Privacy Policy

ICTDesk is operated by ICT Innovations, headquartered in Lahore, Pakistan. We are committed to protecting your privacy and handling your data with transparency. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data.

1. Information We Collect

Account Data

When you register for ICTDesk, we collect your name, email address, company name, and password (stored in hashed form). Tenant administrators may also provide billing contact details and organization information during onboarding.

Usage Data

We automatically collect information about how you interact with the ICTDesk platform, including pages visited, features used, conversation volumes, response times, and session durations. This data is used to improve the service and is not linked to individually identifiable profiles.

Chat and Conversation Data

ICTDesk processes live chat conversations on your behalf. The content of conversations between your agents and your website visitors is stored in our database and is accessible to your account administrators. We do not read, analyze, or sell your conversation data for any purpose other than providing the service.

Payment Information

All payment processing is handled by Stripe, a PCI-DSS compliant payment processor. ICTDesk does not store your full credit card number, CVV, or sensitive payment credentials. We receive only a tokenized reference and basic billing details (last 4 digits, card type, expiry) from Stripe.

Cookies and Local Storage

We use cookies and browser local storage to maintain your session, remember your preferences, and collect anonymized analytics. See our Cookie Policy for details.

2. How We Use Your Information

• To create and manage your ICTDesk account and workspace
• To deliver the live chat service, AI-powered features, and support tools you subscribed to
• To process subscription payments via Stripe
• To send transactional emails (account verification, password resets, invoices)
• To send product updates, security notices, and service announcements
• To analyze aggregate usage patterns and improve platform performance
• To comply with legal obligations and enforce our Terms of Service

3. Data Sharing

We do not sell, rent, or trade your personal data to third parties. We share information only in the following limited circumstances:

Stripe (Payment Processing)

We share billing-related information with Stripe to process subscription payments. Stripe operates under its own Privacy Policy and is certified PCI-DSS Level 1. You can review their policy at stripe.com/privacy.

Anthropic / Claude AI

When you use AI-powered features (such as AI bot replies or conversation summaries), conversation content may be sent to Anthropic to generate responses. Anthropic processes this data under their usage policies and does not train their models on API-submitted data by default. We encourage you to review Anthropic privacy terms for complete details.

Legal Requirements

We may disclose information if required to do so by law, court order, or governmental authority, or if we believe in good faith that such disclosure is necessary to protect the rights, safety, or property of ICTDesk, our users, or the public.

4. Data Retention

We retain your account data for as long as your account is active. If you cancel your subscription, we will retain your data for 90 days to allow account recovery, after which it will be permanently deleted from our active systems. Anonymized, aggregate analytics data may be retained indefinitely.

You may request early deletion of your data by contacting us at privacy@ictdesk.net.

5. Security

ICTDesk implements industry-standard security measures to protect your data:

• TLS/SSL encryption on all data in transit between your browser and our servers
• Encrypted storage for sensitive fields including passwords (bcrypt hashing) and API tokens
• Regular security audits and dependency updates
• Access controls limiting staff access to customer data on a need-to-know basis
• Automated backups with point-in-time recovery

No system is 100% secure. If you suspect a security issue, please notify us immediately at privacy@ictdesk.net.

6. Your Rights (GDPR)

If you are located in the European Economic Area or the United Kingdom, you have the following rights under GDPR:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data (“right to be forgotten”).
• Right to Data Portability: Request your data in a machine-readable format.
• Right to Restrict Processing: Ask us to limit how we use your data in certain circumstances.
• Right to Object: Object to processing of your data for direct marketing purposes.

To exercise any of these rights, email privacy@ictdesk.net. We will respond within 30 days.

7. Cookies

ICTDesk uses cookies to keep you logged in, remember your settings, and collect anonymized usage analytics. We do not use advertising cookies or share cookie data with ad networks. For full details, see our Cookie Policy.

8. Children’s Privacy

ICTDesk is a business-to-business platform not directed at children. We do not knowingly collect personal information from anyone under the age of 16. If you believe we have inadvertently collected such information, contact us immediately at privacy@ictdesk.net.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we make material changes, we will notify you by email and update the effective date at the top of this page. Continued use of ICTDesk after any update constitutes your acceptance of the revised policy.

10. Contact Us

For privacy-related questions, data requests, or concerns:

• Email: privacy@ictdesk.net
• Company: ICT Innovations, Lahore, Pakistan
• Website: ictdesk.net