Aztec Logo
Client Portal
01243 200 175

Privacy Policy

How we collect, use, and protect your personal information.

Table of Contents

Full Policy Statement

Introduction

Aztec Support takes your privacy seriously. This policy outlines how we collect, use, and protect your personal information, in accordance with the UK General Data Protection Regulation (UK GDPR) and other relevant data protection laws. This applies when you use our website, interact with us (for example, at events or via our forms), or utilise our IT support services. Please read it carefully. If you have any questions, feel free to contact us using the details at the end of this policy.

This privacy policy should be read in conjunction with our disclaimer: https://aztec.support/website-disclaimer/

Who We Are

Aztec Support (“we” or “us”) is the organisation responsible for your personal data. In legal terms, Aztec Support is the “data controller”. We are a company incorporated in England and Wales (company number 4301156), and our registered office is at Cawley Place, 15 Cawley End, Chichester, West Sussex, PO19 1UZ. When this policy refers to “we” or “us,” it means Aztec Support. When we refer to “you” or “the user,” we mean any individual whose personal data we process.

What Information We Collect

We only collect personal information that we genuinely need to provide our services or respond to you. This may include:
  • Contact Details: Your name, email address, telephone number, and possibly your job title or company name (if you provide them).
  • Identification Details: Any login or account details you create with us (for example, if we provide a client portal, this could include a username/password).
  • Communication Content: Any information you choose to share when contacting us, such as the details you include in an enquiry, request, or feedback form, or correspondence via email or phone.
  • Event or Form Responses: If you fill out a sign-up form (online or in person at an event), we collect the information you enter on that form (such as your contact details and any answers to form questions).
  • Website Usage Data: When you use our website, we collect technical data like your IP address, browser type/version, device information, and cookies (see Cookies below). This helps us understand how visitors navigate our site. It may also include information about how you arrived at our site and what pages you visited.
  • Third-Party Data: Sometimes we receive information about you from third parties. For example, if you interact with our social media pages or profiles (LinkedIn, Facebook, Twitter, Instagram), those platforms might share basic information with us according to your settings. We may also get data from analytics providers (like Google Analytics) that track how people find and use our website, or from our website chat service (e.g. if you use a live chat tool on our site like Tidio, it will provide us with your chat username and the conversation content).
We consider some of the above to be personal data under UK GDPR, meaning it can identify you directly or indirectly. We do not normally collect sensitive personal data (such as health information, racial or ethnic origin, political opinions, etc.) and we do not ask for such details on our website or event forms.
 

How We Collect Your Information

We collect personal information in a few different ways:
  • Directly from You: Most data comes directly from you. For example:
    • When you contact us (by phone, email, or via our website contact form) with an enquiry or to request support, you provide us with your contact and possibly other details.
    • When you fill in a form – such as signing up for updates at an event, completing a feedback form, or subscribing to a newsletter on our website – we collect the information you enter (like your name, email, and any comments).
    • When you use our services as a client, you may provide us with information so we can deliver those services (for example, details about your IT setup or user accounts for support).
    • If you apply for a job with us or become an employee, you will be required to provide data as part of the application process (note: employment data may be subject to additional privacy notices).
  • Automatically through Our Website: When you visit our website, we use cookies and similar technologies to automatically collect technical data about your visit (as described above in Website Usage Data). This includes things like your IP address and browsing patterns on our site. We also use third-party analytics tools (Google Analytics), which use cookies to gather information about how our site is used. This automatic collection is common to most websites and helps us improve our online services. (See Cookies below for more details on what cookies we use and your choices.)
  • From Third Parties: Occasionally, we may receive information about you from other sources:
    • Analytics and Chat Providers: As mentioned, tools like Google Analytics or our chat support plugin may provide us with summary data on how you found us or which pages you visited, as well as chat transcripts if you engaged with us via chat.
    • Social Media or Public Sources: If you engage with Aztec Support on social media, or if we connect on platforms like LinkedIn, we might collect information that you’ve made public on those profiles (for example, your work contact details or messages to us). We may also use public business directories or online searches to obtain professional contact information for businesses in our target markets (B2B leads), provided it is lawful to do so and in accordance with your privacy rights.
    • Referrals or Partners: Sometimes, existing clients or partners might refer you to us or provide your contact details as a point of contact for a project. In such cases, we will inform you at the earliest opportunity and ensure that you’re happy for us to keep your information.
We do not buy marketing lists from third-party companies, nor do we harvest data from third-party sources without a valid reason. If we didn’t obtain your data directly from you, we will normally let you know how and why we acquired it when we first get in touch (this is part of your right to be informed under GDPR).
 

