At iTOM (Inventory Turbo Order Manager), your privacy matters. We are committed to protecting your personal data and being transparent about how we collect, use, and safeguard it.
This Privacy Policy outlines how we comply with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

1. Who We Are
   iTOM is a multi-channel listing and inventory management platform that helps sellers manage their listings across multiple marketplaces. For the purposes of data protection law, iTOM is the Data Controller of your personal information.
   If you have any questions, you can contact us at:
   📧 gdpr@itomconnect.com
2. What Data We Collect
   We only collect the data necessary to operate our service effectively. This may include:
   • Your name and contact details (e.g. email address)
   • Your account login credentials
   • Connected marketplace account details
   • Product and inventory data (as submitted by you)
   • Analytics data on how you use iTOM (e.g. page visits, login times)
   We do not collect sensitive personal data (e.g. health or financial information) unless required by law or clearly explained to you.
3. How We Use Your Data
   We use your personal data to:
   • Provide access to your iTOM account
   • Connect to third-party marketplaces (e.g. eBay, Amazon, eBUYgumm)
   • Process and sync your listings
   • Deliver customer support
   • Inform you of changes, updates, and system notifications
   • Monitor and improve system performance and security
   We will never sell your data or share it with third parties for marketing purposes.
4. Lawful Basis for Processing
   We rely on the following lawful bases to process your data:
   • Contractual obligation – to provide you with the services you’ve signed up for
   • Legitimate interests – to operate and improve the platform
   • Consent – for optional features like newsletters or marketing emails
   • Legal obligation – if we are required to retain or disclose certain data by law
5. Data Sharing
   We may share limited data with trusted service providers who help us operate iTOM (e.g. cloud storage, analytics platforms, email services). These providers are bound by strict confidentiality and data protection obligations.
   We do not share your data outside the UK or EEA unless necessary for service delivery and with adequate safeguards in place.
6. How Long We Keep Your Data
   We retain your personal data only as long as necessary to provide our services or as required by law. You may request deletion of your data at any time (see Section 8).
7. Your Rights Under GDPR
   You have the following rights:
   • Right of access – to see the data we hold about you
   • Right to rectification – to correct inaccurate or incomplete data
   • Right to erasure – to request deletion of your data
   • Right to restrict processing – to limit how we use your data
   • Right to data portability – to receive your data in a readable format
   • Right to object – to processing based on legitimate interests
   • Right to complain – to the UK’s Information Commissioner’s Office (ICO)
   To exercise any of these rights, email us at gdpr@itomconnect.com.
8. Data Security
   We take all reasonable technical and organisational measures to protect your personal data from unauthorised access, misuse, or loss.
   These include:
   • Secure login systems
   • Encrypted data transfers
   • Regular backups
   • Access restrictions for staff and partners
9. Changes to This Policy
   We may update this Privacy Policy from time to time. If we make significant changes, we’ll notify you by email or within your iTOM dashboard.
10. Contact
    If you have questions, concerns, or would like to exercise your data rights, please contact:
    gdpr@itomconnect.com