IT Directory Docs

Privacy Policy

Effective Date: 06/20/2026
Last Updated: 06/20/2026

Ido Homri Software ("we," "us," or "our") is committed to protecting the privacy and security of our users and their organizations. This Privacy Policy explains how we collect, use, disclose, and protect personal and organizational information when you use IT Directory and its related services.

By accessing or using our Services, you agree to the terms of this Privacy Policy.

1. Scope of Policy

This Privacy Policy applies to:

  • The IT Directory platform, including modules for hardware inventory, software asset management, employee directory, domain monitoring, connector integrations, and others.
  • Websites, applications, APIs, and communications provided by Ido Homri Software.
  • IT staff and administrators with login accounts, as well as employees and end users whose data is managed through the platform on behalf of a customer organization.

2. Controller vs. Processor

IT Directory serves organizations ("Customers") as a multi-tenant platform. The nature of our role depends on the category of data:

We are the data controller for information users provide directly when creating and managing their own accounts.

We are a data processor acting on behalf of the Customer for employee records, asset assignments, and data imported via third-party connectors. In these cases, the Customer organization is the data controller.

3. Information We Collect

3.1 Information You Provide

  • Account Details: Name, email address, password, and role.
  • Organization Data: Company name, structure, and sub-organization relationships.
  • Employee Records: Staff information entered or imported by Customer administrators, including names, contact details, job titles, departments, and asset assignments.

3.2 Information from Third-Party Connectors

When Customers enable integrations, we import data on their behalf from:

Third-party identity providers, device management systems, DNS and domain registrars, and other services the Customer connects to IT Directory. The data imported depends on the integration and may include employee directory information, device inventory details, domain records, and related metadata.

3.3 Information Collected Automatically

  • Session Data: An authentication cookie is set when you log in to maintain your session.
  • Usage & Performance Data: We may collect information about how you interact with the platform, including pages visited, features used, and performance metrics, to operate and improve the Services.
  • Technical Information: This may include your IP address, browser type, operating system, and device information.

4. How We Use Information

We use your data to:

  • Deliver and maintain platform functionality and user experience.
  • Authenticate users and enforce role-based access within organizations.
  • Power inventory tracking, asset management, and connector sync workflows on behalf of Customers.
  • Send transactional emails such as password resets and email verification links.
  • Respond to security incidents and user support requests.
  • Comply with legal obligations and regulatory frameworks (e.g., GDPR, CCPA).

We do not use personal data to serve advertising or train machine learning models.

5. Legal Basis for Processing (for GDPR Users)

We process data based on:

  • Contractual necessity (to deliver the Services).
  • Legitimate interest (e.g., to maintain platform security and reliability).
  • Customer instructions (for employee and device data processed on their behalf).
  • Legal obligation (e.g., responding to lawful requests).

6. Data Sharing and Disclosure

We do not sell your data. We may share data with:

  • Authorized Users: Within your organization based on assigned roles and permissions.
  • Vetted Subprocessors: Including email delivery providers and cloud infrastructure providers, each subject to contractual data protection obligations.
  • Third-Party Connectors: We make outbound calls to third-party APIs using credentials provided by the Customer. We do not send Customer data to these services beyond what is necessary to retrieve the data the Customer has authorized.
  • Regulators or Legal Entities: When required by law or lawful request.

7. Data Security

We use industry-standard measures to protect your data:

  • Encryption in transit and at rest
  • Role-based access control (RBAC) with strict multi-tenant isolation
  • Secure credential storage for third-party integration secrets
  • Short-lived tokens for password reset and email verification flows

8. Data Retention

We retain data only for as long as necessary to:

  • Fulfill the purposes described in this policy.
  • Meet audit, compliance, and legal requirements.

Upon account termination or written request, we securely delete your data within a reasonable timeframe.

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the data we hold about you.
  • Correct inaccurate information.
  • Delete your personal data (right to erasure).
  • Restrict or object to processing.
  • Data Portability: Receive your data in a structured format.
  • Withdraw consent where applicable.

If you are an employee whose data was imported by a Customer organization, please direct your request to that organization, as they are the data controller for that data.

To exercise your rights, contact us at info@itdirectory.app

10. International Data Transfers

Your data may be transferred and stored in countries where we or our service providers operate. We ensure appropriate safeguards (e.g., Standard Contractual Clauses) are in place for such transfers.

11. Children's Privacy

Our Services are intended for IT professionals and are not directed to individuals under 18. We do not knowingly collect data from children. If you believe a child has provided personal data, contact us immediately.

12. Cookies and Tracking Technologies

We use a single authentication session cookie to maintain your logged-in session. We may use additional cookies for analytics or performance purposes, which will be disclosed in an updated cookie notice. You can clear this cookie at any time by logging out or clearing your browser cookies.

13. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be notified via email or platform banner. Continued use after changes constitutes acceptance.

14. Contact Us

If you have questions, requests, or complaints about this Privacy Policy or our data practices, contact:

Email: info@itdirectory.app
Website: https://itdirectory.app