Book a Repair

Dead or Alive Technology

Confidentiality Policy

Last Updated: 15/01/2026

Dead or Alive Technology (“we”, “us”, “our”) understands that customers entrust us with devices, storage media, and information that may be personal, sensitive, confidential, or commercially valuable. We are committed to maintaining the confidentiality, integrity, and security of all customer information encountered during the provision of our services.

This Confidentiality Policy explains how we protect and handle customer information encountered during repairs and technical services.
It should be read alongside our Privacy Policy, which governs how personal data is collected, processed, stored, and protected in accordance with the UK GDPR and the Data Protection Act 2018.

1. Relationship to Our Privacy Policy

This Confidentiality Policy does not replace or override our Privacy Policy.

  • Where personal data is processed (such as names, contact details, or identifiable information), our Privacy Policy applies in full.
  • This Confidentiality Policy focuses specifically on:
    1. Data encountered on customer devices
    2. Storage media contents

    3. Confidential information accessed during technical work

Where the two policies overlap, the Privacy Policy takes precedence in matters of data protection law and customer rights.

2. Scope of This Policy

This policy applies to all services provided by Dead or Alive Technology, including:

  • Diagnostics, repairs, and servicing
  • Data recovery, backup, and transfer
  • Malware and virus removal
  • Device health checks and upgrades
  • Repair-By-Post services
  • On-site, in-store, and remote support
  • Business IT support and maintenance
 

It applies regardless of whether services are provided in-store, at customer premises, remotely, or via postal repair.

3. Definition of Confidential Information

For the purposes of this policy, Confidential Information includes (but is not limited to):

  • Data stored on customer devices or storage media
  • Documents, photographs, videos, messages, emails, and application data
  • Login credentials, passwords, PINs, or encryption keys provided for access
  • Business records, financial information, databases, or proprietary material
  • Any recovered, transferred, or temporarily stored data
  • Any information that a reasonable person would consider private or confidential

4. Storage Media Covered

This policy explicitly applies to customer-owned storage media, whether internal or external, including:

  • Hard Disk Drives (HDDs)
  • Solid State Drives (SSDs)
  • NVMe / M.2 drives
  • External hard drives and SSDs
  • USB flash drives
  • Memory cards (SD, microSD, etc.)
  • Gaming console storage devices
  • Optical media (where applicable)

5. Access to Customer Data

We access customer data only where reasonably necessary to:

  • Diagnose a reported fault
  • Verify system operation following a repair
  • Perform a requested service (e.g. data recovery or malware removal)
  • Confirm the success of a repair or restoration
 

We do not intentionally browse, view, or use customer content beyond what is required to complete the agreed work.

Where testing is required, we apply minimal-access methods, such as confirming that a system boots, a drive is readable, or essential functions operate correctly.

6. Data Minimisation and Purpose Limitation

In line with UK GDPR principles reflected in our Privacy Policy:

  • We do not copy customer data unless required for the requested service
  • We do not use customer data for marketing, training, analytics, or any unrelated purpose
  • We do not retain customer data longer than necessary to complete and verify the service
 

All access is limited to what is proportionate and necessary.

7. Temporary Data Storage and Retention

Certain services (including data recovery, system imaging, or transfer services) may require temporary storage of customer data.

Where this occurs:

  • Temporary data is stored securely
  • Access is restricted to authorised personnel only
  • Data is retained only for as long as reasonably required
 

Unless otherwise agreed in writing, temporary data is securely deleted within 7 days of service completion or customer confirmation.

Customers may request earlier deletion once data has been successfully returned or verified.

8. Passwords, PINs, and Device Access

If customers provide passwords, PINs, or access credentials:

  • They are used solely to complete the requested service
  • They are not intentionally recorded or retained beyond the repair process
  • Customers are encouraged to change credentials after service completion
 

Where possible, customers may be asked to enter credentials themselves rather than disclose them.

If credentials are not provided and a device is encrypted, this may limit our ability to perform certain services.

9. Business and Commercial Confidentiality

For business customers, we recognise that devices may contain confidential or commercially sensitive information. We treat such data as strictly confidential and apply the same safeguards as for personal data.

Additional confidentiality or non-disclosure agreements can be provided upon request where required.

10. Repair-By-Post Confidentiality Alignment

For Repair-By-Post services, the following additional principles apply:

  • Devices are handled only for the purpose of completing the requested repair
  • Storage media is not accessed unless required for diagnostics or agreed services
  • Devices and media are stored securely while in transit and while on our premises
 

Customers are responsible for:

  • Ensuring devices are adequately packaged
  • Removing SIM cards or removable storage not required for the repair (unless relevant)
  • Backing up data where possible prior to shipping
 

Repair-By-Post customers accept that transit risks exist and should refer to our Repair-By-Post terms for packaging and liability guidance.

11. Disclosure to Third Parties

We do not sell, rent, or trade customer data.

Disclosure may occur only where:

  • Required by law or lawful authority
  • Explicitly authorised by the customer
  • Necessary to fulfil a requested service and appropriate safeguards are in place
 

We do not disclose the contents of customer storage media without clear authorisation, unless legally required.

12. Physical Security and Device Handling

We take reasonable steps to safeguard customer devices and storage media, including:

  • Secure storage of devices while in our care
  • Controlled access to work areas
  • Procedures designed to minimise loss, damage, or unauthorised access

13. Data Recovery Risks

Customers acknowledge that data recovery involves inherent risks, particularly where storage media is failing or damaged.

  • Data recovery is not guaranteed
  • Media condition may worsen during recovery attempts
  • Outcomes depend on the extent of damage
 

We will explain options and risks before proceeding wherever reasonably possible.

14. Contact Information

Questions regarding this policy or requests relating to temporary data deletion should be directed to:

Dead or Alive Technology
6 Stewarton Street
Wishaw, North Lanarkshire
ML2 8AN
Scotland, UK

Telephone: 01698 909 099
Email: info@deadoralivetechnology.com
Website: www.deadoralivetechnology.com