ITD2B (sole trader, Aleksei Sysoev) takes your privacy seriously. This policy explains
what data we collect, why, how it is stored and your rights regarding it.
We do not sell your personal data to any third party.
1. Data Controller
The data controller for this website and all associated services is:
ITD2B — operated by Aleksei Sysoev, sole trader
Email: support@itd2b.com
Website: https://itd2b.com
2. What Data We Collect
We collect personal data only when you actively provide it:
- Contact form submissions: name, email address, Telegram username (optional), service type and your message
- Email correspondence: your email address and the content of messages sent to support@itd2b.com
- KYC / identity documents: as required by AML compliance obligations prior to service activation — government-issued ID for individuals; registration documents for companies
- Billing information: name, company name, address, payment references as needed for invoicing
- Technical data: IP address and browser user-agent logged automatically when you submit forms (used for spam/fraud prevention only)
3. How We Use Your Data
- To respond to your enquiry — contact form data is delivered to the service owner via Telegram notification and may be stored in server logs
- To deliver services — your contact details, requirements and credentials are used to fulfil agreed work
- To issue invoices — billing details are used for accounting and legal compliance
- KYC / AML compliance — identity documents are collected as required by applicable regulations and stored securely; not used for marketing
- Fraud and spam prevention — IP addresses are retained temporarily for rate-limiting purposes
- Legal obligations — transaction and identity records may be retained as required by applicable law
We do not use your data for advertising, profiling, or sale to third parties.
4. Legal Basis for Processing
- Contract performance (Art. 6(1)(b) GDPR) — processing necessary to provide agreed Services
- Legal obligation (Art. 6(1)(c) GDPR) — KYC/AML record-keeping requirements
- Legitimate interests (Art. 6(1)(f) GDPR) — fraud prevention, server security, business communication
- Consent (Art. 6(1)(a) GDPR) — when you tick the consent box on the contact form
5. Data Retention
- Contact form logs: up to 12 months, then deleted
- Project correspondence and deliverables: up to 5 years after project completion
- Invoices and payment records: 7 years (standard accounting retention)
- KYC documents: up to 5 years after the end of the business relationship
- Rate-limit / spam prevention data: 24–72 hours
6. Data Sharing
We do not sell, rent or share your personal data with third parties for marketing. Limited sharing occurs only in these circumstances:
- Service delivery: if a subcontractor is engaged for part of your project, they receive only the minimum data necessary and are bound by confidentiality obligations
- Legal requirements: if required by a court order or law enforcement authority with proper jurisdiction
- Payment processors: your payment details are handled directly by the payment provider; we receive only transaction confirmation
Contact form submissions generate a Telegram notification to the service owner via the Telegram API (Telegram Messenger Inc.). Their privacy policy applies to that transmission.
7. Data Security
- All data in transit is encrypted via HTTPS/TLS
- Server access is restricted to the service owner
- Sensitive files (credentials, KYC documents) are not stored in publicly accessible directories
- We apply a principle of data minimisation — we only collect what is needed
8. Cookies
This website uses:
- Essential cookies only — WordPress session cookies required for site functionality. No advertising or tracking cookies are set by this site.
- Third-party resources: Google Fonts (font delivery — see Google Privacy Policy). Yandex Metrika analytics (see Yandex Privacy Policy).
You can disable non-essential cookies in your browser settings at any time.
9. Your Rights (GDPR / UK GDPR)
If you are located in the EU/EEA or UK, you have the following rights:
- Right of access — request a copy of personal data we hold about you
- Right to rectification — request correction of inaccurate data
- Right to erasure — request deletion of your data, subject to legal retention obligations
- Right to restriction — request that we limit processing of your data
- Right to portability — receive your data in a machine-readable format
- Right to object — object to processing based on legitimate interests
- Right to withdraw consent — you may withdraw consent at any time without affecting lawfulness of prior processing
To exercise any of these rights, contact: support@itd2b.com. We will respond within 30 days.
10. Children's Privacy
Our services are not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors.
11. Changes to This Policy
We may update this Privacy Policy from time to time. The current version will always be available at https://itd2b.com/privacy-policy/ with the effective date shown at the top.
12. Contact
For any privacy-related questions or to exercise your rights:
ITD2B — support@itd2b.com
If you believe we have not adequately addressed your concern, you have the right to lodge a complaint with your national data protection authority.