top of page

Privacy Policy

​

Karma Bytes

 

Last updated: 30th November 2025

​

Karma Bytes is a consumer and micro-business technology support brand operated by InfraZen Ltd, a company registered in England and Wales. We are committed to protecting your privacy and handling your personal data responsibly, transparently, and in accordance with UK data protection law.

You can contact us about any privacy matters at: warren@infrazen.ltd

1. Who We Are

Karma Bytes is a trading name of InfraZen Ltd, The Collingwood Buildings, 38 Collingwood Street, Newcastle upon Tyne, NE1 1JF, UK.
InfraZen Ltd is the data controller for all personal data collected through our repair, diagnostics, data recovery, refurbishment and related technical services.

2. Personal Data We Collect

We only collect information necessary to deliver our services effectively. This may include:

  • Name and contact details (address, email, phone number)

  • Device details (model numbers, service tags, serial numbers)

  • Information provided via online forms, emails, phone calls or support requests

  • Diagnostic data or logs captured by remote tools

  • Customer files temporarily stored during repair or data recovery work

  • Payment-related information processed through third-party providers

  • Website cookies used for analytics, functional purposes and marketing (managed via CookieYes)

We do not intentionally collect biometric data or other special category data. Occasionally, a device provided for repair may contain personal files; we process these only as required to perform the service.

3. How We Collect Your Data

Your personal data may be collected through:

  • Online enquiry or booking forms

  • Email and telephone communication

  • In-person appointments

  • Remote diagnostic tools

  • Our repair shop management platform (RO)

  • Customer relationship management tools and accounting platforms

4. How We Use Your Data

We use your personal data for the following purposes:

  • To diagnose, repair or recover data from your device

  • To manage your appointment or service request

  • To communicate with you throughout your repair

  • To issue invoices, receipts or contractual documentation

  • To maintain internal records and accounts

  • To provide follow-up communication, including periodic check-ins

  • To improve our website and understand how visitors interact with it

  • To send marketing newsletters, only where explicit consent has been provided (double opt-in)

5. Legal Bases for Processing

We rely on the following lawful bases under UK GDPR:

  • Contract – to deliver repair, recovery and refurbishment services

  • Legitimate interests – for internal record-keeping, device history checks, fraud prevention and periodic customer check-ins

  • Consent – for marketing emails and non-essential cookies

  • Legal obligation – for financial record retention

6. Data Storage, Security and Retention

We take data security seriously. Measures include encrypted storage, restricted access, secure cloud platforms and the use of encrypted external SSDs for temporary file backups.

Retention periods:

  • Temporary repair or recovery backups: erased as soon as you authorise deletion, or retained for up to 1–2 years where needed

  • Customer details for follow-ups: reviewed approximately every 6 months

  • General customer records: held for 12–24 months before cleansing

  • Accounting records: retained for up to 6 years, as required by law

Backups and customer data are never kept longer than necessary.

7. Third Parties and International Transfers

We use several trusted third-party providers, including:

  • RO (repair shop SaaS)

  • Xero (accounting)

  • Google Workspace

  • Microsoft 365

  • WiX (website hosting)

  • Attio (CRM)

These providers may store data in the UK, EU or US.
Where data is transferred outside the UK, we rely on UK GDPR-approved safeguards such as adequacy regulations or standard contractual clauses.

We do not sell or share personal data with third parties for their own marketing.

​

Mobile App Privacy – Google Play Store

This section applies to the Karma Bytes mobile application distributed through the Google Play Store.

1. Data Collected by the App

The app may collect the following information when you use it:

  • Basic contact details (name, email, phone number) if you submit them through in-app forms

  • Device identifiers necessary for app operation (model, OS version)

  • Diagnostic information related to crashes or performance (Google Play services)

  • Optional analytics data, where consent is given

The app does not collect sensitive data, biometric data, financial information, or precise location.

