← Back to Home

Privacy Policy

Last updated: 3 June 2026

1. Who we are

This website is operated by ITSAREA LTD("Area", "we", "our", or "us"), a company registered in England and Wales under company number 17179127. Our registered office is at 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

For the purposes of the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, ITSAREA LTD is the controller of any personal data we process about you in connection with this website.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact us at privacy@itsarea.com.

2. Scope of this policy

This policy applies to personal data we collect through this website (itsarea.com). Our products, including Cost Portal, are governed by separate privacy notices made available within those products.

3. Personal data we collect

Information you provide

If you contact us (for example by email), we will receive the information you choose to share with us, such as your name, email address, employer, role, and the contents of your message.

Information collected automatically

When you visit this website, our hosting provider automatically logs limited technical information for security and reliability purposes, including your IP address, the date and time of your request, the pages you accessed, your browser type and operating system, and your approximate location derived from your IP address.

4. How we use your personal data and our legal basis

Under UK GDPR, we must have a lawful basis for processing your personal data. We rely on the following bases:

  • Legitimate interests– to operate, secure and improve our website, to detect and prevent fraud or abuse, and to respond to enquiries you send us. We have considered our interests against your rights and believe these processing activities are reasonably expected and have minimal impact on your privacy.
  • Consent– where we use non-essential cookies or similar technologies, or where you opt in to receive marketing communications. You can withdraw consent at any time.
  • Legal obligation– where we need to process data to comply with applicable law (for example, responding to valid requests from public authorities, or retaining records for tax purposes).
  • Performance of a contract– where you have entered into a contract with us, or are taking steps at your request prior to entering into one.

5. Who we share your personal data with

We do not sell your personal data. We share personal data only with the following categories of recipients:

  • Hosting and infrastructure providers– including Cloudflare, which hosts and protects this website.
  • Email and productivity providers– that process correspondence you send to us.
  • Analytics and security providers– that help us understand how the site is used and protect it from abuse.
  • Professional advisers– such as lawyers, auditors and insurers, where reasonably necessary.
  • Public authorities and courts– where we are legally required to share information.
  • Successors in business– in the event of a sale, merger, reorganisation, or similar transaction.

All third-party processors are bound by written contracts requiring them to handle personal data in accordance with UK data protection law and only on our instructions.

6. International transfers

Some of our service providers are based outside the United Kingdom, including in the European Economic Area and the United States. Where we transfer your personal data outside the UK, we ensure an adequate level of protection by relying on UK adequacy regulations, the UK International Data Transfer Agreement, the UK Addendum to the EU Standard Contractual Clauses, or other lawful transfer mechanisms.

7. How long we keep your personal data

We keep personal data only for as long as necessary for the purposes for which it was collected:

  • Email correspondence: typically up to 24 months after our last exchange, unless retained longer for a specific business or legal reason.
  • Server and security logs: typically up to 90 days, unless retained longer to investigate a security incident.
  • Records required for accounting, tax or other legal compliance: as required by applicable law (typically up to 7 years).

8. Your rights

Under UK GDPR, you have the following rights in relation to your personal data:

  • The right to be informed about how we use your personal data.
  • The right of access to a copy of your personal data.
  • The right to rectification of inaccurate personal data.
  • The right to erasure (the "right to be forgotten"), in certain circumstances.
  • The right to restrict processing, in certain circumstances.
  • The right to data portability, in certain circumstances.
  • The right to object to processing based on our legitimate interests, including direct marketing.
  • The right to withdraw consent at any time, where we rely on consent.
  • Rights in relation to automated decision-making and profiling.

To exercise any of these rights, contact us at privacy@itsarea.com. We will respond within one month of receiving a valid request.

If you are unhappy with how we have handled your personal data, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO):

  • Website: ico.org.uk
  • Helpline: 0303 123 1113
  • Address: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

We would, however, appreciate the chance to address your concerns before you approach the ICO, so please consider contacting us first.

9. Cookies and similar technologies

This website uses only strictly necessary cookies required for the site to function and to keep it secure. These do not require your consent under the Privacy and Electronic Communications Regulations (PECR).

If we introduce non-essential cookies in the future (for example for analytics or marketing), we will ask for your consent before they are set, and provide a means to withdraw that consent at any time. You can also block or delete cookies through your browser settings.

10. Security

We use appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, alteration, or disclosure. However, no method of transmission over the internet or method of electronic storage is completely secure, and we cannot guarantee absolute security.

11. Third-party websites

This website may contain links to third-party websites, such as our Cost Portal product. We are not responsible for the privacy practices or content of those websites and encourage you to review their privacy notices.

12. Children

Our website and products are not directed at children. We do not knowingly collect personal data from anyone under the age of 13. If you believe a child has provided us with personal data, please contact us at privacy@itsarea.com and we will take steps to delete it.

13. Changes to this policy

We may update this Privacy Policy from time to time. We will post any changes on this page and update the "Last updated" date above. Where changes are significant, we will take reasonable steps to notify you.

14. Contact

ITSAREA LTD
71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom
Email: privacy@itsarea.com