CustomConfig Ltd ("we," "us," "our") is committed to protecting the privacy of our clients, website visitors, and anyone who interacts with us. This Privacy Policy outlines how we collect, use, store, and protect personal data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
By using our website or services, you agree to the terms outlined in this Privacy Policy.
- CustomConfig Ltd is a consultancy and support provider for businesses that use Apple devices. We offer technical support, consultancy, and managed services to help businesses optimise their technology.
For any data protection concerns, you can contact us at:
Data Protection Officer (DPO)
contact@customconfig.co
CustomConfig Ltd
[Business Address]
- We may collect and process the following types of personal data:
- Identity data: Name, job title, company name
- Contact data: Email address, phone number, business address
- Technical data: IP addresses, device information, browser type, and other data collected through cookies or analytics
- Communication data: Messages sent via email, web chat, or other communication platforms
- Client account data: Login credentials securely stored in an encrypted, access-controlled password management system
We collect data in the following ways:
- When you contact us via our website, email, phone, or web chat
- When you sign up for our services
- When you engage with us through social media or marketing campaigns
- Through cookies and website analytics
- We use your personal data for the following purposes:
- To provide and manage our services
- To communicate with you about our services, support requests, and business updates
- To improve our website and services through analytics and user feedback
- To comply with legal and regulatory obligations
- To process payments and manage billing
- We do not use personal data for automated decision-making or profiling.
6. Legal Basis for Processing
We process personal data under the following lawful bases:
- Contractual necessity: When data processing is required to fulfil our contract with you
- Legitimate interests: When processing is necessary for the operation of our business, unless your rights override these interests
- Consent: When you have given clear consent for us to process your data, which can be withdrawn at any time
- Legal obligation: When processing is necessary to comply with legal or regulatory requirements
- We only retain personal data for as long as necessary to fulfil the purposes outlined in this policy.
- Data related to client services will be retained for the duration of the contract and securely deleted upon termination
- Communications such as emails and support logs may be retained for reference and service improvement
- Financial records will be kept for at least six years as required by UK tax laws
- We take data security seriously and implement appropriate technical and organisational measures to protect personal data, including:
- Encryption of sensitive data
- Access controls and password management systems
- Regular security audits and employee training
- Secure disposal of personal data when no longer required
- We do not sell, rent, or trade personal data with third parties.
- We may share data with:
- Service providers: Third-party platforms we use for business operations, such as cloud hosting, analytics, and automation tools, all of which are compliant with UK GDPR
- Legal authorities: If required by law or to enforce our legal rights
10. International Data Transfers
- We primarily store and process data within the UK. However, in some cases, we may use cloud-based tools that process data on servers outside the UK.
- Any international data processing will comply with UK GDPR and use approved safeguards such as Standard Contractual Clauses (SCCs) or the UK-US Data Bridge where applicable
- We do not permanently store personal data on servers outside the UK
11. Your Rights Under UK GDPR
- You have the following rights regarding your personal data:
- Right to access: You can request a copy of the personal data we hold about you
- Right to rectification: You can ask us to correct inaccurate or incomplete data
- Right to erasure: You can request that we delete your personal data, subject to legal requirements
- Right to restrict processing: You can request that we limit how we use your data
- Right to object: You can object to our use of your data for certain purposes
- Right to data portability: You can request a copy of your data in a machine-readable format
- To exercise any of these rights, please contact us at contact@customconfig.co
12. Cookies and Tracking Technologies
Our website may use cookies and tracking technologies to improve user experience and analyse traffic.
- You can control cookies through your browser settings
- Essential cookies required for website functionality cannot be disabled
- Analytics and marketing cookies require your consent
13. AI-Powered Support and Communication
- We use AI-driven systems to enhance support and service delivery.
- AI responses are based on internal documentation and do not access personal or client-specific data
- Support interactions may be used to improve AI training and service efficiency
- AI is not responsible for decision-making, and human support is always available if required
14. Data Breaches and Incident Response
- In the event of a data breach:
- We will assess the impact and take immediate action to secure data
- If required, we will notify affected individuals and the Information Commissioner's Office (ICO) within 72 hours
- We will implement measures to prevent future incidents
15. Contact and Complaints
For any privacy-related concerns, requests, or complaints, please contact:
- Data Protection Officer (DPO)
- contact@customconfig.co
- CustomConfig Ltd
- Address
If you are not satisfied with our response, you can file a complaint with the Information Commissioner's Office (ICO) at
www.ico.org.uk.
16. Updates to This Policy
We may update this Privacy Policy from time to time. Any changes will be posted on this page, and where appropriate, we will notify you by email or other communication channels.
This policy was last updated on 6th February 2025.