2. How App Data Is Used

Data collected by the app is used:

  • To manage your repair request or support enquiry

  • To ensure the app functions correctly

  • To improve stability and performance

  • To provide optional analytics and usage insights (if consented)

3. Data Sharing

We do not sell data.
Data may be shared only with:

  • Google Play services (analytics, crash reporting, core functionality)

  • Our CRM, repair management and email tools are strictly for service delivery

  • Cloud service providers are already listed in our main Privacy Policy

Appropriate safeguards under UK GDPR cover all sharing.

4. Data Security

App data is stored securely using:

  • Encrypted transmission (HTTPS/TLS)

  • Access control on our internal systems

  • Google Play’s built-in security protections

5. Data Retention (App-Specific)

Data submitted via the app follows the same retention schedule as listed in the main Privacy Policy:

  • Temporary repair or recovery data: deleted immediately or within 1–2 years

  • Contact information: retained for 12–24 months for service history and follow-ups

  • Diagnostic information: retained by Google according to its own policies

6. Your Choices

You can:

  • Disable analytics and optional data categories via system or Google account settings

  • Request deletion of identifiable data by emailing warren@infrazen.ltd

  • Uninstall the app at any time, which stops all future data collection

7. Google Play Compliance

This app complies with:

  • Google Play User Data Policy

  • Google Play Families Policy (if applicable)

  • Google Play Safety Section requirements

  • Data safety labels submitted to the Google Play Console

​

Mobile App Privacy – Apple App Store

This section applies to the Karma Bytes mobile application distributed through the Apple App Store.

1. Data Collected by the App

Depending on the features you use, the app may collect:

  • Contact details you submit through in-app forms

  • Device information (model, OS version)

  • Crash logs and performance data (via Apple)

  • Optional usage analytics (if you enable sharing)

The app does not collect payment details, precise location, health data, or any data Apple classifies as “Sensitive”.

2. How App Data Is Used

Data is used to:

  • Respond to support or repair enquiries

  • Improve the reliability and functionality of the app

  • Provide essential app features

  • Generate aggregate analytics if you have opted in

3. Data Sharing

Your data may be shared with:

  • Apple’s analytics and crash-reporting services

  • Our CRM and repair shop systems are strictly for operational purposes

  • Cloud-based email, account and storage systems are listed in the main policy

We do not track users across other apps or websites.

4. App Tracking Transparency (ATT)

The app does not use tracking technologies that require Apple’s App Tracking Transparency (ATT) prompt.
If this changes in future, you will be asked for explicit permission.

5. Data Retention (App-Specific)

Retention mirrors the main Privacy Policy:

  • Technical logs: retained by Apple for a limited period

  • Personal data submitted through forms: retained 12–24 months

  • Repair-related data: up to 1–2 years or until deletion is confirmed

6. Data Security

We follow Apple’s secure development guidelines, including:

  • Encryption of data in transit

  • Secure storage within compliant cloud systems

  • No local storage of personal data beyond what is required for app operation

7. Apple App Store Compliance

The app is designed in accordance with:

  • Apple App Store Review Guidelines

  • Apple Privacy Policy Requirements

  • Apple’s Data Categories and Privacy Nutrition Labels

​

8. Cookies & Website Analytics

Our website uses cookies for:

  • Essential functionality

  • Analytics and performance

  • Personalisation

  • Marketing and advertising

CookieYes manages user consent and allows you to control which cookies are active. You can change your preferences at any time.

9. Your Rights

Under UK GDPR, you have the right to:

  • Access your personal data

  • Request correction of inaccurate information

  • Request erasure of your data

  • Object to certain types of processing

  • Restrict processing in specific circumstances

  • Withdraw consent where processing is based on consent

  • Request data portability

To exercise your rights, contact: warren@infrazen.ltd

10. Children’s Data

We do not knowingly collect or process the data of children under 16. If you believe we hold such data, please contact us.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be published on our website, with the “Last updated” date amended accordingly.

​

bottom of page