Privacy Policy
Last updated: 3 March 2026
1. Who we are
Inteeka (“we”, “us”, “our”) is a digital agency specialising in SaaS product development and internal tool building. We are the data controller for the personal data described in this policy.
Contact for data enquiries: privacy@inteeka.com
2. Data we collect
We only collect data that you voluntarily provide via our contact form:
| Data | Purpose | Legal basis |
|---|---|---|
| Name | Respond to your enquiry | Consent (Art. 6(1)(a)) |
| Email address | Respond to your enquiry | Consent (Art. 6(1)(a)) |
| Company name (optional) | Context for your enquiry | Consent (Art. 6(1)(a)) |
| Message content | Understand and respond to your request | Consent (Art. 6(1)(a)) |
| IP address | Fraud prevention and rate limiting | Legitimate interest (Art. 6(1)(f)) |
We do not use cookies, tracking pixels, or analytics that process personal data. We do not collect data from any source other than direct submissions.
3. How we use your data
- To respond to your contact form enquiry
- To send you an acknowledgement email confirming we received your message
- To protect our service from spam and abuse (rate limiting, bot detection)
We will never sell, rent, or share your personal data with third parties for marketing purposes.
4. Third-party data processors
We use the following third-party services to process your data. Each operates under their own privacy policy and data processing agreement:
| Processor | Purpose | Data shared |
|---|---|---|
| Postmark (Wildbit LLC) | Transactional email delivery | Name, email, message content |
| Google reCAPTCHA v3 | Bot and spam protection | Browser interaction signals (no personal data stored) |
| Vercel | Website hosting (EU region — London) | Server logs (anonymised), form submission processing |
Google reCAPTCHA is subject to Google's Privacy Policy and Terms of Service.
5. Data retention
Contact form submissions are retained for a maximum of two years from the date of submission, in accordance with GDPR Article 5(1)(e) (storage limitation principle). After this period, submissions are anonymised or permanently deleted.
IP addresses stored for fraud prevention follow the same retention period.
6. Your rights
Under GDPR, you have the following rights regarding your personal data:
- Right of access (Art. 15) — request a copy of the personal data we hold about you
- Right to rectification (Art. 16) — request correction of inaccurate data
- Right to erasure (Art. 17) — request deletion of your personal data
- Right to restrict processing (Art. 18) — request that we limit how we use your data
- Right to data portability (Art. 20) — receive your data in a structured, machine-readable format
- Right to object (Art. 21) — object to processing based on legitimate interest
- Right to withdraw consent (Art. 7(3)) — you may withdraw your consent at any time
To exercise any of these rights, contact us at privacy@inteeka.com. We will respond within 30 days as required by Article 12 of the GDPR.
7. Data security
We implement appropriate technical and organisational measures to protect your personal data, including:
- Encryption in transit via TLS 1.2+ with HSTS enforcement
- Access controls — personal data is only accessible to authenticated administrators
- Rate limiting and bot protection on all public-facing forms
- Regular security audits and dependency vulnerability scanning
We hold ISO/IEC 27001:2022 certification for information security management, ISO 9001:2015 for quality management, and ISO 14001:2015 for environmental management.
8. International data transfers
Our website is hosted on Vercel in the London (EU) region. Some of our third-party processors (Postmark, Google) may process data in the United States. Where data is transferred outside the EEA/UK, it is protected by Standard Contractual Clauses (SCCs) or equivalent safeguards as required by GDPR Chapter V.
9. Complaints
If you believe we have not handled your personal data in accordance with this policy, you have the right to lodge a complaint with your local supervisory authority. In the UK, this is the Information Commissioner's Office (ICO):
10. Changes to this policy
We may update this privacy policy from time to time. Any changes will be posted on this page with an updated “last updated” date. We encourage you to review this policy periodically.