Legal
Privacy Policy
Last updated: 25 February 2026
AC Tech Services Ltd ("we", "us", "our") is committed to protecting your privacy. This policy explains how we collect, use, and safeguard your personal data in accordance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Data Controller
The data controller responsible for your personal data is:
AC Tech Services Ltd
United Kingdom
Email: [email protected]
2. Data We Collect
We may collect and process the following categories of personal data:
2.1 Information you provide
- Name, email address, phone number when you contact us or use our services
- Company name and job title for business clients
- Account credentials when accessing our client portal (via Microsoft Entra ID)
- Support ticket content and communications
2.2 Information collected automatically
- Device information (operating system, browser type) when using our remote support tools
- IP address and approximate location
- Usage data from our portal and websites (pages visited, features used)
- Technical logs from remote management sessions
2.3 Information from third parties
- Authentication data from Microsoft Entra ID when you sign in to our portal
- Business contact information from our corporate clients
3. Legal Basis for Processing
We process your personal data on the following legal bases:
- Contract performance: to provide IT services, remote support, and manage your account
- Legitimate interests: to improve our services, ensure security, and prevent fraud
- Legal obligation: to comply with applicable laws, regulations, and legal processes
- Consent: where you have given specific consent, such as for marketing communications
4. How We Use Your Data
We use your personal data to:
- Provide and maintain our IT management, cloud, and support services
- Authenticate and manage access to our client portal
- Conduct remote support sessions and device management
- Process support tickets and respond to enquiries
- Send service notifications and important updates
- Improve our services and develop new features
- Comply with legal obligations and protect our rights
5. Remote Support & Device Management
When you use our remote support or device management services, we may temporarily access your device screen, files, and system settings to provide technical assistance. Remote sessions are logged for security and quality purposes. You can terminate a remote session at any time.
6. Data Sharing
We may share your personal data with:
- Microsoft Corporation: for authentication (Entra ID), email, and cloud services (Microsoft 365, Azure)
- Amazon Web Services: for infrastructure hosting (EU-West-1 region)
- Cloudflare, Inc.: for website hosting, DNS, and security services
- Professional advisors: legal, accounting, and insurance providers as necessary
- Law enforcement: when required by law or to protect our legal rights
We do not sell your personal data to third parties.
7. International Transfers
Some of our service providers operate outside the UK. Where personal data is transferred internationally, we ensure appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the Information Commissioner's Office (ICO) or adequacy decisions.
8. Data Retention
We retain your personal data for as long as necessary to fulfil the purposes described in this policy, unless a longer retention period is required by law. Specifically:
- Account data: retained while your account is active and for 12 months after closure
- Support ticket data: retained for 24 months after resolution
- Remote session logs: retained for 12 months
- Financial records: retained for 7 years as required by UK tax law
9. Your Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Rectify inaccurate or incomplete data
- Erase your data ("right to be forgotten")
- Restrict processing of your data
- Data portability — receive your data in a structured, machine-readable format
- Object to processing based on legitimate interests
- Withdraw consent at any time where processing is based on consent
To exercise these rights, contact us at [email protected]. We will respond within one month.
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data, including encryption in transit and at rest, access controls, regular security assessments, and employee training.
11. Complaints
If you are not satisfied with how we handle your personal data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):
Website: ico.org.uk
Telephone: 0303 123 1113
12. Changes to This Policy
We may update this privacy policy from time to time. We will notify you of any significant changes by posting the updated policy on our website and updating the "Last updated" date.
13. Contact
For any questions about this privacy policy or our data practices, please contact us:
AC Tech Services Ltd
Email: