Effective Date: 25 September 2025
1. About TASKRA LTD
1.1 Controller: TASKRA LTD (“we”, “us”, “our”), company number 16744448.
1.2 Registered address: 199 Cundy Street, Sheffield, England, S6 2WP.
1.3 Telephone: +44 7401 150289.
1.4 Email: support@ittaskra.com.
1.5 Website: https://ittaskra.com/.
1.6 We operate the website https://ittaskra.com/ (the “Site”) and sell digital products only. We do not operate user accounts or subscriptions/newsletters.
2. What this Policy covers
2.1 This Policy explains what personal data we collect, how and why we use it, who we share it with, how long we keep it, how we protect it, and your UK GDPR rights.
2.2 By using the Site or purchasing our products, you acknowledge this Policy. If you do not agree, please do not use the Site.
2.3 This Policy does not cover third-party websites linked from the Site.
3. Personal data we collect
3.1 Identity data: first name and last name — to correctly reference your order and address you in service communications.
3.2 Contact data: email address — to send order confirmations, download/access links, receipts and to provide support.
3.3 Order & payment metadata (non-financial): order ID, purchased product(s), amount, timestamps, fulfilment status; payment status (e.g., success/failed) returned by our payment processor.
3.4 Essential technical data: IP address, browser user-agent, request timestamps, and server/security/error logs required to run, secure and troubleshoot the Site/checkout.
3.5 We do not receive or store full card numbers or CVV/CVC (payments are processed by our provider, e.g., Stripe, on their systems).
3.6 We do not intentionally collect special-category data or criminal-offence data, and we do not target children.
4. How we obtain data
4.1 You provide it directly at checkout or when you contact us (name, surname, email, order details).
4.2 Our service providers return limited statuses (e.g., payment success/failed, email delivery/bounce), which we keep only as needed to operate the service.
4.3 Systems generate essential logs automatically (IP, user-agent, timestamps, error/security events) to maintain availability, security and performance. We do not use analytics, advertising or social-media trackers.
5. Why we use data and on what lawful bases
We process personal data only for the activities we actually perform:
5.1 Process and deliver digital orders — collect payment via provider, issue receipts, send download/access links, and answer order-related queries.
Lawful basis: performance of a contract (Art. 6(1)(b) UK GDPR).
5.2 Service communications — confirmations, fulfilment notices, and incident notifications strictly related to your purchase.
Lawful basis: performance of a contract (Art. 6(1)(b)).
5.3 Operate, secure and troubleshoot the Site/checkout — prevent misuse/fraud, investigate incidents, ensure availability and integrity.
Lawful basis: legitimate interests (Art. 6(1)(f)). Our interest is the safe and reliable provision of digital products; the impact on your privacy is minimal because we use only essential data.
5.4 Respond to lawful requests and protect rights — comply with valid requests from authorities and defend our legal rights.
Lawful basis: legal obligation where applicable (Art. 6(1)(c)) and/or legitimate interests (Art. 6(1)(f)).
We do not run unrelated marketing, newsletters, or behavioural profiling.
6. Sharing your data (limited and necessary)
We disclose personal data only to parties essential to provide the service, under contracts that protect your information:
6.1 Payment processor (e.g., Stripe) — processes payments; we receive only status/IDs, not full card details.
6.2 Hosting and infrastructure providers — operate the Site and store essential logs as our processors.
6.3 Transactional email provider — delivers receipts and download/access links.
6.4 Professional advisers/Authorities — only where required to comply with law or to protect rights/safety.
We do not sell personal data and do not share it for behavioural advertising.
7. International data transfers
7.1 If any processor/sub-processor is located outside the UK, we use recognised safeguards such as the UK International Data Transfer Agreement (IDTA) or the UK Addendum to the EU SCCs, rely on UK adequacy decisions where available, and apply appropriate technical/organisational measures (e.g., encryption, access controls).
7.2 You can request a general description of applicable safeguards at support@ittaskra.com (commercial details may be redacted).
8. Cookies and similar technologies
8.1 We use strictly necessary cookies/technologies only — for checkout operation, session integrity, and security (e.g., session token, CSRF protection).
8.2 We do not use analytics, advertising or social-media tracking cookies.
8.3 You can manage cookies in your browser. Blocking strictly necessary cookies may impair checkout and delivery. See also our Cookie Policy.
9. Security measures
9.1 Organisational: role-based access, least-privilege, staff confidentiality commitments, vendor due diligence, change control.
9.2 Technical: TLS encryption in transit; hardened hosting; firewall/WAF; backups; monitoring and alerting; integrity checks.
9.3 Operational: logging and security review; incident response procedures; periodic access reviews and retention reviews.
9.4 While no method is 100% secure, we work to prevent unauthorised access, alteration, disclosure or loss.
10. How long we keep data (retention)
10.1 Order records and related service emails: up to 24 months from fulfilment to handle support, chargebacks or disputes.
10.2 Support correspondence: up to 12 months after resolution (longer only if required to resolve a dispute).
10.3 Security/technical logs: up to 12 months, extended only for ongoing security investigations.
10.4 When retention ends, we delete or anonymise data. Anonymised data (no identification) may be retained for statistics.
11. Your rights and how to exercise them
11.1 Access — get a copy of your personal data and related information.
11.2 Rectification — correct inaccurate or incomplete data.
11.3 Erasure — request deletion where applicable (e.g., no longer needed, unlawful processing).
11.4 Restriction — temporarily limit processing in certain cases (e.g., while accuracy is checked).
11.5 Portability — receive data you provided in a structured, machine-readable format, where processing is based on contract and carried out by automated means.
11.6 Objection — object to processing based on legitimate interests.
11.7 No certain automated decisions — we do not use automated decision-making with legal or similar effects.
How to submit: email support@ittaskra.com. We may ask for limited information to verify identity. We aim to reply within one month (extensions permitted by law).
Complaints: You may contact the Information Commissioner’s Office (ICO): ico.org.uk | 0303 123 1113 | Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF.
12. Children
Our Site and digital products are not directed to children under 13. We do not knowingly collect children’s data. If you believe a child has provided data, contact us and we will delete it.
13. Third-party links
The Site may link to third-party websites. Their privacy practices are outside this Policy; please review their privacy information.
14. Changes to this Policy
We may update this Policy. The Effective Date above shows the current version. Where appropriate, we will highlight material changes on the Site and/or via service emails.
15. Contact
TASKRA LTD — 199 Cundy Street, Sheffield, England, S6 2WP
Tel: +44 7401 150289 | Email: support@ittaskra.com | Website: https://ittaskra.com/