Privacy Policy for Shrewd LMS

Terus Technology Ltd

Effective Date: [14 January 2026]

Terus Technology Ltd (“we”, “us”, or “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and protect personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

We are the data controller for the personal data we process in relation to our general operations and website. For the Shrewd LMS service, we act as a data processor on behalf of our customers (organisations) who are the data controllers. Our registered office is 128 City Road, London, EC1V 2NX. We are registered with the Information Commissioner’s Office (ICO) under reference: ZA565966.

You can contact our Data Protection Officer (DPO) at dpo@teruselearning.co.uk or via our website contact form.

1. Personal Data We Collect from Website Visitors

Our website is primarily informative and does not collect or store personal data from general visitors. We do not use cookies or similar tracking technologies at present.

We reserve the right to implement Google Analytics in the future to analyse website usage. If we do so, we will:

  • Update this Privacy Policy accordingly.
  • Obtain necessary consent where required.
  • Provide information on how data is processed by Google (as a processor) and options to opt out (e.g., via the Google Analytics Opt-out Browser Add-on).

Server logs may temporarily record IP addresses and other standard information for security and troubleshooting purposes, but this is not used to identify individuals and is deleted routinely.

2. Personal Data Collected via Contact Methods

Contact by Email

If you contact us directly via email (e.g., to an address on our website), we will receive the personal data you provide, such as your name, email address, and any details in your message.

Our email system is provided by Microsoft (Microsoft 365/Outlook). Emails are stored securely on Microsoft’s servers, which comply with industry standards for data protection.

Contact via Website Contact Form

If you submit our website contact form, we collect the personal data you enter (typically name, email address, and message).

  • The lawful basis for processing is our legitimate interests or steps prior to entering a contract.
  • We retain correspondence only as long as necessary.
  • We do not use this data for marketing unless you explicitly consent.

3. Personal Data Processed When Working with Customers

When we provide services to customers (business clients), we may process personal data as part of project delivery.

  • Project Management: Managed via GitHub and ClickUp.
  • Email Correspondence: Stored in Microsoft systems per retention policy.
  • End-User Data: Only processed if explicitly agreed.

4. Personal Data Processed in Shrewd LMS

Shrewd LMS is a Learning Management System provided as a Microsoft Teams app, hosted on UK-based DigitalOcean servers.

  • Types of Personal Data: Azure AD identifiers, learning progress data, uploaded content.
  • Purpose of Processing: Authentication, learning tracking, reporting.
  • Lawful Basis: Contract performance.
  • Security: Encryption, access controls, UK hosting.

Data Processing Agreements (DPAs):

Use of Shrewd LMS is governed by Microsoft marketplace terms and our Terms of Service, which incorporate GDPR-compliant data processing provisions.

5. International Data Processing and Transfers

We employ team members in Indonesia. Where international transfers occur, we apply appropriate safeguards including IDTRAs and UK International Data Transfer Agreements.

6. How We Protect Your Personal Data

  • Access controls and encryption.
  • Regular security reviews.
  • Contracts with processors requiring GDPR protection.

7. Data Retention

  • Enquiry emails: until resolved.
  • Project-related data: per project lifecycle.
  • Shrewd LMS data: as instructed by the organisation.

8. Sharing Your Personal Data

  • With processors (Microsoft, GitHub, ClickUp, DigitalOcean).
  • With team members as required.
  • If required by law.

9. Your Rights

  • Access, rectification, erasure.
  • Restriction and objection.
  • Data portability.

You may lodge a complaint with the Information Commissioner’s Office (ICO) at www.ico.org.uk.

10. Changes to This Policy

We may update this policy from time to time. Significant changes will be notified via our website.

For questions, contact our DPO at dpo@teruselearning.co.uk.

Privacy Policy Terms of Use
Copyright © 2025 Terus Technology Ltd All rights reserved.
Registered in England Company No. 11131023 Kemp House 128 City Rd, London EC1V 2NX