session details when our online applications are used;

  • Basic contact information such as name, business address, email address, and telephone number;

  • Employment-related information such as work history, ownership in companies, current employer, division, department, title, and job duties;

  • Contact information for external references such as name, employer, position, and relationship


This is a broad description of the types of personal information that our organisation processes. To understand how your own personal information is processed in each particular instance you may need to refer to any personal communications you may have received from us, check any privacy notices we may have provided to you or made available on our site or contact us to ask about your personal circumstances.


3. What We Do With Collected Information

As with the types of information collected, the purposes for which The Eight Mindsets processes personal information vary depending on the service, product or application.

Such purposes may include:

  • Creating profiles to help us manage our relationship with site visitors and ensure that our members, visitors and customers receive and maintain updated information;

  • Improving our products and services;

  • Periodically sending promotional emails about products, special offers, or other information we think you may find interesting using the email address you have provided (if you opted in to receive such communications).

Training Hat does not sell personal information.

4. Direct Marketing 

If you are a client, a member or have otherwise expressed interest and provided us with your contact details, we may send you emails to you with information about legal developments such as publications, alerts and newsletters and marketing our services such as seminar invitations. In relation to direct marketing via electronic means, we comply with the Spam Act 2003.

If you do not wish for us to send you such emails, please let us know by contacting our Office Manager at

5. Use of Cookies and Web Beacons

We may use “cookies” (small text files that may be placed on your web browser when you visit our website). The information derived from cookies is used for administrative purposes and to improve your experience with our website. For example, this information may help authenticate you (verify that you are who you say you are), an essential component of our website security. It also helps you more easily navigate our website by remembering your identity so that you do not have to input your password several times as you move between pages. You can prevent cookies from being set. However, if you decline to use cookies, you may experience reduced functionality and, when we require authentication, declining cookies may prevent you from using the website altogether.

It is important to note that our Privacy Policy does not apply to linked websites.


We may also use web beacons (a small graphic image placed on a webpage or in an email message to monitor user activity, such as whether the webpage or email is accessed or clicked). We use this data for administrative purposes; to assess the usage and performance of our services; to improve user experience; and as otherwise permitted by applicable law or regulation.

In addition, cookies and web beacons may be used to track information and identify categories of visitors by items such as IP address, domain, browser type and pages visited to improve our service. We may use the Google Analytics™ web analytics tool to assist us in analyzing how visitors engage with our website and arrive at the public portion of the website. Further information about Google Analytics can be found at the Google Analytics Privacy Policy.

We may also use a HubSpot, Inc. marketing automation tool that helps us analyze the impact of our web presence and our customers’ use of the TPMS, for market research purposes. HubSpot’s documentation provides further information about the use of cookies and web beacons by this tool.

6. Retention Periods

We keep your personal data no longer than is necessary for the purposes for which personal data is processed. 

For specific details about retention periods or if you have questions about our retention of your data, please contact the Data Protection Officer at

7. Disclosure of Information to Third Parties

We will not share your personal information with third parties, except as described herein, in separate data notices that you may receive from us or as authorized by you. The Eight Mindsets may share personal and other information with one another in the course of and for the purpose of providing services such as those described above to their members and customers. We may also share your information or portions thereof with a limited number of non-affiliated processing companies that perform routine support services for The Eight Mindsets, including: those that provide professional, legal, or accounting advice to The Eight Mindsets; translation professionals; firms that provide data hosting, software development and database management services; and law firms that are engaged to conduct audits of the personal information you have provided. These third parties are required to maintain the confidentiality of your personal information, and to use your personal information only in the course of providing such services to The Eight Mindsets, and only for the purposes that The Eight Mindsets dictates. Any other disclosure of your personal information will be pursuant to your express consent.

If you have questions or concerns over your personal information’s disclosure to a third party as described above or wish to opt out from such disclosure, please contact the Data Protection Officer as explained above.

8. Protecting your information 

We will hold your personal information and sensitive information in our electronic databases. We will use appropriate systems to protect your personal information.

A data breach will occur when the personal information held by us is lost or subjected to authorised access or disclosure.

If there is a breach, our first response will be to contain a suspected or known breach where possible. This will include taking immediate steps to limit any further instances of access or distribution to the personal information.

If the breach will likely result in serious harm, under the Notifiable Data Breaches Scheme you will be notified and it will include recommendations about the steps you may take in response to the breach. We will also notify the Australian Information Commissioner.

9. Accessing and Requesting Deletion of your Personal Information 

You may request access to your information we hold about you or request that we make corrections to that information. 

You may request deletion of your personal information at any time by contacting us directly, and we will respond to your request without undue delay, typically within 30 days or less. 

10. Country Transfer of Personal Data

Personal data may be processed by The Eight Mindsets in Australia and the United States. Any transfers of your personal data between countries will be done strictly in compliance with applicable law. 

We will not disclose your personal information to an oversea recipient, except where required for the purposes of providing training services. In those circumstances your personal information may be sent overseas for that particular matter. All personal information collected by The Eight Mindsets that may affect a European Union citizen will be in compliance with the GDPR.

11. Changes to Our Privacy Policy

This policy provides a general statement of the ways in which The Eight Mindsets protects your personal information. We may supplement this statement by sending you a specific data notice or we may update this Privacy Policy at any time, with or without advance notice. In the event there are significant changes in the way we treat your personally identifiable information, we will update this policy and may send you a personal communication summarizing the revisions.

12. Contact

If you have questions or concerns about our processing of personal information, please contact the The Eight Mindsets Data Protection Officer at the following address:


The Eight Mindsets

Attention: Data Protection Officer


Effective Date: 30 Jan 2021


bottom of page