ittd.worksittd ltd — creators of the .logic platform
policies

privacy policy

last updated: 03 december 2025

our approach

iTTD LTD takes privacy seriously. we collect what we need, protect what we hold, and respect your rights. no dark patterns, no selling your data, and no using it for purposes that are wildly different from what you would reasonably expect.

this policy explains how we handle personal data when you visit our websites, use the .logic platform, or interact with us as a customer, supplier or prospective partner. it is designed to satisfy UK GDPR and related UK data protection law.

what we collect

the information we collect depends on how you interact with us, but typically includes:

account information: name, email address, role, company details, billing information and contact preferences.

usage data: how you use the platform (features accessed, timestamps, performance metrics, click paths, error logs and related diagnostic information).

business data: information you enter into the platform (jobs, customers, assets, routes, documents and related records). this data often contains personal data relating to your staff, contractors and customers. you are the controller of this data; we act as a processor.

technical data: IP address, approximate location, browser type, device identifiers, operating system and cookie identifiers.

communication data: messages you send to us, such as support tickets, feedback, and emails.

why we collect it (legal bases)

we use personal data for the following purposes and legal bases:

  • to provide and operate the platform — to set up accounts, authenticate users, process data, and deliver core features (performance of a contract).
  • to support you — responding to questions, troubleshooting issues, and improving reliability (performance of a contract / legitimate interests).
  • to improve the platform — analysing usage, monitoring performance, and developing new features (legitimate interests).
  • to send important notices — such as security alerts, service changes, and legal updates (legal obligation / legitimate interests).
  • to promote relevant content — for example, letting you know about new features or verticals we believe will be useful (legitimate interests / consent where required).
  • to comply with the law — including accounting, tax and regulatory obligations (legal obligation).

how we protect it

security is part of the architecture, not an add-on. measures include:

  • encryption in transit (TLS) and at rest
  • role-based access controls and least-privilege design within our environments
  • segregation of customer environments where appropriate
  • audit logging and monitoring of key events
  • regular patching, backups and recovery testing
  • access to production systems restricted to named personnel on a need-to-know basis

no system can be perfectly secure, but we treat security as a core engineering responsibility rather than a compliance checkbox.

who we share it with

we may share personal data with:

  • infrastructure providers (for example, cloud hosting, databases, backup and monitoring).
  • payment processors (for example, to process card payments and manage subscriptions).
  • communication tools (for example, to send transactional emails and service messages).
  • professional advisers (lawyers, accountants, auditors) where necessary.
  • law enforcement or regulators where we are legally required to do so.

we require our processors to handle data securely and only in accordance with our instructions. we do not sell your data, and we do not permit third parties to use it for their own marketing or profiling.

international transfers

our primary infrastructure is hosted within reputable cloud providers. some providers may process data in countries outside the UK/EEA. where this occurs, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms to protect your data.

AI and automation

the .logic platform uses AI components to support analysis, suggestions and workflow automation. these components may process customer data for the purpose of delivering the relevant feature. where we use external AI providers, they are bound by contractual terms that restrict them from training their public models on your data.

we do not make fully automated decisions that have legal or similarly significant effects on individuals without appropriate human review.

your rights (UK GDPR)

if you are in the UK or EEA, you have rights over your personal data, including the right to:

  • access a copy of the data we hold about you
  • correct inaccurate or incomplete data
  • delete data in certain circumstances
  • restrict or object to certain types of processing
  • request data portability
  • withdraw consent where processing is based on consent

to exercise these rights, contact privacy@ittd.works. we may need to verify your identity before responding.

data retention

we retain customer data for as long as you have an active agreement with us. after termination, we typically retain data for up to ninety (90) days to allow orderly export and closure, after which it is securely deleted or anonymised, unless we are legally required to keep it for longer (for example, financial records).

cookies

we use essential cookies for functionality and analytics cookies to improve the service. for more detail on the specific cookies we use, retention periods and how to manage your choices, see our cookie policy.

questions or concerns

privacy questions? email privacy@ittd.works.

you also have the right to lodge a complaint with the UK Information Commissioner's Office (ICO), but we would appreciate the chance to address your concerns first.

this policy is a working draft and will be expanded as the platform evolves. our aim is simple: strong privacy, clear communication and no surprises.