Privacy Policy

1. Introduction and Legal Basis

Our Commitment to Data Protection

Tech Support UK Ltd ("we," "us," "our") respects the privacy of all individuals and is committed to transparent, lawful processing of personal data. This Privacy Policy applies to all personal data collected through our website (techsupportuk.co.uk), our services and our business operations. We comply fully with the UK General Data Protection Regulation (GDPR), the Data Protection Act 2018 and other applicable data protection laws in the United Kingdom.

Our Data Controller Responsibility

Tech Support UK Ltd acts as a Data Controller for personal data collected through our website and in the course of providing services. Where we collect personal data on behalf of clients, we may act as a Data Processor in accordance with Data Processing Agreements. When we act as a Processor, we process data only according to client instructions and in compliance with all data protection requirements.

Scope of This Policy

This policy applies to personal data collected by Tech Support UK Ltd including: information provided through our website contact forms, email communications, telephone conversations, service contracts, and any other interactions with our organisation. It does not apply to personal data that does not identify individuals or to data processed by third parties unless specifically stated.

2. Personal Data We Collect

Types of Personal Data Collected

We collect various types of personal data depending on the nature of our interaction with individuals. The categories of data we collect include:

Contact and Identification Data

• Full name and job title
• Telephone numbers (fixed line and mobile)
• Email addresses
• Business and postal addresses
• Company name and industry sector

Service-Related Data

• Information about technology systems and infrastructure you operate
• Details of technical issues experienced and support requested
• Service preferences and frequency of contact
• Support contract terms and service history
• Payment and billing information
• Records of communications and support provided

Technical Data

• IP addresses and device identifiers
• Browser type, operating system and version
• Pages visited and duration on website
• Referring website and search terms used
• Cookie identifiers and tracking data

System Access Data (Where Providing Technical Services)

• System access logs and authentication records
• Network traffic and connection data
• Hardware and software inventory information
• System performance and security event logs
• Backup and disaster recovery data

How We Collect Personal Data

We collect personal data through various methods:

• Direct provision through website contact forms, enquiry submissions and service requests
• Email communications and telephone conversations
• Service contracts, support agreements and documentation
• Automatic collection through website analytics, server logs and cookies
• Information provided by third parties such as companies requesting services on behalf of individuals
• Technical data collected during provision of IT support services

Data We Do Not Intentionally Collect

We do not intentionally collect sensitive personal data including racial or ethnic origin, political opinions, religious beliefs, trade union membership, genetic data, biometric data, or health information. If such data is inadvertently provided, we handle it with heightened protection in accordance with UK GDPR requirements and delete it as soon as practicable unless there is a specific legal basis for retention.

3. Legal Basis for Processing Personal Data

Our Legal Bases Under UK GDPR

We process personal data only when we have a legitimate legal basis under UK GDPR Article 6. The legal bases we rely upon include:

Contractual Performance (Article 6(1)(b))

Where you have entered into a service contract with Tech Support UK Ltd, we process personal data to perform our contractual obligations including delivering IT support services, communicating about service delivery, processing payments and maintaining service records. This is necessary to fulfil the contract and meet your requirements.

Legal Obligation (Article 6(1)(c))

We process certain personal data when legally required including financial records for tax compliance, employment records as required by employment law, and data retention when required by UK law or regulatory requirements.

Legitimate Interests (Article 6(1)(f))

We process personal data where we have legitimate business interests that are not overridden by your interests or fundamental rights. These legitimate interests include:

• Responding to enquiries and providing information about our services
• Preventing fraud and abuse of our services
• Security monitoring and threat prevention
• Business administration and operational management
• Marketing communications with existing clients about relevant services
• Maintaining accurate business records and service documentation

Consent (Article 6(1)(a))

For some processing activities, we request your explicit consent. Consent is obtained prior to processing and can be withdrawn at any time by contacting us. When we rely on consent, you have the right to withdraw it without affecting data processing before withdrawal.

Lawful Basis Assessment

We have conducted detailed assessments of our processing activities to ensure they are lawful and appropriate. Where we rely on legitimate interests, we have conducted and documented Legitimate Interests Assessments demonstrating that our interests are proportionate and do not override your rights. We maintain documentation of the legal basis for each processing activity.

