Privacy Policy

Last updated: 31 March 2026

[PLACEHOLDER — replace with reviewed legal copy before production launch]

1. Introduction

NZT Digital Ltd ("Company", "we", "us") is committed to protecting the privacy of users of the NZTRM platform. This Privacy Policy explains how we collect, use, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Data Controller

NZT Digital Ltd is the data controller for personal data processed through the NZTRM platform.

3. Data We Collect

• Account information: name, email address, organisation, role
• Usage data: login timestamps, pages visited, features used
• Technical data: IP address, browser type, device information
• Business data: energy consumption forecasts, trade records, and portfolio data uploaded by your organisation

4. How We Use Your Data

• To provide and maintain the Service
• To authenticate users and enforce access controls
• To generate reports and analytics for your organisation
• To send operational notifications (report deliveries, price alerts)
• To improve the Service and diagnose technical issues

5. Legal Basis for Processing

We process personal data on the basis of: (a) performance of a contract with your organisation; (b) legitimate interests in operating and improving the Service; (c) compliance with legal obligations.

6. Data Sharing

We do not sell personal data. We may share data with: infrastructure providers (hosting, email delivery) under appropriate data processing agreements; and as required by law or to protect our legal rights.

7. Data Retention

Personal data is retained for the duration of your organisation's contract with us, plus a reasonable period thereafter for legal and audit purposes. You may request deletion of your personal data at any time.

8. Your Rights

Under UK GDPR, you have the right to: access your personal data; rectify inaccurate data; request erasure; restrict processing; data portability; and object to processing. To exercise these rights, contact us at the address below.

9. Cookies

The Service uses essential cookies for authentication and session management. These are strictly necessary for the operation of the Service and do not require consent. We do not use third-party tracking or advertising cookies.

10. Security

We implement appropriate technical and organisational measures to protect personal data, including encryption in transit and at rest, role-based access controls, and audit logging.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via the Service or by email.

12. Contact

For privacy-related enquiries, contact us at privacy@nztdigital.com.