#ITjustworks
Legal

Privacy Policy

Last Updated: April 2026

Last Updated: April 2026

At ITjustworks, we value absolute clarity and authenticity. We believe data protection is a fundamental leadership responsibility. This policy explains precisely how ITjustworks Ltd collects, uses, and protects your personal data when you interact with our website or engage our services.

Jump to section
  1. 1. Information We Collect
  2. 2. Purpose of Processing
  3. 3. Data Storage and Security
  4. 4. Third-Party Sharing
  5. 5. Data Retention
  6. 6. Your Rights under UK GDPR

1. Information We Collect

We collect information strictly necessary to provide our services and communicate effectively. This includes:

  • Contact Information: Name, role, organisation, location, and work email address when you submit an enquiry via our website.
  • Engagement Data: Information shared during consultations, audits, and training sessions required to fulfil our professional contracts.
  • Technical Data: Standard internet log data, including IP addresses and browser types, collected via essential cookies to ensure our website functions securely and optimally.

2. Purpose of Processing

We process your personal data under the lawful basis of legitimate interests and contract performance to:

  • Respond to your initial enquiries and provide accurate proposals.
  • Deliver our digital transformation, cyber security, and training services.
  • Manage our ongoing client relationships and administrative tasks, such as invoicing.

3. Data Storage and Security

As advocates of secure, cloud-first infrastructure, we practice what we preach. Your data is stored securely using enterprise-grade cloud platforms. We implement robust cyber security measures, access controls, and encryption in full alignment with NCSC guidance to protect your data against unauthorised access, alteration, or loss.

4. Third-Party Sharing

We do not sell, rent, or trade your personal information to anyone. We only share data with carefully vetted, standard third-party service providers (such as secure email hosts and accounting software) who process data on our behalf. All our partners are required to comply strictly with UK GDPR requirements.

5. Data Retention

We retain personal data only for as long as necessary to fulfil the purposes outlined in this policy, maintain our professional relationship, and comply with our legal and regulatory obligations under UK law.

6. Your Rights under UK GDPR

Under the UK General Data Protection Regulation (UK GDPR), you hold specific rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your personal data (the "right to be forgotten").
  • Restriction: Request that we limit the processing of your data.

Questions about this document? Get in touch.

Terms Privacy Return to Homepage