Legal
Privacy Policy
Last updated: 13 July 2026
This policy explains how Sontech Communications collects, uses and protects personal data, in line with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.
1. Who we are
Sontech Communications is a sole trader business run by Simon Kenning, based in Wincanton, Somerset (VAT No. GB 426 7808 71). For the purposes of data protection law, Simon Kenning, trading as Sontech Communications, is the "data controller" responsible for your personal data.
Contact: info@sontech.co.uk | 0845 867 5679
2. What this policy covers
This policy applies to personal data collected when you visit sontech.co.uk, contact us by phone or email, or engage us to provide IT support, network, or AI adoption services.
3. This website does not collect data automatically
Sontech Communications' website does not use cookies, analytics, or tracking technologies, and it does not include any forms that submit data to us. Getting in touch happens only if you choose to call or email us directly. See our Cookie Policy for full detail on how the site itself handles (or rather, doesn't handle) data.
4. What data we collect
We only collect personal data that you give us directly, specifically:
- Enquiry data — your name, email address, phone number, business name, and the details of your enquiry, when you contact us to ask about or request a quote for our services.
- Client data — if you go on to become a client, we may also hold your billing address, invoicing and payment details, and any technical information reasonably necessary to carry out the work (for example, network configuration details, account information, or device details you provide so we can deliver support).
5. Why we process your data, and our legal basis
- To respond to your enquiry and provide quotes — legitimate interests in running our business and answering the questions you've asked us.
- To deliver services you've engaged us for — necessary to perform our contract with you.
- To meet accounting, tax and VAT obligations — necessary to comply with our legal obligations as a VAT-registered business.
- Anything beyond the above — only ever with your specific consent, which you're free to withdraw at any time.
6. How long we keep your data
Enquiry data that doesn't turn into a client relationship is kept for no longer than 12 months and then deleted. Client, invoicing and financial records are kept for the period required by HMRC for tax purposes, currently six years from the end of the relevant tax year.
7. Who we share your data with
We do not sell, rent, or trade your personal data. Limited data may be shared with:
- Our accountant or bookkeeper, for the purpose of invoicing and tax compliance;
- Cloud service providers we rely on to run the business, such as Microsoft 365 for email hosting, where relevant to servicing a client engagement;
- Any specific platform or tool a piece of work requires (for example, remote-support software), used only for the duration and purpose of that job.
Each of these acts as a data processor and is bound by its own data protection obligations. Where a service provider processes data outside the UK or the European Economic Area as part of its standard infrastructure (as major cloud providers often do), appropriate legal safeguards — such as the UK's International Data Transfer Agreement or Standard Contractual Clauses — apply to that transfer.
8. Keeping your data secure
We take reasonable technical and organisational steps to protect your personal data, including password-protected systems, access limited to Simon Kenning as sole proprietor, and use of reputable, security-conscious service providers for anything handled in the cloud.
9. Your rights
Under UK GDPR, you have the right to:
- Ask what personal data we hold about you and receive a copy of it (right of access);
- Ask us to correct inaccurate or incomplete data (right to rectification);
- Ask us to delete your data, where there's no legal reason for us to keep it (right to erasure);
- Ask us to restrict or object to how we use your data in certain circumstances;
- Ask for your data in a portable format, where technically feasible;
- Withdraw consent at any time, where consent is the basis for processing.
To exercise any of these rights, contact us using the details above. If you're unhappy with how we've handled your data, you also have the right to complain to the Information Commissioner's Office (ICO) at ico.org.uk.
10. Children's data
Our services are aimed at businesses, sole traders and adult individuals. We do not knowingly collect personal data from anyone under the age of 18.
11. Changes to this policy
We may update this policy from time to time, for example if our services or the way we handle data changes. Any updates will be posted on this page with a revised "last updated" date.