Legal

Privacy Policy

Effective April 22, 2026

This policy explains what data Itero Desk ("Itero", "we") collects from users of the Itero Desk platform, how we use it, and the choices you have. It applies to the Itero Desk web application, marketing website, and related services.

1. Data we collect

Account & workspace data

  • Your name, email and, optionally, your avatar and phone number.
  • Your company name, branding (logo, accent colour) and team members you invite.
  • Authentication information (hashed password, session tokens).

Operational data you enter

  • Lead contact details, itineraries, pricing, destinations, accommodations, vehicles, guides, and similar library content.
  • Email threads you sync from your configured mailbox to track lead communication.
  • Files and images you upload (cover photos, PDFs, supporting attachments).

Usage & technical data

  • Log data: IP address, browser and device type, pages visited, timestamps.
  • Minimal product analytics to understand which features are used and to detect errors.

2. How we use data

  • To provide the service: run your workspace, generate proposals, calculate pricing, send emails.
  • To communicate with you about account activity, billing and important product changes.
  • To secure the service: detect abuse, rate-limit, investigate incidents.
  • To improve the product in aggregate. We do not sell your data or use it to train third-party AI models.

3. AI features

Some features (for example draft itineraries and welcome letters) use large language models provided by third parties (such as Anthropic). When you use those features, the relevant prompt text is sent to the model provider to generate a response. We do not use your inputs to train foundation models, and we ask providers to retain request data only for the shortest period permitted by their policies.

4. Multi-tenant isolation

Each company gets its own workspace. Data is scoped per tenant: other customers cannot read or write your records. Administrative access by our team is limited to what is necessary to operate or debug the service, and is logged.

5. Sub-processors

We use a small set of infrastructure and tooling providers to run the service, including:

  • Cloud hosting and database infrastructure.
  • Email delivery (transactional email).
  • Payment processing (for billing).
  • AI model providers (for AI-assisted features, when you use them).
  • Error monitoring and product analytics.

Contact us for the current list of sub-processors.

6. Retention

We keep your workspace data as long as your account is active. After cancellation we retain data for a limited period to allow account recovery and to meet legal obligations, and then delete or anonymise it. You can request earlier deletion at any time.

7. Your rights

Depending on where you are based, you may have the right to access, correct, export or delete your personal data, and to object to certain processing. You can exercise these rights by writing to us at the address below.

8. Security

We use encryption in transit (HTTPS), encryption at rest for the database, hashed passwords and role-based access controls. No system is perfectly secure. If you believe your account has been compromised, contact us immediately.

9. Children

Itero Desk is not intended for children under 16. We do not knowingly collect data from them.

10. Changes

If we change this policy materially we will notify account admins by email and, where the change is significant, in the app. Continued use after an update means you accept the revised policy.

11. Contact

Questions or requests about this policy: use our contact form.