4. Use of Personal Data

How We Use Your Personal Data

We use personal data for the following purposes:

Service Delivery and Support

• Providing IT support services in accordance with agreed service levels
• Responding to technical support requests and troubleshooting issues
• Managing service contracts and billing arrangements
• Communicating about service delivery, updates and maintenance activities
• Maintaining service records and technical documentation
• Providing training and user support

Communication and Contact

• Responding to enquiries and requests for information
• Sending service-related notifications and updates
• Following up on support tickets and service requests
• Notifying you of security incidents or data breaches affecting your systems
• Providing administrative communications regarding services

Marketing and Business Development

• Sending information about new services or service enhancements to existing clients
• Inviting feedback on service quality and satisfaction
• Informing about relevant industry updates or technology changes
• Following up on service enquiries from prospective clients

Security and Compliance

• Protecting against fraud, misuse and unauthorised access
• Detecting and preventing security threats and incidents
• Complying with legal and regulatory requirements
• Investigating suspected misconduct or policy violations
• Responding to legal requests or court orders

Business Administration

• Managing invoicing and payment processing
• Maintaining accurate business records
• Fulfilling tax and employment law obligations
• Audit and compliance activities
• Internal business analysis and improvement

Data Processing Limitations

We process personal data only for the purposes described in this policy and for which we have a lawful basis. We do not sell personal data to third parties, use data for automated decision-making that significantly affects individuals without safeguards, or process data in ways incompatible with the original collection purposes without additional legal basis or consent.

5. Data Sharing and Disclosure

Who We Share Data With

We share personal data with the following categories of recipients only when necessary and appropriate:

Service Providers and Third Parties

We engage selected third-party service providers to support our operations. These include cloud infrastructure providers, email services, payment processors, security service providers and telecommunications providers. All service providers are bound by Data Processing Agreements requiring compliance with UK GDPR and maintaining appropriate security. We conduct due diligence to ensure providers maintain adequate security and data protection standards.

Professional Advisors

We may share personal data with professional advisors including accountants, legal counsel and insurance providers when necessary for legitimate business purposes. These advisors are bound by professional confidentiality obligations and UK GDPR requirements.

Legal and Regulatory Authorities

We may disclose personal data when required by law or legal process, including to police, regulatory authorities, law enforcement agencies and government bodies. We will provide notice of such disclosures when legally permitted.

Business Transition Scenarios

If Tech Support UK Ltd is acquired, merges with another organisation, or undergoes insolvency proceedings, personal data may be transferred as part of business assets. We will provide notice and allow individuals to object if the new entity's data practices differ materially from this policy.

International Data Transfers

Tech Support UK Ltd operates within the United Kingdom and generally retains personal data within the UK. Any international data transfers (transfers outside the UK) are subject to appropriate safeguards as required by UK GDPR, including Standard Contractual Clauses, Binding Corporate Rules or adequacy decisions. We ensure that recipient organisations provide equivalent data protection to UK standards.

Data Sharing Restrictions

We do not share personal data with third parties for marketing purposes without explicit consent. We do not sell personal data or provide it to data brokers. We do not share sensitive data except where specifically required by law or where you have consented.

6. Data Storage and Security

Where We Store Personal Data

Personal data is stored on secure servers located within the United Kingdom. Our primary data storage infrastructure is maintained in UK-based data centres with appropriate security certifications. Backup data is stored both in the UK and in accordance with disaster recovery requirements.

Security Measures

Tech Support UK Ltd implements comprehensive security measures to protect personal data against unauthorised access, alteration, disclosure or destruction. These measures include:

• Encryption of personal data in transit using HTTPS and TLS protocols
• Encryption of sensitive personal data at rest using industry-standard encryption
• Firewall protection and network security controls
• Access controls limiting data access to authorised personnel only
• Authentication controls including passwords and multi-factor authentication
• Regular security audits and vulnerability assessments
• Intrusion detection and monitoring systems
• Incident response procedures for security breaches
• Staff security training and awareness programmes
• Physical security controls protecting data storage facilities

Data Retention and Deletion

We retain personal data only as long as necessary for the purposes for which it was collected or as required by law. Retention periods vary based on data type and legal requirements:

• Service contract data: Retained for duration of contract plus 6 years for accounting and tax purposes
• Enquiry data: Retained for 2 years if services not purchased, deleted on request sooner
• Website analytics data: Retained for 26 months before anonymisation
• Email communications: Retained for 7 years for compliance purposes
• System access logs: Retained for 90 days unless required for security investigation
• Backup data: Retained in accordance with disaster recovery requirements, deleted after archival period

When data is no longer required, we delete it securely using industry-standard methods that prevent recovery. In some cases, data is anonymised instead of deleted. If you request deletion, we will delete or anonymise personal data unless we have legal obligation to retain it.

7. Your Rights Under UK GDPR

Your Data Subject Rights

Under UK GDPR, you have the following rights regarding your personal data:

Right of Access (Article 15)

You have the right to obtain confirmation of whether personal data about you is being processed, and to receive a copy of that data. We will provide this information within 30 calendar days of your request in a structured, commonly used electronic format. We may charge a reasonable fee for additional copies requested.

Right to Rectification (Article 16)

If personal data we hold about you is inaccurate or incomplete, you have the right to require us to correct or complete it. We will make corrections without undue delay. If data has been disclosed to third parties, we will inform them of the correction unless impossible or disproportionate to do so.

