Legal
Privacy policy.
Plain English. How Interact collects, uses and protects the personal information you share with us, whether you are reading our site, completing Your Position, or in active conversation with the team.
Effective 30 May 2026
Contents
01Who we are
"Interact" means Interact Ltd, a company providing measurement-based services for server IT efficiency. Interact is the data controller for the personal information described in this policy.
You can reach our privacy team at privacy@interactdc.com.
02Information we collect
We collect personal information in three ways:
You give it to us
- Contact form submissions: name, organisation, work email, message content
- Your Position responses: your answers to the eight questions (stored on your device, not transmitted unless you choose to share your result with us)
- Newsletter sign-ups: name and email
- Direct correspondence: anything you send us by email or call
It is collected automatically
- Standard server logs: IP address, browser type, referring page, time of request
- Cookies set by us or by our limited set of third parties, see our Cookie policy
We receive it from third parties
- Where you reach us via a mutual introduction, the introducer may share your name and role
- Publicly available information about your organisation, where relevant to an active engagement
03Why we use it
- To respond to enquiries and run the conversation you initiated
- To deliver and improve our services (Verify and Advisory)
- To send service-related communications (only when you have asked or where the contract requires it)
- To send the Interact newsletter when you have opted in
- To understand how the site is used in aggregate, so we can improve it
- To meet our legal and regulatory obligations
We do not sell personal information. We do not use it to train third-party AI models.
04Lawful basis
Under UK and EU data protection law, we rely on the following lawful bases:
ActivityLawful basis Responding to your enquiryLegitimate interests / pre-contract steps at your request Delivering services to your organisationContract performance Sending the newsletterConsent (you can withdraw at any time) Site analyticsConsent (cookie banner) where required Legal and regulatory obligationsLegal obligation
06How long we keep it
- Enquiry correspondence: up to 3 years after the last interaction
- Customer records: for the duration of the engagement plus 7 years (tax / audit retention)
- Newsletter subscribers: until you unsubscribe
- Server logs: 30 days
07International transfers
Some of our service providers are located outside the UK and EU. Where personal information is transferred internationally, we rely on UK and EU approved mechanisms, typically the UK International Data Transfer Agreement or the EU Standard Contractual Clauses, together with supplementary measures where required.
08Your rights
Under UK GDPR you have the right to:
- Access the personal information we hold about you
- Have inaccurate information corrected
- Ask us to delete information in certain circumstances
- Restrict or object to certain processing
- Request your information in a portable format
- Withdraw consent at any time (where consent is the basis)
To exercise any of these rights, email privacy@interactdc.com. We respond within one month.
09Security
We use appropriate technical and organisational measures to protect personal information against loss, misuse and unauthorised access, including access controls, encryption in transit, and a regular review of supplier arrangements. No system is perfectly secure, and we will notify you and the relevant authority of any incident where the law requires.
10Contact and complaints
Questions or complaints about this policy or our handling of your data go to privacy@interactdc.com.
If you remain unhappy, you can contact the UK Information Commissioner's Office at ico.org.uk or, if you are in the EU, your local supervisory authority.