Privacy Policy

Your privacy is important to us. This Privacy Policy explains our practices regarding the collection, use and disclosure of information that we receive through our Services. This Privacy Policy does not apply to any third-party websites, services or applications, even if they are accessible through our Services.

In this Privacy Policy:

  • We’ll refer to our website as the “Site”.
  • We’ll refer to all the products and services we provide, individually and collectively, as the “Services”.
  • We’ll refer to you, the person or entity accessing our Site or using our Services, as “you” or “your” or (if you are a purchaser of our Services), our “customer”.


Data Controller: For general data protection regulation purposes, the “Data Controller” means the organization who decides the purposes for which, and the way in which, any Personal Information is processed. Our customers are the Data Controllers.

Data Processor: A “Data Processor” is an organization which processes Personal Information for a Data Controller. We are the Data Processor for our customers. As a Data Processor, we are bound by the requirements of the UK General Data Protection Regulation (UK GDPR), tailored by the Data Protection Act 2018.

Processing: Data processing is any operation or set of operations (whether automated or not) performed on Information. Examples of data processing explicitly listed in the text of the UK GDPR are:

(a) collection, recording, organisation, structuring or storage,

(b) adaptation or alteration,

(c) retrieval, consultation or use,

(d) disclosure by transmission, dissemination or otherwise making available,

(e) alignment or combination, or

(f) restriction, erasure or destruction

Personal data: Personal data is any information which is about you, from which you can be identified. Personal Information includes information such as an individual's name, address, telephone number, or e-mail address. Personal Information also includes information about an individual's activities, such as information about his or her activity on Site or our Services, and demographic information, such as date of birth, gender, geographic area, and preferences, when any of this information is linked to personal information that identifies that individual. Personal Information does not include "aggregate" or other non-personally identifiable information. Aggregate information is information that we collect about a group or category of products, services, or users that is not personally identifiable or from which individual identities are removed.

How do we collect Personal Information?

In our service as a Data Processor, we collect Personal Information from Data Controllers in several ways:

  • Information you provide to us directly.
  • Information we may receive from third parties.
  • We may receive information about you, including Personal information, from other third parties, and may combine this information with other personal information we maintain about you. If we do so, this Privacy Policy governs any combined information that we maintain in personally identifiable format.

What information do we collect?

We may collect the following types of personal information from you:

  • Your first and last name, username and email address.
  • Your company’s name.
  • Your (and/or your company’s) physical address.
    Information you choose to provide us through our Services (including, for example, your birthdate and/or phone number).
  • We may collect information you post to, or collect from, users of the Services. We use this information to operate, maintain, and provide to you the features and functionality of the Services.
  • We may also collect and aggregate information about the use of our Site and our Services. That information includes browser and device data, such as IP address, device type, screen resolution, browser type, operating system name and version, language, as well as add-ons for your browser. The information may also include usage data, including the pages visited on and links clicked on our Site, the time spent on those pages, and the pages that led or referred you to our Site.
  • We may also permit third-party online advertising networks to collect information (through Cookies or similar tracking technology) about your and others’ use of our Services and any of your mobile or web applications, in order to allow those third-party networks to display ads that may be relevant to your interests on our Services as well as on other websites or apps.

What do we use your Personal Information for?

We will use your Personal Information, in compliance with this Privacy Policy, to help us deliver the Services to you. Any of the information we collect from you may be used in the following ways:

  • To operate, maintain, and provide to you the features and functionality of the Services.
  • To compile statistics and analysis about use of our Site and our Services.
  • To personalize your experience.
  • To improve our Site and our Services — we continually strive to improve our site offerings based on the information and feedback we receive from you.
  • To improve customer service — your Personal Information helps us to more effectively respond to your customer service requests and support needs.
  • To send periodic emails — The email address you provide may be used to send you information, notifications that you request about changes to our Services, to alert you of updates, and to send periodic emails containing information relevant to your account.
  • If you purchase our Services, then to enable you to purchase, renew and appropriately use a commercial license to our Services.
  • We may also use Personal Information you provide to send you email marketing about IOTICS products and services, invite you to participate in events or surveys, or otherwise communicate with you for marketing purposes. We allow you to opt-out from receiving marketing communications from us as described in the "Your Choices" section below.

We may also use your Personal Information where necessary for us to comply with a legal obligation, including to share information with government and regulatory authorities when required by law or in response to legal process, obligation, or request.

We cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose your Personal Information to government or law enforcement officials or private parties as we believe necessary or appropriate: (i) to respond to claims, legal process (including subpoenas); (ii) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general; and (iii) to stop any activity that we consider illegal, unethical or legally actionable activity.

We will request your consent before we use or disclose your Personal Information for a materially different purpose than those set forth in this Policy.

Your Choices About Your Personal Information

We may use the information we collect or receive to communicate directly with you. We may send email marketing communications about IOTICS. If you do not want to receive such email messages, you will be given the option to opt out. We will try to comply with your request(s) as soon as reasonably practical. Additionally, even after you opt out from receiving marketing messages from us, you will continue to receive administrative messages from us regarding our Services (e.g., account verification, purchase and billing confirmations and reminders, changes/updates to features of the Service, technical and security notices).

In addition, you may opt out of allowing third-party online advertising networks to collect information from our Site by adjusting the browser settings on your computer or mobile device. Please refer to your mobile device or browser’s technical information for instructions on how to delete and disable cookies, and other tracking tools.

Protection of Personal Information

IOTICS cares about the security of your Personal Information, and we make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of your Personal Information. We maintain organizational, technical, and administrative procedures designed to protect your Personal Information against unauthorized access, deletion, loss, alteration, and misuse. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you believe that your interaction with us is not secure, please contact us immediately at

You are responsible for maintaining the secrecy of your unique password and account information, and for controlling access to your email communications from IOTICS. Your privacy settings may also be affected by changes to the functionality of third-party sites and services that you add to the IOTICS Service, such as single sign on. IOTICS is not responsible for the functionality or security measures of any third party. Upon becoming aware of a breach of your Personal Information, we will notify you as quickly as we can and will provide timely information relating to the breach as it becomes known in accordance with any applicable laws and regulations or as is reasonably requested by you.


We use cookies to remember information so that you don’t have to re-enter it during your visit or the next time you visit the Site, to understand and save your preferences for future visits, to compile aggregate data about site traffic and site interaction, to provide custom, personalized content, support, or information, including advertising. Unlike persistent Cookies, session Cookies are deleted when you log off from the Services and close your browser. Although most browsers automatically accept Cookies, you can change your browser options to stop automatically accepting Cookies or to prompt you before accepting Cookies. Please note, however, that if you don’t accept Cookies, you may not be able to access all portions or features of the Site or the Services. At present, there is no industry standard for recognizing Do Not Track browser signals, so we do not currently respond to them.

Who at IOTICS may access your Personal Information?

Designated members of our staff may access Personal Information to help our customers with any questions they have, including help using our Services, investigating security issues, or following up on bug fixes with a customer. This activity is logged in our system for compliance, and we maintain different levels of access for its employees depending on their role in our company.

Do we disclose any information to outside parties?

Except as set out below, we do not sell, trade, or otherwise transfer to outside parties your Personal Information.

  • We may share your Personal Information with other companies owned by or under common ownership as IOTICS, which also includes our subsidiaries (i.e., any organization we own or control).
  • These companies will use your Personal Information in the same way as we can under this Privacy Policy, unless otherwise specified.
  • We may disclose your Personal Information to third-party service providers (for example, payment processing and data storage and processing facilities) that we use to provide the Services.
  • We limit the Personal Information provided to these service providers to that which is reasonably necessary for them to perform their functions, and we require them to agree to maintain the confidentiality of such Personal Information.
  • We may contract with third-party service providers to assist us in better understanding our Site visitors.
  • These service providers are not permitted to use the information collected on our behalf except to help us conduct and improve our business.
  • We may also release your Personal Information when we believe release is appropriate to comply with the law, enforce our site policies, or protect our or others’ rights, property, or safety.
  • In particular, we may release your Personal Information to third parties as required to (i) satisfy any applicable law, regulation, subpoena/court order, legal process or other government request, (ii) enforce our Terms of Service, including the investigation of potential violations thereof, (iii) investigate and defend ourselves against any third party claims or allegations, (iv) protect against harm to the rights, property or safety of IOTICS, its users or the public as required or permitted by law and (v) detect, prevent or otherwise address criminal (including fraud or stalking), security or technical issues.
  • If you enable a public sharing of your IOTICS applications, any information or content that you voluntarily disclose in your application becomes available to the public. If you remove information that you posted to the Services, copies may remain viewable in cached and archived pages of the Service, or if other users of the Services have copied or saved that information.
  • In the event that we enter into, or intend to enter into, a transaction that alters the structure of our business, such as a merger, reorganization, joint venture, assignment, sale, or change of ownership, we may share Personal Information for the purpose of facilitating and completing the transaction.