Right to Erasure (Article 17)

You have the right to require erasure of personal data in certain circumstances including when data is no longer necessary, you withdraw consent, or we have no lawful basis for processing. We will comply with erasure requests unless we have legal obligation to retain the data. We will inform third parties who have received the data unless impossible to do so.

Right to Restrict Processing (Article 18)

You can request restriction of processing in certain circumstances. When processing is restricted, we retain data but limit its use. Restricted data is not processed except with your consent or for specific legal purposes. We will notify you before lifting processing restrictions.

Right to Data Portability (Article 20)

You have the right to receive personal data in a structured, commonly used, machine-readable format and to transmit it to another organisation. This applies to data provided by you or generated during your use of our services, where we process it based on consent or contract.

Right to Object (Article 21)

You have the right to object to processing of personal data on legitimate interests grounds. You also have the right to object to direct marketing communications. Where you object to marketing, we will cease such communications. We will consider objections to other processing and cease processing unless we have compelling legitimate grounds.

Rights Relating to Automated Decision Making (Article 22)

You have the right not to be subject to decisions based solely on automated processing that significantly affects you. Tech Support UK Ltd does not use solely automated decision-making for significant decisions affecting individuals.

Exercising Your Rights

To exercise any of these rights, please contact our Data Protection Officer or submit a written request to:

We will process your request without undue delay and within the required timeframe (typically 30 days). We will verify your identity before disclosing personal data. If we decline your request, we will provide reasons and advise you of your right to lodge a complaint with the ICO.

8. Data Breach Notification

Our Breach Response Procedures

Tech Support UK Ltd takes data security seriously and maintains incident response procedures for suspected data breaches. In the event of a confirmed data breach affecting personal data, we will:

• Assess the nature and extent of the breach immediately
• Notify the Information Commissioner's Office (ICO) within 72 hours if the breach poses significant risk
• Notify affected individuals without undue delay if the breach poses significant risk to their rights and freedoms
• Provide notification containing information about the nature of the breach, steps you should take and our response measures
• Document the breach, investigation and remedial measures taken
• Implement security improvements to prevent recurrence

Your Breach Rights

If your personal data is compromised as a result of a breach or our failure to protect it appropriately, you have rights under UK GDPR including right to notification, right to know breach details, right to remedies and right to lodge complaints.

9. Cookies and Similar Technologies

Cookie Use on Our Website

Our website uses cookies and similar tracking technologies to enhance functionality and understand visitor behaviour. For detailed information about cookies we use, their purposes, management options and cookie consent, please review our Cookie Policy.

Cookie Types

We use essential cookies necessary for website functionality, analytics cookies to understand usage patterns, and preference cookies to remember your choices. We do not use tracking cookies for advertising purposes without your explicit consent.

10. Marketing Communications

How We Use Your Data for Marketing

We may contact existing clients with information about new services or relevant technology updates. We do not send unsolicited marketing to individuals who have not expressed interest in our services. All marketing communications include clear information about how to opt out.

Unsubscribe and Opt-Out

All marketing communications include clear unsubscribe instructions. You can opt out of marketing by contacting us at or by clicking unsubscribe links in emails. We will respect opt-out requests immediately and remove you from marketing lists.

11. Children's Privacy

Data of Minors

Our services are not directed at individuals under 18 years of age. We do not knowingly collect personal data from children. If we become aware that we have inadvertently collected data from a minor, we will delete it immediately. Parents or guardians who believe a child's data has been collected should contact us promptly.

12. Third-Party Links and Services

External Links

Our website may contain links to external websites operated by third parties. This Privacy Policy does not apply to third-party websites. We are not responsible for the privacy practices of external sites. We recommend reviewing privacy policies of external sites before providing personal data.

Third-Party Data Processors

Where we use third-party service providers who process personal data on our behalf, we maintain Data Processing Agreements requiring compliance with UK GDPR and this Privacy Policy. These arrangements do not change your rights or our responsibilities.

13. Changes to This Privacy Policy

Policy Updates

We may update this Privacy Policy to reflect changes in our practices, technology, legal requirements or other factors. When we make material changes, we will notify you by posting the updated policy on our website and updating the effective date. For significant changes, we may provide additional notice such as prominent notice on our homepage or direct communication.

Your Continued Use

Your continued use of our website and services following policy changes constitutes acceptance of the updated policy. We recommend reviewing this policy regularly to stay informed of how we protect your data.

14. Complaints and Contact Information

Data Protection Enquiries

If you have questions about this Privacy Policy or how we handle your personal data, please contact:

Complaints to Supervisory Authorities

If you believe we have violated your data protection rights, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK's independent authority for data protection:

Right to Remedy

You also have the right to pursue legal remedies if you believe we have violated your data protection rights. We encourage you to contact us first to resolve any concerns informally.

Effective Date

This Privacy Policy is effective from 1 January 2026 and applies to all personal data processing by Tech Support UK Ltd from that date forward. We reserve the right to modify this policy at any time, with updates posted on our website.