Privacy Policy

Last Updated: February 2026
Welcome. This policy explains how Opus Marketplace, LLC (dba TIC Training Center) collects and uses your information.

1. Key Definitions

"Data": Includes account details, payment metadata, and communication history.
"Service": Refers to our professional training, including On-Demand Training and Live/Interactive Training.
Systems": Refers to our digital infrastructure used to deliver, process, and market our Service. This includes our primary learning platforms, transaction engines, and communication tools (including but not limited to LearnWorlds, Stripe, Google Workspace, Drip, Meta, Vimeo, Cloudflare, Make.com, and our legacy LMS environment).

2. Data Collection & Purpose

We collect the following categories of data to provide our Service:
Identifiers & Professional Info (Name, Email, Job Title): Used to deliver courses, manage your student account, and issue credentials.
Enrollment Timestamps and Withdrawal Waiver Status specifically for the purpose of managing statutory cancellation rights.
Payment Metadata: Used to process transactions via Stripe and comply with financial reporting laws. We do not see or store your credit card numbers; all payment processing is delegated to Stripe.
Marketing & Usage Data: Used via Drip and Google AdWords to provide relevant updates and improve our training reach.
Communication Logs: Used to provide customer support and maintain a record of our professional interactions.
Business Client & Contractor Records: Used to manage B2B and contractor relationships, fulfill contracts, and maintain professional correspondence.

3. Automated Processing & Grading

We want to be transparent about how technology is used to evaluate your work.
Deterministic Automation: We use fixed mathematical logic (such as an answer key) to score quizzes. These automated scores determine whether you pass a course and are eligible for a Certificate of Completion. You have the Right to a Human Review of any automated score.  Our systems track enrollment timestamps to support the manual verification of statutory withdrawal eligibility. While the request is initiated electronically, the final verification and processing are performed by a human-in-the-loop to ensure accuracy.
Certification Decisions: The final decision for the "TIC Practitioner" credential is always Human-in-the-Loop. A qualified professional reviews these records.

4. Data Retention

We are committed to data minimization. We only retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements.
Current Account Data: Retained for the duration of your active account plus two (2) years. This ensures you have time to download certificates of completion if your subscription lapses.
The Certification Vault (Permanent Retention): Records of the TIC Practitioner credential are retained permanently. This is a Legitimate Interest to allow us to verify your professional status for the life of the credential. These records are stored in a secure administrative archive (Google Workspace) and are exempt from general "Right to Erasure" requests to maintain the integrity of the credential.
Financial Records: Retained for seven (7) years to comply with North Carolina tax and IRS obligations.
Statutory Withdrawal Records: To facilitate your 14-day right of withdrawal under EU Directive 2023/2673, we track enrollment timestamps and transaction metadata. Data used to manage the 14-day window is deleted immediately upon expiry. Records of processed withdrawals and signed waivers are retained for ten (10) years to comply with EU limitation periods for contract disputes.
Business Client & Contractor Records: Contracts, business correspondence, and pre-agreement communications are retained for six (6) years following the end of the project or agreement for legal and tax purposes.
Communication Logs: Data submitted via contact forms, support emails, or portal messaging is retained for two (2) years. This allows us to maintain a record of our professional interactions and provide consistent support, even if an account is never created.
Marketing & AdWords: Data used for targeted marketing (like Drip and Google Ads) relies on your consent. If you opt out, we will immediately stop tracking your session for advertising purposes and remove you from our active marketing audiences. We will also delete your marketing profile from our internal systems (like Drip) within 30-90 days. (Note: Third-party networks like Google may retain historical, aggregated interaction data according to their own privacy policies).
Legacy Data & Migration: We are currently transitioning from legacy systems. Data from these environments may be migrated to our current Service to fulfill existing contractual obligations. This data is subject to these same retention schedules and is systematically purged once the transition is complete. If your data exists only within our legacy environment and you are not an active subscriber to our current marketing systems, we will not use your information for new marketing purposes without fresh, affirmative consent.

5. Your Privacy Choices

We provide several ways for you to manage your data and exercise your rights under global privacy laws.
Global Privacy Control (GPC): While we are working with our platform provider (LearnWorlds) to fully automate this signal, you have direct control over your data right now. You can update your tracking and cookie preferences at any time by going to Me > Account > Notifications & Privacy in your student dashboard.
Fulfillment Buffer: For complex requests involving multiple systems (LearnWorlds, Drip, AdWords, and Legacy systems), we may use a 60-day extension (for a total of 90 days) to ensure all data is correctly purged or de-identified.
UK DUAA Complaints Procedure: If you are a resident of the United Kingdom, you have the right to lodge a formal complaint regarding our data processing practices under the Data (Use and Access) Act 2025. Please submit your request via our Data Grievance & Complaints Procedure. We guarantee a response and resolution plan within thirty (30) days of receipt.

6. Business Transfers & Ownership Changes

In the event of a merger, acquisition, or sale of assets, student data is considered a business asset. We will notify individual students and B2B Seat Managers via email or a prominent notice on our portal at least 30 days before any transfer of control. You will be given the choice to have your data deleted before the transfer is finalized.

7. International Transfers & Liability

We work with global partners to provide our Service and use specialized legal safeguards when data moves across international borders.
Controller-to-Processor: We act as the Data Controller. Our partners (LearnWorlds, Stripe, Drip, Google) act as Data Processors. Liability for platform-level security resides with the respective processors.
Cross-Border Flows: We use specialized legal safeguards when data moves across international borders. For transfers between the EU and the US, we rely on the EU-U.S. Data Privacy Framework and Standard Contractual Clauses (SCCs). For users in Brazil, we rely on the February 2026 EU-Brazil Adequacy Decision, allowing seamless transfer to our EU-hosted platform. For users in the UK, we rely on "Recognised Legitimate Interests" under the UK DUAA for security and fraud prevention.

8. Changes to this Policy

We may update this policy periodically to reflect legal or technical changes. We will notify students and B2B Seat Managers of material changes via email or our training portal. Continued use of the Service after an update constitutes acknowledgment of the new terms.
Contact Us
General Support & Accessibility Feedback
For general questions, course support, or to request a reasonable accommodation, please reach out to our support team:
Formal Legal & Privacy Inquiries
For formal legal notices, privacy inquiries, or Data Subject Access Requests (DSARs), you may contact us at: