clear logo
Contact

Privacy Policy

Privacy Policy

ITNextGen Limited
Website: www.itnextgen.co.uk
Last Updated: 1st August 2025

ITNextGen Ltd. is committed to protecting the privacy of third parties (including its customers and all visitors to the website www.itnextgen.co.uk (the “Website”)). Please read the following Privacy Policy which explains how we use and protect your information.

We endeavour to ensure that all information from which you can be identified (“Personal Information”) provided to, or otherwise obtained by, us is handled in accordance with the UK Data Protection Act 2018, the UK General Data Protection Regulation and all similar or related legislation (the “Data Protection Legislation”). You can be assured that your Personal Information will only be used by ITNextGen in accordance with this Policy.

By visiting and/or contacting us through the Website (or otherwise engaging with us), you acknowledge that we may collect, use and transfer your Personal Information as set out in this Policy. ITNextGen reserves the right to change this Policy from time to time and you should therefore check this page frequently to ensure that you are happy with any changes.

In this Policy, “ITNextGen”, “we”, “us” and “our”, refer to ITNextGen Limited, registered in England & Wales with registered office at Midsummer Court, 314 Midsummer Boulevard, Milton Keynes, MK9 2UB. Our company registration number is 09727213

For the purposes of the Data Protection Legislation, we are deemed to be the “data controller” in respect of any Personal Information that you provide to us or we otherwise obtain about you.

This Privacy Policy covers:

  1. Personal Information that we collect from you
  2. Personal Information that we receive from other sources
  3. What we do with your Personal Information
  4. How we share your Personal Information
  5. Our security and data retention measures, and any transfers we make outside of the UK
  6. Accessing and updating your Personal Information
  7. Complaints
  8. IP addresses and website analytics
  9. Changes to this Policy
  10. Our Contact Information

1. Personal Information that we collect from you

When you engage with us (e.g. sending us emails or by visiting or making an enquiry through the Website), you may provide information about yourself including your name and contact details (e.g. your address, email address and telephone number), your job title, company name, and business requirements. Where you apply for a role with us, we may collect your CV and employment history. Where you make use of our Website we may also collect information about your use of the Website (e.g. your IP address, choice of web browser, pages visited, and time spent on our site).

Some of this information is collected and processed so we can perform a contract with you, some for the purpose of legal compliance and some for the purposes of our legitimate business interests, namely to:

  • Carry out and improve our technology consulting, implementation and managed services business
  • Analyse the use of our Website and services
  • Support our customers and users with Dynamics 365, Azure, AI/ML, and digital transformation services
  • Develop and maintain business relationships with clients in public sector, healthcare, banking and fintech sectors

In order to support our business development and deliver our technology services we require a database of client and prospect personal data containing historical project information as well as current business requirements.

To maintain, expand and develop our business we need to record the personal data of prospective clients and professional contacts in our target sectors.

To deliver our consulting and managed services we need to contact clients and prospects on a regular basis, through various routes such as email, phone, service alerts and other relevant business communications.

2. Personal Information that we receive from other sources

We may receive information from third parties who collect Personal Information from you and pass it on to us, including:

  • Business partners and referral sources
  • Microsoft and other technology partners
  • Professional networking platforms (LinkedIn)
  • Industry directories and public sources
  • Event organizers and conference platforms

Where this is the case the third party is responsible for obtaining the relevant consents from you to ensure you are happy with the ways in which your Personal Information will be used.

3. What we do with your Personal Information

We will only use your Personal Information in order to:

(a) Supply the technology services you have requested and correspond with you regarding Dynamics 365, Azure, AI/ML, managed services, and digital transformation projects (b) Provide technical support and consulting services to you in respect of these services (c) Improve our Website and services (d) Where relevant, process your application for employment (e) For our internal business processes and relationship management

Where you have explicitly consented at the time we collected your Personal Information or where we otherwise have a right to do so, we may also use your Personal Information to:

  • Let you know about our technology products, services and solutions that may be of interest to you
  • Inform you about important changes or developments to our services
  • Send you industry insights, thought leadership content, and best practices
  • Invite you to webinars, workshops, and industry events
  • Share case studies and success stories relevant to your sector

This communication may be by post, telephone, and e-mail.

From time to time, we may also use your Personal Information to contact you for market research purposes related to technology trends, digital transformation needs, and service feedback. We may contact you by email, phone or mail. This will only happen where you have opted-in to receive such communications or where we have a legitimate business interest.

We may also use the Personal Information to customise the Website according to your interests and business sector.

If you change your mind about us using your Personal Information in the ways described in this Policy, please let us know by contacting us at email@itnextgen.co.uk. You may also opt out of receiving marketing emails from us by following the instructions outlined in the email.

4. How we share your Personal Information

Where it is necessary for the performance of our contract with you or for our internal business processes, we may share your Personal Information with:

Technology Partners:

  • Microsoft (for Dynamics 365, Azure, Office 365 services and support)
  • Cloud service providers (AWS, Azure) for hosting and infrastructure
  • Software vendors for project implementation and support

Business Partners:

  • Professional service partners for joint project delivery
  • Subcontractors and specialist consultants
  • Training and certification providers

Service Providers:

  • Payment processors for transaction processing
  • IT support providers for system maintenance
  • Marketing platforms for business communications
  • Professional advisors (legal, accounting, insurance)

If our business enters into a joint venture with, purchases or is sold to or merges with another business entity, your Personal Information may be disclosed or transferred to the purchaser, our new business partners or owners or their advisors.

In addition, it may be necessary to disclose your Personal Information if we are under a duty to disclose your Personal Information in order to comply with any legal obligation, enforce our Terms and Conditions and any other agreement, or protect the rights, property, or safety of ITNextGen, our group companies and our contractors, directors, employees or other personnel. This includes exchanging information with other companies and organisations for the purposes of fraud protection and prevention.

Digital Marketing and Analytics:

Please note we are currently using Google’s display advertising online and LinkedIn advertising for professional targeting. It means that third-party vendors including Google and LinkedIn will show our adverts on selected websites. At ITNextGen we use third-party vendors to show ads on sites across the internet. In order to improve the relevancy of our ads, third-party vendors sometimes use cookies to serve ads based on past visits to our website. You can opt out of seeing these adverts by visiting Google’s Ads Settings or LinkedIn’s advertising preferences. Alternatively, you can opt out of a third-party vendor’s use of cookies by visiting the Network Advertising Initiative opt out page.

Third-Party Processors:

Our carefully selected partners and service providers may process personal information about you on our behalf as described below:

Digital Marketing Service Providers: We periodically appoint digital marketing agents to conduct marketing activity on our behalf, such activity may result in the compliant processing of personal information.

CRM and Business Intelligence: We use customer relationship management systems and business intelligence tools to manage client relationships and analyze business performance.

We will also share your contact details with third party partners in the event that you have consented to receive information from such third parties about complementary technology services. If you change your mind about being contacted by these parties in the future, please let us know by contacting us using the details set out at section 10 below or contact the third party directly.

5. Our security and data retention measures, and any transfers we make outside of the UK

The Personal Information you provide to us will be transferred to and stored securely on our servers in the UK and we take steps to protect your Personal Information from unauthorised access and against unlawful processing, accidental loss, destruction and damage.

Security Measures:

  • Encryption in transit (TLS 1.3) and at rest (AES-256)
  • Multi-factor authentication and role-based access controls
  • Regular security assessments and penetration testing
  • ISO 27001 Information Security Management System
  • Staff security training and awareness programmes

Unfortunately, the transmission of information via the internet is not completely secure and, although we will take steps to protect your information, we cannot guarantee the security of your Personal Information transmitted via the Website; any transmission is therefore at your own risk.

Data Retention:

We will hold your personal information only when necessary or relevant to our business relationship and/or to our legal obligations:

  • Client project data: 7 years after project completion (for contractual and legal requirements)
  • Financial information: 7 years (as required by applicable UK tax law and HMRC requirements)
  • Marketing contacts: 3 years from last engagement or until consent is withdrawn
  • Website analytics: 26 months (Google Analytics default retention)
  • Employment applications: 6 months after recruitment process completion

Only where it is relevant to your specific matter will such information be retained on your file. Your information will then require secure storage and ultimately destruction by our archiving contractors in accordance with our data retention guidelines.

International Transfers:

In processing your Personal Information, it may be necessary for us to transfer your Personal Information outside the UK, particularly for:

  • Microsoft services (Office 365, Dynamics 365, Azure) hosted in various global regions
  • Cloud service providers and technology partners
  • International client project delivery

It may also be accessed by staff operating outside the UK who work for us or for one of our suppliers. This includes staff engaged in the provision of technical support services and project delivery.

We will take all steps reasonably necessary to ensure that your Personal Information is treated securely and in accordance with this Policy and the Data Protection Legislation when it is processed in, or accessed from, a location outside the UK. This means that we will only transfer your Personal Information to third parties outside the UK if that third party:

(a) Is situated in a country that has been confirmed by the UK government to provide adequate protection to Personal Information, or (b) Has agreed (by way of written contract with Standard Contractual Clauses) to provide all protections to your Personal Information as required by the Data Protection Legislation.

6. Accessing and updating your Personal Information

You have the right to ask us not to process your Personal Information for marketing or research purposes. We will usually inform you (before collecting your Personal Information) if we intend to use your Personal Information for such purposes or if we intend to disclose your Personal Information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data. You can also exercise the right at any time by contacting us at the details set out at section 10 below.

You have the following rights under Data Protection Legislation:

  • Right of Access: See the Personal Information we hold about you
  • Right of Rectification: Ask us to make any changes to ensure that any Personal Information we hold about you is accurate and up to date
  • Right of Erasure: Ask us to erase or stop processing any Personal Information we hold about you where there is no longer a legal ground for us to hold it
  • Right to Data Portability: Transfer any information we hold about you to a specified third party
  • Right to Restrict Processing: Limit how we process your data in certain circumstances
  • Right to Object: Object to processing based on legitimate interests or for marketing purposes

If you wish to exercise any of these rights, please contact us on SAR@itnextgen.co.uk or for any other information or support please contact us via the contact details in section 10 below.

We will respond to your request within one month of receipt. For complex requests, we may extend this period by two further months and will notify you accordingly.

7. Complaints

Should you have any queries or complaints in relation to how we use your Personal Information, please contact us using the details set out at section 10 below.

Should you wish to take any complaints or queries further, you have the right to contact the Information Commissioner’s Office (ICO) regarding such issues:

Information Commissioner’s Office

  • Website: www.ico.org.uk
  • Phone: 0303 123 1113
  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF

Our Website may, from time to time, contain links to and from third party websites including Microsoft, technology partners, and industry resources. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these websites or their related policies. Please check these policies before you submit any Personal Information via these websites.

8. IP addresses and website analytics

Your IP Address is a number that is automatically assigned to the computer or network that you are using by your Internet Service Provider (ISP). Your IP address can be considered personal data, as it might uniquely identify you as an individual (for example the IP address of your business network). Our server may log IP Addresses when a user visits our website, along with the time of the visit and the page(s) that were visited. Collecting IP Addresses is standard practice on the Internet and is done automatically by many websites.

Website Analytics:

We use Google Analytics to understand how visitors interact with our website, which helps us improve our services and user experience. This includes tracking:

  • Pages visited and time spent on each page
  • Geographic location (city/region level)
  • Device and browser information
  • Referral sources and search terms used

Business Intelligence:

ITNextGen uses business intelligence systems to identify which businesses visitors to our website are from, which we then use to track the performance and engagement with our technology services marketing activities. This system uses visitor IP addresses and other identifiers.

ITNextGen has completed a Legitimate Interest Assessment (LIA) as advised by the ICO. Based upon this assessment it is deemed that the rights and freedoms of any data subject would not be overridden in our processing of the personal data and that in no way would a data subject be caused harm by ITNextGen processing. It is also deemed that business development and sales outreach is necessary in the context of following up with website visitors and conducting ITNextGen technology consulting business.

Cookies:

We use cookies to enhance your website experience and provide relevant content. Our Cookie Policy provides detailed information about the types of cookies we use and how you can manage your preferences.

9. Changes to this Policy

ITNextGen may amend this Policy at any time with reasonable notice. Material changes will be prominently posted on the Website and, where appropriate, notified to you by e-mail. By continuing to use the Website and making use of our services you agree to the updated Policy. If you do not agree to any changes that we make, you should not use or access (or continue to use or access) the Website and/or our services.

We will maintain previous versions of this Policy for reference and they will be available upon request.

Version History:

  • Version 2.0: 1st August 2025 (Revised)
  • Next Review: 1st August 2026

10. Our contact information

If you have any questions about this Privacy Policy, your Personal Information, or our data processing practices, please contact us:

Data Protection Enquiries: Email: email@itnextgen.co.uk

Subject Access Requests: Email: email@itnextgen.co.uk

General Enquiries: Email: email@itnextgen.co.uk
Phone: +44 (0)1908 847400
Address: ITNextGen Limited, Midsummer Court, 314 Midsummer Boulevard, Milton Keynes, MK9 2UB

Business Hours: Monday to Friday: 9am to 5:30pm

Data Protection Officer: For complex data protection matters, you can contact our Data Protection Officer at: email@itnextgen.co.uk

This Privacy Policy is designed to comply with UK GDPR and the Data Protection Act 2018. We are committed to protecting your privacy and handling your personal information responsibly.

Document Information:

  • Document Owner: Data Protection Officer, ITNextGen Limited
  • Effective Date: 1st August 2025
  • Classification: Public
  • Review Frequency: Annual

Scroll to Top