How We Use Your Information (Purposes & Lawful Bases)

We will only use your personal information where we have a proper reason to do so. Under the UK GDPR, this means we must have one of the lawful bases (or legal grounds) for processing. Below are the purposes for which Aztec Support may use your data, along with the corresponding lawful basis for each:
  • To Provide Products or Services Requested: If you become a client or request our services, we use your details to fulfil our contract with you (or to take steps at your request before entering into an agreement). For example, using your contact and IT system information to set up and deliver our managed IT support services, or using your email to send you a proposal you asked for. Lawful basis: Contract (fulfilling our agreements with you or responding to your requests).
  • To Respond to Enquiries and Communicate with You: We use your contact information to respond to your inquiries and provide the information or support you’ve requested. For instance, if you fill out our contact form or email us, we will use the details you provide to respond. Lawful basis: This can be Contract (if your enquiry is related to pre-contract discussions or an existing contract with us) or Legitimate Interests (it’s in both our interests to communicate effectively and answer your questions).
  • For Internal Record-Keeping and Administration: We keep records of our communications, enquiries, sales, and support provided. This helps us manage our business efficiently (e.g. tracking work done for you, scheduling follow-ups). Lawful basis: Legitimate Interests (we have a legitimate interest in maintaining proper business records and understanding our interactions).
  • To Improve Our Services and Website: We may use data (especially aggregated or technical data) to improve our offerings. For example, analysing website traffic to improve navigation, or reviewing support tickets to enhance our services. Lawful basis: Legitimate Interests (to continuously improve our products, services, and user experience). We ensure that any analytics or feedback we use for this purpose do not unfairly impact your privacy – wherever possible, we use anonymised or aggregated information for improvement purposes.
  • To Send Marketing Communications: With your permission, we may use your name and contact details to send you marketing emails or call you about our services, offers, or events that we think could be relevant to you. Lawful basis: Consent – we will only send you promotional communications if you have actively opted in to receive them. (See the Marketing Communications section below for more details on how we obtain and manage consent for marketing.)
  • To Comply with Legal Obligations: In certain instances, we are required to process or retain your data to comply with applicable laws and regulations. For example, keeping transaction records for tax/audit purposes, or disclosing information to authorities if we are legally required to (such as for fraud prevention or a court order). Lawful basis: Legal Obligation (processing is necessary for compliance with a law to which we are subject). We will only disclose what is necessary and will inform you unless legally barred from doing so.
  • To Protect Our Rights or Resolve Disputes: We may process personal data as necessary to establish, exercise, or defend our legal rights. For instance, we might keep correspondence data if it could be needed as evidence in a dispute, or use identity details to verify a user if we suspect misuse of our services. Lawful basis: Legitimate Interests (to protect our business from legal risks) or Legal Obligation (if responding to legal processes).
No Automated Decision-Making: We do not use your personal data for any automated decision-making or profiling that has legal or significant effects on you. In other words, no computer-only decisions are happening about you without human oversight. All decisions involving your data (such as what marketing to send or how to handle a support request) involve appropriate human judgment.
 
If we ever need to use your personal information for a new purpose that isn’t covered in this policy, we will update this policy and notify you of the change, as required by law. We will also make sure we have a lawful basis for the new processing.
 

Marketing Communications

We want to keep you up-to-date with our latest services, events, and offers, but we will only contact you for marketing if you choose to receive such communications. Here’s how we handle marketing:
  • Opt-In Consent: We rely on your consent to send marketing messages. This means we’ll ask you to actively opt in: for example, by ticking an unchecked box on a sign-up form indicating you agree to hear from us. We do not use pre-ticked boxes or assume your consent from silence or inactivity. You have a real choice, and saying “no” to marketing will have no effect on the services we provide you.
  • What You’re Agreeing To: When you consent, you allow us to contact you with news, updates, or offers about our services. Typically, we will reach out by email, and occasionally by phone if you have provided a number and the context suggests a call would be welcome (for instance, following up on a conversation at an event). We strive to be relevant and not intrusive – we won’t overwhelm you with messages.
  • Withdrawal of Consent: You can change your mind at any time. Every marketing email from us will include an “unsubscribe” link, allowing you to stop further emails with one click. You can also contact us directly (via email or phone) to withdraw consent. Once you opt out, we will promptly stop sending you marketing. (Note: withdrawing consent for marketing does not affect any other services we provide to you. And if you later request something from us, we may still contact you about that request, of course.)
  • No Third-Party Marketing: We will never sell or share your personal data with other companies so that they can market to you. If we ever promote a partner offer, it will come from us and be under our control. Your consent to Aztec Support’s marketing covers communications from us only.
  • Record of Consent: We maintain a record of when and how you provided consent (e.g., the form you completed or the date you subscribed). This helps us demonstrate that we’re complying with the GDPR’s consent requirements. If you withdraw your consent, we also log that. Sometimes, to ensure we respect your choice, we may retain just enough information (like your email address) on a suppression list so that we can avoid contacting you again by accident.
Embedded Consent in Forms: When we collect your details at events or via Microsoft Forms, we include a brief consent request on the form itself: for example, a statement like “I agree to Aztec Support contacting me with news and offers” with a checkbox. This is designed to meet UK GDPR standards by being clear, specific, and separate from other information. If you agree and tick the box, you’re giving us permission to use your data for marketing as described. If you don’t tick it, we will only use your data to communicate with you about that specific enquiry or event, and not for ongoing marketing.
 
Remember, it’s always your choice. Our goal is to make our marketing useful and welcome, and we’ll honour your decision if you prefer not to receive it.
 

Who We Share Your Information With

We respect that your information is confidential. We will never sell your personal data to third parties. However, we do sometimes need to share information with others in order to run our business and provide our services. The main scenarios where we share data are:
  • Within Aztec Support: Our employees and officers may access your data if necessary for their roles. For example, a support technician will view your ticket details, or a customer service representative may access your contact information to call you. All staff are trained to handle data carefully and confidentially.
  • Service Providers (Processors): We use trusted third-party companies to help us operate. These include:
    • IT and Hosting Providers: e.g. cloud storage services or data centre providers where we store our data; website hosting companies that host our website and forms.
    • Email and Marketing Platforms: e.g. software for sending out newsletters or managing customer relationships (CRM).
    • Analytics and Tech Tools: e.g. Google Analytics (website traffic analysis), or Tidio (website live chat service). These providers may process some data on our behalf (such as your IP address or chat content) to deliver their services to us.
    • Professional Advisors: e.g. our accountants, auditors, solicitors, or insurers, who may need data (such as contract details or payment records) to provide us with advice or insurance coverage.
      In all cases, we ensure these parties only access the information necessary for their task, and they are contractually obligated to protect your data and use it only for our specified purposes. They cannot use your data for their own purposes.
  • Business Partners: If we collaborate with another organisation on a project or event, we will only share data with them if you have been informed or would reasonably expect to be informed. For example, if you sign up for a co-hosted webinar, we may share the attendee list with the co-host; however, we will notify you of this when you register. Any partner is expected to safeguard your data in line with privacy laws.
  • Legal and Regulatory: We may disclose information to governmental bodies, law enforcement agencies, or regulators if required to do so by law; for instance, in response to a court order, a lawful request by police, or to meet HMRC requirements. We will carefully evaluate each request and only provide data if compelled by law or if we have a legitimate basis to do so.
  • Business Transfers: If Aztec Support is ever involved in a merger, acquisition, or sale of business assets, personal data relevant to that transaction may be transferred to the new owner as part of due diligence or completion of the sale. If this happens, we will ensure that the new owner is contractually bound to respect the terms of this privacy policy and use your data only as we have described here. You will be notified of any change of ownership or use of your personal data, and we’ll give you an opportunity to object or request deletion, as applicable.
In all sharing scenarios, we aim to anonymise or pseudonymise data when full details aren’t needed. We also share only the minimum necessary information with third parties. For example, if a third-party service only requires an email address to function, we wouldn’t also provide them with your phone number.
 
If you have questions about third parties who may have access to your data, please contact us, and we can provide more specific information relevant to your situation.
 

How We Protect Your Information

Aztec Support is committed to keeping your data secure. We’ve put in place appropriate technical and organisational measures to prevent unauthorised access, loss, or disclosure of your personal information:
  • Secure Systems: We store your data on secure servers with up-to-date security protections (firewalls, encryption, etc.). When you enter information on our website, we use HTTPS encryption (TLS) to secure data in transit.
  • Access Controls: Only staff members who require access to your personal data can view it, and they use authenticated accounts. Any sensitive data is further restricted. We regularly review who has access to what. For any accounts you hold with us, it’s important you keep your login details safe and notify us immediately if you suspect any misuse.
  • Industry Standards: We are certified to ISO 27001, an internationally recognised standard for information security management. This means we follow strict policies and processes for managing data safely. We undergo audits to maintain this certification, which covers areas like risk management, employee training, and IT security controls.
  • Employee Training and Policies: Our team is trained on data protection principles and policies. We have internal policies to safeguard data and protocols to handle it responsibly. Employees are required to maintain the confidentiality of all information.
  • Testing and Monitoring: We continually monitor our systems for potential vulnerabilities and security threats. Security measures are regularly updated and tested. We also keep our software and antivirus protections up to date to guard against threats.
  • Data Breach Procedures: Despite best efforts, no system is 100% secure. If we ever suspect a data breach that affects your personal data, we have procedures in place to contain it and fix the issue. We will also assess the risk to your rights and freedoms. If a significant breach occurs, we will inform you and the relevant authorities (like the ICO) as required by law.
In summary, we use a combination of strong security technology and strict company policies to safeguard your information. We also encourage you to be vigilant with your own data security (for example, be cautious with suspicious emails and keep your passwords secure).
 

Your Rights

Under the UK GDPR, you have various rights regarding your personal data. We uphold these rights and have processes to enable you to exercise them. Your key rights are:
  • Right to Access: You have the right to request that we confirm whether we are processing your personal data and to obtain a copy of the data we hold about you. This is commonly known as a “Subject Access Request”. We will provide you with a copy of the information in a widely used format, typically at no additional charge.
  • Right to Rectification: If any personal data we hold about you is incorrect or incomplete, you have the right to request its correction. For example, if you change your phone number or notice that we have misspelt your name, please let us know, and we will update it.
  • Right to Erasure: You have the right to request that we delete your personal data. This is sometimes called the “right to be forgotten”. You can do this, for instance, if the data is no longer needed for the purposes it was collected, or if you withdraw consent from our marketing. Please note that there are some exceptions; we may not delete data that is required to be kept by law or that is relevant to an ongoing contract or legal claim. But we will inform you if such a situation arises.
  • Right to Restrict Processing: You have the right to request that we limit the use of your data in specific circumstances. This might apply when we are dealing with a correction request or verifying a concern you have raised, or if you need us to retain data (that you’d otherwise want erased) to pursue a legal claim. When processing is restricted, we can still store your data, but we won’t use it until the restriction is lifted (unless it’s to address the issue or if you consent).
  • Right to Data Portability: For data you provided to us and that we process using automated means under consent or contract, you have the right to obtain that data in a structured, commonly used, and machine-readable format (such as CSV or PDF). You can also request that we transmit it directly to another provider, where technically feasible. In plain terms, this right makes it easier to transfer your data to others (for example, if switching service providers).
  • Right to Object: You have the right to object to our processing of your personal data in certain situations. The two most important instances are: (1) Direct Marketing: you have an absolute right to stop your data being used for marketing. If you object or opt out, we will stop sending you marketing messages (as covered above). (2) Legitimate Interests: if we are processing your data on the basis of a legitimate interest, you can object if you feel it impacts your rights. We will then reevaluate our reasons for processing versus your privacy rights. We will either stop the processing or let you know why we believe we have a compelling reason to continue (bearing in mind your rights and freedoms). In practice, you’re unlikely to object to things like basic internal record-keeping, but the option is there if you have concerns.
  • Right to Withdraw Consent: If we are processing any of your data based on consent, you have the right to withdraw that consent at any time. The most common example is that if you have subscribed to our marketing, you can revoke your consent, and we will stop using it for that specific purpose. Withdrawing consent does not affect the legality of what we did with your data before you withdrew (it was permitted at the time), but once consent is withdrawn, we’ll cease the related processing in the future.
These rights are not absolute; there are certain conditions or exemptions in specific cases. However, we will always aim to honour your request and will explain any reason we cannot (if it occurs). There is no fee for exercising your rights, except in rare cases where a request might be manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request (we will explain why if that happens).
 
How to Exercise Your Rights: The easiest way to do so is to contact us (see ‘How to Contact Us’ below) with your request. You can specifically mention which right you want to exercise (e.g. “I’d like a copy of my data” or “Please delete my account data”). You may need to provide information to verify your identity so we don’t give your data to the wrong person. We will respond as soon as possible, and within one month at most, as required by law (this can be extended by two further months for complex requests, but we’ll let you know if that’s the case).
 

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to function effectively and provide you with a better user experience. Cookies are small text files placed on your device that help us remember preferences and understand how people use our site. In summary:
  • We use necessary cookies to enable core functionality of the site (for example, keeping you logged in to any account area).
  • We use analytics cookies (like Google Analytics) to collect aggregated data on site traffic and performance, which helps us improve the site. These analytics cookies are not used to identify you personally, but they do track your IP and device info while you’re on our site.
  • We may use functional cookies to remember choices you make (such as your region or preferred language) to enhance your experience.
  • We do not use advertising cookies or engage in targeted advertising.
When you first visit our site, we’ll ask for your consent to place non-essential cookies (e.g. analytics cookies) on your device. You can always change your cookie settings or revoke consent using our website’s cookie management tool or your browser settings. Please note that disabling certain cookies may affect some features of our site.
 

Changes to This Policy

We may update this privacy policy from time to time, for example, if there are changes in how we process data or to reflect new legal requirements. If we make significant changes, we will notify you (for instance, by posting a prominent notice on our website or contacting you via email for major changes). The “last updated” date at the top will always indicate when the latest changes were made.
 
We encourage you to review this policy periodically to stay informed about how we are protecting your information. Any changes will be effective once posted, and by continuing to use our services or website after those changes, you are deemed to accept the revised policy (though, of course, if the changes require new consent, we will obtain that accordingly).
 

How to Contact Us

We welcome any questions, concerns, or requests regarding this privacy policy or how we handle your data. Please don’t hesitate to get in touch:
  • By Email: You can email us at data@aztec.support, and we will respond as soon as possible.
  • By Post: You can write to us at our registered address: Aztec Support, Cawley Place, 15 Cawley End, Chichester, West Sussex, PO19 1UZ, United Kingdom.
  • By Phone: Our main office telephone number is 01243 200 175 (if calling from outside the UK, +44 1243 200175).
  • Via Website: You may also reach out through the Contact Us form: https://aztec.support/contact/ and send us a message.
We will address your inquiry or request as thoroughly and quickly as we can. If you are contacting us to exercise a data right, please clearly state what you need, and if applicable, any relevant details (e.g. the email address for which you want data, if different from the one you’re contacting us from). This will help us process your request efficiently.
 

Compliants

We aim to resolve all privacy concerns directly and promptly. If you have a concern or complaint about how we’ve handled your personal data, please contact us first (using the contact details above) so we can attempt to resolve the issue. We will investigate and respond to all complaints we receive.
 
If you are not satisfied with our response, or you believe we are violating data protection law, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO), the UK supervisory authority for data protection. You can contact the ICO at:
  • Website: https://ico.org.uk/make-a-complaint/ (which provides guidance and an online complaint form)
  • Telephone: ICO helpline at 0303 123 1113
  • Post: Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, UK.
The ICO can provide further information about your rights and how to enforce them. However, we genuinely hope that won’t be necessary and that we can resolve any issue together. Your trust is very important to us, and we will do our utmost to uphold your privacy and address any problems.
 
 
By using our website or services, or by otherwise providing your personal information to us, you acknowledge that you have read and understood this privacy policy. This policy is not a contract, but it outlines the standards that we promise to uphold in handling your personal data. We appreciate you taking the time to read it. If anything is unclear, we’re here to help. Please reach out to us. Your privacy is important to us, and we are committed to safeguarding it at every step.
 

FAQ's

Your data rights matter to us. We believe in transparency and giving you full control over your personal information. This section explains your rights under data protection laws and how you can exercise them easily and securely.

You have the right to know what personal data we collect, why we collect it, and how it’s used. You can also request access to your data, ask for corrections, or request deletion where legally possible.

Yes. You can request a copy of all personal data we hold about you. This is called a “Subject Access Request”, and we will provide it within the legally required timeframe.

There is a Form at the bottom of this page for submitting a SAR.

In most cases, yes. If we no longer need your data for legal or contractual reasons, you can request its deletion. We’ll confirm if any data must be retained for compliance purposes.

If any personal details we hold are incorrect, you have the right to request updates. Simply contact us, and we’ll make the necessary changes promptly.

Yes. You can request restrictions on certain types of processing, such as marketing communications. We’ll respect your preferences and confirm any limitations applied.

You can contact us using the form below. We’re committed to handling all requests transparently and promptly.

Subject Access Request (SAR) Form

Request a copy of your personal data or ask for corrections.

Complete the form below to submit your Subject Access Request. We’ll respond within the legally required timeframe. You can also request data corrections, deletion or restrictions on processing.

All requests are handled with the highest level of confidentiality and in full compliance with GDPR and other applicable data protection laws. We will only use the information you provide to process your request securely and transparently.

Need a technology partner you can trust?

We’re here to help you simplify and succeed. Start your journey to smarter IT solutions today.

Explore our Solutions