Privacy Policy
How we handle your personal information when using NDX:Try
Privacy Policy
Last updated: 28 November 2025
Who we are
NDX:Try is operated by the National Digital Exchange (NDX) partnership, working with UK local authorities to enable safe evaluation of cloud technologies.
What data we collect
When you request a partner tour
We collect:
- Council name
- Your name
- Email address
- Phone number (if you provide it)
- Which scenario you’re interested in
- Your availability for a session
- Any additional context you provide
When you browse the website
We collect standard web server logs including:
- Your IP address
- Pages you visit
- Browser type and version
- Date and time of your visit
Cookies and analytics
We use cookies to make this service work and to collect information about how you use it.
Essential cookies
We use essential cookies to remember your cookie preferences. These are strictly necessary for the service to function.
Analytics cookies
With your permission, we use Google Analytics 4 to understand how people use this service. This helps us improve it.
Google Analytics sets the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
_ga |
Distinguishes unique users | 2 years |
_ga_S4542PPYLS |
Maintains session state | 2 years |
We have configured Google Analytics to:
- anonymise your IP address
- not share data with third parties
- retain data for 14 months
You can change your cookie settings at any time.
For more details, see our cookies page.
How we use your data
Partner tour requests
Your information will be:
- Shared only with the AWS implementation partner assigned to your tour request
- Used solely to arrange and conduct your evaluation session
- Not used for marketing purposes without additional consent
- Retained for up to 12 months for service improvement
Website analytics
Anonymised browsing data helps us:
- Understand which scenarios are most useful
- Improve the website experience
- Identify and fix technical issues
Legal basis for processing
We process your data under the following legal bases:
- Consent - When you submit a partner tour request, you consent to us sharing your details with an implementation partner
- Legitimate interests - To improve our services and understand how the website is used
Your rights
Under UK GDPR, you have the right to:
- Access - Request a copy of the personal data we hold about you
- Rectification - Request that we correct any inaccurate personal data
- Erasure - Request that we delete your personal data
- Restriction - Request that we limit how we use your data
- Objection - Object to us processing your personal data
- Portability - Request your data in a portable format
To exercise any of these rights, contact us at ndx@dsit.gov.uk.
Data retention
| Data type | Retention period |
|---|---|
| Partner tour requests | 12 months |
| Website server logs | 90 days |
| Sandbox session data | Deleted after 90 minutes |
Data security
We protect your data through:
- Encryption in transit (HTTPS)
- Access controls limiting who can view your information
- Regular security reviews
- Secure cloud infrastructure (AWS)
Third parties
Implementation partners
When you request a partner tour, we share your contact details with a vetted AWS implementation partner. These partners are:
- Accredited AWS Partners with local government experience
- Bound by data protection agreements
- Required to use your data only for arranging the requested tour
AWS
Sandbox environments run on AWS infrastructure. AWS processes data in accordance with their Data Privacy FAQ.
International transfers
Your data is processed within the UK and European Economic Area. If data is transferred internationally, appropriate safeguards are in place.
Changes to this policy
We may update this privacy policy from time to time. The “Last updated” date at the top of this page shows when it was last changed.
Contact us
If you have questions about this privacy policy or how we handle your data:
Email: ndx@dsit.gov.uk
Address:
NDX Partnership
c/o Central Digital and Data Office
Cabinet Office
70 Whitehall
London SW1A 2AS
Complaints
If you’re not satisfied with how we’ve handled your data, you can complain to the Information Commissioner’s Office (ICO):
- Website: ico.org.uk
- Helpline: 0303 123 1113