Privacy Policy

Last updated: May 2025 | Effective: May 2025

This Privacy Policy explains how Iterize Ltd (“Iterize”, “we”, “us”, “our”) collects, uses, and protects your personal data. We are committed to protecting your privacy and operating in full compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are

Iterize Ltd is a company registered in England and Wales. Our registered office is at 128 City Road, London, EC1V 2NX, United Kingdom.

For data protection enquiries, please contact us at: iterizec@iterize.co.uk

2. What Personal Data We Collect

We may collect and process the following categories of personal data:

  • Identity data: First name, last name, job title, company name
  • Contact data: Email address, telephone number, postal address
  • Technical data: IP address, browser type, operating system, referring URLs
  • Usage data: Information about how you use our website
  • Communication data: Your preferences in receiving communications from us
  • Enquiry data: The content of any messages or enquiries submitted to us

We do not collect any Special Category data (such as health, race, religion, or political views) through this website.

3. How We Collect Your Data

We collect data through the following means:

  • Direct interactions: When you complete our contact form, send us an email, or speak with us by telephone
  • Automated technologies: Cookies, server logs, and analytics tools when you visit our website
  • Third parties: Publicly available business directories and professional networks (for B2B outreach)

4. Legal Basis for Processing

We process your personal data on the following legal grounds:

  • Consent: Where you have provided explicit consent (e.g., submitting our contact form)
  • Contract: Where processing is necessary to perform a contract with you
  • Legitimate interests: Where we have a legitimate business interest that is not overridden by your rights
  • Legal obligation: Where we are required to process data to comply with the law

5. How We Use Your Data

We use your personal data to:

  • Respond to enquiries and provide information about our services
  • Deliver services under a contract with you or your organisation
  • Send marketing communications where you have opted in
  • Improve and optimise our website and services
  • Comply with our legal and regulatory obligations
  • Prevent fraud and ensure the security of our systems

6. Data Retention

We retain personal data only for as long as necessary for the purposes described in this policy. Typical retention periods are:

  • Enquiry data: 2 years from last contact
  • Client data: 7 years from end of the engagement (for accounting and legal purposes)
  • Website analytics: 26 months
  • Marketing consent records: Until consent is withdrawn, plus 6 months

7. Your Rights Under UK GDPR

You have the following rights regarding your personal data:

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion of your personal data in certain circumstances
  • Right to restrict processing: Request we limit how we use your data
  • Right to data portability: Receive your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests or for direct marketing
  • Rights related to automated decision-making: Not to be subject to solely automated decisions that significantly affect you

To exercise any of these rights, please contact us at iterizec@iterize.co.uk. We will respond within 30 days.

8. Cookies

We use cookies and similar tracking technologies on our website. Please see our Cookie Policy for full details.

9. Third-Party Sharing

We do not sell your personal data. We may share it with trusted third-party service providers who act as data processors on our behalf, including:

  • Cloud hosting providers (e.g., AWS, Vercel)
  • Analytics services
  • Email and communication platforms

All third-party processors are contractually bound to process data only on our instructions and in compliance with UK GDPR.

10. International Transfers

Where we transfer personal data outside the UK or EEA, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the UK Information Commissioner's Office (ICO).

11. Complaints

If you are unhappy with how we handle your personal data, you may raise a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or by calling 0303 123 1113.

12. Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes by posting a notice on our website. The “last updated” date at the top of this page indicates when it was most recently revised.