How do we handle global transfers and processing of your Personal Information?

Personal Information may be stored and processed in any country where we have operations, or where we engage service providers. This means that we may collect your Personal Information from, transfer it to, and store and process it in the United States and other countries outside of where you live. For example, some of our third-party providers may be located in different countries. Where this is the case, we will take steps to make sure the right security measures are taken so that your privacy rights continue to be protected as outlined in this Privacy Policy. Any transfer will be based on an “adequacy decision” as referred to in Article 45 of the GDPR or the UK GDPR. Or based on a Standard Contractual Clauses (also known as "model contract clauses", “model clauses” or “MCCs”) set by the European Commission and adopted by the ICO. Below the current list of Subprocessors authorized to process customer data for IOTICS’ services.


Amazon Web Services

Entity Type: Cloud Service Provider

Entity Location: Ireland

Purpose: Web hosting and infrastructure

Google Ireland Limited

Entity Type: Cloud Service Provider

Entity Type: Ireland

Purpose: Communication, collaboration and analytics


Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Project Management, Service Desk and Collaboration

RealtimeBoard Inc. d/b/a Miro (Miro)

Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Project Management and Collaboration

Salesforce Inc

Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: CRM

Slack Technologies

Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Communication and Collaboration


Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Communication


Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Infrastructure and Security

Grafana Labs

Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Infrastructure Logging, Metrics and Alerting

The Rocket Science Group LLC d/b/a Mailchimp (Mailchimp)

Entity Type: Cloud Service Provider

Entity Location: USA

Purpose: Marketing


Entity Type: Cloud Service Provider

Entity Location: New Zealand

Purpose: Finance and Billing

This list may be updated by IOTICS from time to time. If we do so, we’ll let you know either by posting the modified Privacy Policy on the Site, or through other communications. If you continue to use the Site and the Services after we’ve let you know that the list have been modified, you are indicating to us that you agree to be bound by the modified Privacy Policy.

Retention of your Personal Information

We retain your Personal Information for as long as we need to fulfill our Services. In addition, we retain Personal Information after we cease providing Services to you for a period of 6 months, and to the extent necessary to comply with our legal obligations. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.

Third-party Links

The Services may provide the ability to connect to other websites. These websites may operate independently from us and have their own privacy policies and notices, which we suggest you review. If the linked website is not owned or controlled by us, we are not responsible for its content, or the privacy practices.

Your Consent

By using our site, you consent to this Privacy Policy.


These Services are not directed to individuals under the age of eighteen, and we kindly request they not provide any Personal Information through the Services.

Your Rights

Other rights you have include the rights to:

  • Ask for a copy of your Personal Information
  • Ask us to correct your Personal Information that is inaccurate, incomplete, or outdated
  • Ask us to erase certain categories or types of information, or your Personal Information. If you choose to remove your Personal Information, you acknowledge that we may retain archived copies of your Personal Information in order to satisfy our legal obligations, or where we reasonably believe that we have a legitimate reason to do so
  • Ask us to restrict of processing
  • You have the right to be notified about any rectification or erasure of your personal data or restriction of processing, therefore you will receive an email confirming any action you took or we took on your behalf
  • Ask us to transfer your Personal Information to other organizations
  • Object to processing of Personal Information. Where we have asked for your consent to process information, you have the right to withdraw this consent at any time
  • Not to be subject to a decision based solely on automated processing, including profiling, this shall not apply to the entrance and performance of the contract between you and us
  • Lodge a complaint with the supervisory authority of your country or if you live in the UK with the Information Commissioner’s Office available on

Changes to our Privacy Policy

If we decide to change our privacy policy, we will post those changes on this page. If we are going to use Personal Data collected through the Site in a manner materially different from that stated at the time of collection, then we will notify users via email and/or by posting a notice on our Site for 30 days prior to such use or by other means as required by law.

Jurisdiction-specific Provisions

  • Residents of the European Economic Area and Switzerland: The Data Protection Officer can be contacted at

Contacting Us

If you have any questions, comments, or concerns about this privacy policy, please contact us using the following contact information:


Attn: Privacy

Cannon Place

78 Cannon Street



England, UK