TeamOS Privacy Addendum

Last updated: 10 March 2026
Next review: 1 July 2026
Applies to: Users of the TeamOS platform

Preamble

This Addendum supplements the TMS Privacy Policy. It applies specifically to users of the TeamOS platform.

If you are located in Australia, the Australia Addendum also applies. If you are located in the UK, EU, or EEA, the GDPR Addendum also applies.

Order of precedence (TeamOS use only):
1) This TeamOS Privacy Addendum → 2) Relevant jurisdictional addendum (Australia or GDPR) → 3) TMS Privacy Policy.

Data Controller

Team Management Systems IP Pty Ltd trading as TMS Global
ABN: 60 677 148 355
139 Coronation Drive, Brisbane, QLD 4064, Australia
Phone: +61 (0)7 3368 2333
Email: info@teammanagementsystems.com

EU Representative (GDPR Article 27): PLANIT // LEGAL, Hamburg, Germany

1. Scope

This Addendum describes additional data processing that occurs when you use TeamOS. TeamOS is a workplace platform intended for use by adults in a professional context. It is not directed at individuals under the age of 16.

2. Additional Categories of Data Processed

When you use TeamOS, we process: Conversation data (your chat inputs, queries, and related responses); Profile and assessment data (limited extracts from your TMS assessments or team data, only where necessary to generate outputs); and System metadata (device identifiers, logs, and interaction timestamps).

Pre-send redaction: We apply automatic redaction to remove or minimise direct identifiers (such as names, emails, or account numbers) before data is shared with AI processors.

3. Processors and Data Hosting

In addition to the processors described in our TMS Privacy Policy, TeamOS relies on the following third-party processors. For the current register, see our TeamOS Sub-Processor Register.

• Microsoft Corporation (Australia East) — Azure OpenAI Service for AI processing; Azure Cloud Infrastructure for hosting, database, file storage, and authentication.
• Clerk, Inc. (United States) — Authentication services for email login users.
• Resend, Inc. (United States) — Email delivery for system notifications.
• Cloudflare, Inc. (Global) — Content delivery and DDoS protection.

International Transfers: Your most sensitive data — including AI conversations, psychometric assessment extracts, database records, and stored files — is processed and stored entirely in Australia (Microsoft Azure Australia East). Limited data is transferred to the United States for authentication (Clerk), email delivery (Resend), and CDN/security (Cloudflare), all protected by Standard Contractual Clauses.

4. Lawful Bases for Processing

• Platform Services: Contractual necessity (GDPR Article 6(1)(b)) — account creation, authentication, AI-powered features.
• Platform Security: Legitimate interests (GDPR Article 6(1)(f)) — security monitoring, fraud prevention, system logging.
• Legal Compliance: Legal obligation (GDPR Article 6(1)(c)) — responding to legal requests, regulatory reporting.

5. Retention

• Chat and Interaction Data: 12 months from the date of the conversation.
• Assessment Extracts: The shorter of (a) the duration of your active subscription/contract, or (b) 24 months following your last login.
• System Logs and Metadata: 90 days from creation.

You may request early deletion of your data at any time by contacting info@teammanagementsystems.com.

6. Data Subject Rights

You have the right to: access a copy of all personal data we hold about you in TeamOS; request correction of inaccurate data; request deletion of your TeamOS data; request transfer of your data in machine-readable format; and object to processing based on legitimate interests.

To exercise your rights, email info@teammanagementsystems.com or use the Privacy & Data section in your account settings.

7. Psychometric Data and Sensitive Information

TMS psychometric instruments measure work role preferences, communication styles, and team orientation. These are not clinical, diagnostic, or health-related assessments. Psychometric assessment results processed in TeamOS are not classified as special category personal data under GDPR Article 9. Notwithstanding this, TMS applies elevated technical and organisational safeguards to psychometric data, including encryption at rest and in transit and pre-send redaction.

8. Data Breach Notification

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify relevant data protection authorities within 72 hours where feasible, and notify you without undue delay if the breach is likely to result in a high risk to your rights and freedoms. Contact for breach-related inquiries: info@teammanagementsystems.com

9. Disclaimers

AI outputs generated in TeamOS are probabilistic, may be inaccurate, and do not constitute professional advice. TeamOS is not a substitute for professional psychological assessment, legal, medical, or financial advice, or HR decision-making.

10. Changes to This Addendum

We may update this Addendum to reflect changes in data processing practices or legal requirements. We will provide email notification to registered users at least 30 days before the effective date of material changes.

11. Contact

Privacy Officer, Team Management Systems
Email: info@teammanagementsystems.com
Phone: +61 (0)7 3368 2333
139 Coronation Drive, Brisbane, QLD 4064, Australia

Supervisory Authorities:
Australia: OAIC — www.oaic.gov.au
EU/EEA: Your local Data Protection Authority
UK: ICO — www.ico.org.uk