Privacy Policy

1. Data Controller

iTYZER Ltd (Company No. 16817299), registered in England and Wales, is the data controller for personal data processed through the LeadTYZER platform. Contact: privacy@leadtyzer.com

2. What Data We Collect

For clients: Name, company name, work email address, billing information (processed by Stripe, never stored by us), usage data, order history, and login records.

For B2B leads in our database: Professional contact information only — name, job title, work email address, work phone number, company name, company website, LinkedIn profile URL, company sector, and company size. We process only professional information. We do not process consumer data, sensitive personal data, or personal data of individuals acting outside a professional capacity.

3. Lawful Basis for Processing

For client accounts: Contract performance (Article 6(1)(b) GDPR) — processing is necessary to provide the LeadTYZER service.

For B2B lead data: Legitimate Interests (Article 6(1)(f) GDPR). Our legitimate interest is the operation of a B2B lead intelligence service. The individuals whose professional data we hold are business professionals whose contact information is publicly available through business registries, company websites, and professional networks. We have conducted a Legitimate Interests Assessment (LIA) and determined that our processing does not override the rights of data subjects, given the exclusively professional nature of the data and the availability of a simple opt-out mechanism.

4. Data Retention

Client account data is retained for the duration of the subscription plus 7 years for billing and legal purposes. B2B lead data is re-verified every 90 days. Leads that cannot be re-verified are removed. Opted-out contacts are immediately removed from all active lead pools and will never be delivered to any client.

Billing records are retained for 7 years in compliance with UK tax law. Activity logs are retained for 2 years for security and fraud prevention purposes.

5. Your Rights

Under UK GDPR, you have the following rights: right of access (Article 15), right to rectification (Article 16), right to erasure (Article 17), right to restriction of processing (Article 18), right to data portability (Article 20), right to object (Article 21), and rights related to automated decision-making (Article 22).

To exercise any right, email privacy@leadtyzer.com. We respond within 30 days. To remove your professional contact information from our database, use our public opt-out page at leadtyzer.com/optout or email privacy@leadtyzer.com.

6. International Transfers

Our primary infrastructure is hosted on Vercel (EU-West Ireland) and Supabase (EU-West Ireland). Some data may be processed by our service providers in the United States including Stripe (payments) and Anthropic (AI scoring). All transfers to the US are covered by appropriate safeguards including Standard Contractual Clauses.

An EU Representative will be appointed by Month 2 of operations in compliance with Article 27 GDPR for our EU-based clients.

7. Cookies

We use only essential cookies necessary for platform operation (session management and authentication). We do not use advertising cookies, tracking pixels, or third-party analytics that share data with advertisers. Full details in our Cookie Policy.

8. ICO Registration

iTYZER Ltd is registered with the Information Commissioner's Office (ICO) as required for organisations processing personal data in the UK. Registration reference available on request.

9. Contact and Complaints

For any privacy questions: privacy@leadtyzer.com. If you are unsatisfied with our response, you have the right to lodge a complaint with the ICO at ico.org.uk.