Privacy Policy

Last updated: March 2026

Support King ("we", "us", "our"), operated in partnership with KingWalker Ltd, is committed to protecting the privacy and security of your data. This policy explains what information we collect, how we use it, and your rights under the UK General Data Protection Regulation (UK GDPR).

For the purposes of UK data protection law, KingWalker Ltd is the data controller for personal data collected through the Studio Diagnostics application and support services.

1. What Data We Collect

When you use our Studio Diagnostics application or support services, we may collect the following system configuration data:

• macOS version, build number, and pending software updates
• Hardware model, serial number, chip type, memory, CPU core count, and Apple support status
• Machine name and macOS user account name
• Installed DAW versions (Pro Tools, Logic Pro, REAPER, etc.)
• Audio plugin inventory (AU, AAX, VST3, VST) with version numbers and compatibility status
• Audio applications and HAL audio drivers with version and running status
• USB device topology, manufacturers, speeds, and hub depth
• Display names, serial numbers, resolutions, refresh rates, and connection types
• SMART disk health data for all drives
• Storage volumes with filesystem type, capacity, and free space
• Network configuration (interface names, IP addresses, MAC addresses, Wi-Fi SSID, signal strength)
• Cloud storage status (iCloud Drive, Google Drive, Dropbox, OneDrive — installed/running only)
• Time Machine backup status, destination, and last backup date
• Login items (LaunchAgents and LaunchDaemons) with labels and sources
• Crash log metadata from macOS diagnostic reports (process name, exception type, date — last 30 days)
• macOS security settings (FileVault, firewall, SIP, Gatekeeper, screen lock, AirDrop, sharing services, antivirus detection) — optional, enabled per client

2. What We Do NOT Collect

We are explicit about the boundaries of our data collection. Studio Diagnostics does not collect:

• Project files, audio files, video files, or session data
• Personal documents, photos, or media
• Passwords, credentials, or keychain data (only the app's own credentials are stored in Keychain)
• Browsing history, emails, or personal communications
• File contents of any kind
• Screen recordings, screenshots, or clipboard contents
• GPS location data

3. How We Use Your Data

The system configuration data we collect is used exclusively for:

• Remote technical support — diagnosing issues and providing recommendations without requiring an on-site visit
• Proactive monitoring — identifying potential problems (hardware degradation, driver conflicts, security gaps) before they affect your sessions
• Monthly health reports — providing a summary of your facility's technical status across all machines
• Compatibility analysis — detecting cross-subsystem conflicts, plugin version mismatches, and known issues
• Security compliance — assessing your machines against TPN and content security best practices (when security scanning is enabled)

We do not sell, share, or provide your data to any third party for marketing purposes.

4. Lawful Basis for Processing

We process your data under the following lawful bases as defined by UK GDPR:

• Contract (Article 6(1)(b)) — Processing is necessary for the performance of our support contract with you.
• Consent (Article 6(1)(a)) — You provide explicit consent when accepting the Terms & Conditions on first launch and when confirming the data consent prompt before your first report submission.
• Legitimate interest (Article 6(1)(f)) — Proactive monitoring of system health to prevent service disruption is in both our and our clients' legitimate interest.

You may withdraw consent at any time by disabling the application or contacting us.

5. Data Storage & Security

All data is transmitted and stored securely:

• Encryption in transit: All data is transmitted over HTTPS with TLS 1.3.
• Encryption at rest: Data is encrypted at rest on Cloudflare infrastructure using Cloudflare-managed encryption.
• Infrastructure: Hosted on Cloudflare (SOC 2 Type II, ISO 27001, PCI DSS Level 1, GDPR compliant).
• Region: Data is processed and stored within the EU (primary region: London, UK).
• Application security: Studio Diagnostics is Apple-notarised, code-signed with a Developer ID certificate, and uses macOS Keychain (AES-256-GCM) for secure credential storage.
• Access control: API key authentication on all endpoints, per-client licence keys, rate limiting via Cloudflare WAF, and Cloudflare Access (Zero Trust) on the engineer dashboard.
• No public access: Stored reports are in a private storage bucket with no public URL access.

6. Data Retention

We retain diagnostic data for the duration of your support contract. If your contract ends or your licence is revoked, data will be retained for a maximum of 90 days after termination, after which it will be permanently deleted — unless you request earlier deletion or ask for your data to be retained.

You may request deletion of your data at any time during or after your contract.

7. Third Parties

We use a limited number of trusted third-party services to deliver our support:

• Cloudflare — Infrastructure hosting, CDN, Workers, D1 database, R2 storage. All report data (encrypted at rest).
• Resend — Transactional email delivery for health reports and notifications. Report summaries (machine name, issue counts).
• Slack — Real-time alert notifications to your Support King engineer. Machine name, serial number, issue summary.
• Apple — Application notarisation (one-time security scan). Application binary only.

We do not sell, share, or provide your data to any other third parties.

8. Your Rights (UK GDPR)

Under the UK General Data Protection Regulation, you have the right to:

• Access — Request a copy of all data we hold about your systems.
• Rectification — Request correction of any inaccurate data.
• Erasure — Request permanent deletion of your data ("right to be forgotten"). We will confirm deletion in writing within 30 days.
• Portability — Request your data in a machine-readable format (JSON).
• Objection — Object to processing of your data based on legitimate interest.
• Restriction — Request that we limit how we process your data while a concern is resolved.
• Withdraw consent — Withdraw consent at any time by disabling the application or contacting us.

To exercise any of these rights, contact us at support@supportking.co.uk.

9. Cookies

The Studio Diagnostics application does not use cookies. The web dashboard uses browser sessionStorage to store your API key for the duration of a single browser session — this is cleared when you close the tab and is not a cookie.

10. Children

Studio Diagnostics is a professional tool for use in commercial recording and post-production studios. It is not intended for use by children under 18. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this privacy policy from time to time. The "Last updated" date at the top of this page will be revised accordingly. We will notify active clients of any material changes via email.

12. Complaints

If you are unhappy with how we handle your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

• Website: ico.org.uk
• Phone: 0303 123 1113

13. Contact

For any data protection queries, access requests, or to exercise your rights:

Email: support@supportking.co.uk
Company: KingWalker Ltd, Suffolk, United Kingdom

14. Reference

For full technical details of our security controls, please refer to our Security page or request a copy of our Security Specification (SK-SEC-001).