๐ soloSupport Privacy Policy
Effective Date: April 28, 2026 ยท Version 1.0
soloSupport is a professional IT support management tool designed for independent IT consultants and managed service providers. Your client and employee data is sensitive business information. This policy explains exactly what we collect, why, and how โ so you can use soloSupport with full transparency and confidence.
1. Overview & Scope
This Privacy Policy applies to the soloSupport iOS application (the "App") developed and published by BassTech Consulting Group. It governs all personal information and professional data processed by the App, its associated backend services (Microsoft Azure), and any optional premium add-on features you purchase.
By using soloSupport, you agree to the practices described in this policy. If you do not agree, please discontinue use and contact us to request deletion of your account data.
2. Data Controller
Developer & Publisher of soloSupport
Support: support@support.basstechdev.com
Website: basstechconsulting.com
3. Data We Collect
soloSupport collects only the data necessary to deliver its IT support management functionality. We collect data in four categories:
3.1 Account & Authentication Data
| Data Element | Source | Purpose | Linked to You |
|---|---|---|---|
| Apple ID (anonymized token) | Sign in with Apple | Authentication; creates your account | Yes |
| Email address | Sign in with Apple (if you share it) | Account recovery; support communications | Yes |
| User ID (Azure AD B2C) | Generated on first sign-in | Scopes your data in our multi-tenant backend; never visible to other users | Yes |
| Display name | You enter it during onboarding | Personalization within the App | Yes |
3.2 Professional & Client Data (You Enter This)
All data in this category is information you actively create and manage within the App. It is stored in your private, tenant-isolated Azure SQL database and/or your iCloud CloudKit private container. It is never shared with other users or used for any purpose other than providing the App's functionality.
| Data Element | Feature | Where Stored | Linked to You |
|---|---|---|---|
| Employee names, email address, phone number (PII) | Client & Employee Management | iCloud / CloudKit (private container) | Yes |
| Client company name, billing rate, primary contact | Client Management | Azure SQL (private tenant) | Yes |
| Support ticket content, descriptions, activity log | Ticket Management | Azure SQL (private tenant) | Yes |
| Time entries (date, hours, description, billable flag) | Time & Billing | Azure SQL (private tenant) | Yes |
| Invoice records, billing totals, line items | Billing & Invoicing | Azure SQL (private tenant) | Yes |
| Azure connection config (tenant ID, subscription ID) | Azure Connectivity Add-on | Azure SQL (private tenant) | Yes |
| Azure client secrets and Function keys | Azure Connectivity Add-on | iOS Keychain (on-device only) | Yes โ never transmitted |
| Push notification token (APNs) | Push Alerts | Azure SQL (private tenant) | Yes |
3.3 Azure Monitoring Data (Azure Connectivity Add-on)
If you purchase and enable the Azure Connectivity add-on, soloSupport queries your connected Azure subscriptions via the Azure REST API. The following data is fetched and displayed in-app:
- Resource health status for App Services, Azure Functions, SQL Databases, and Logic Apps.
- Azure Monitor Activity Log entries (Warning and Error events, last 24 hours).
- Azure Cost Management billing summaries (current month spend and projected cost).
This data is fetched in real time and displayed within the App. It is not persisted in Azure SQL beyond the current session, with the exception of auto-generated ticket content you explicitly choose to save.
Your Azure client secrets are stored exclusively in the iOS Keychain on your device and are never transmitted to or stored in BassTech servers.
3.4 App Usage & Device Data
| Data Element | Purpose | Linked to You |
|---|---|---|
| Push notification token (APNs) | Deliver ticket update and Azure issue alerts to your device | Yes |
| App preferences and settings (UserDefaults) | Persist notification preferences and UI settings on-device | On-device only |
| In-app purchase receipt data | Validate and restore the Azure Connectivity add-on purchase via StoreKit 2 and Apple servers | Yes (Apple) |
| Crash reports and diagnostic logs | Identify and fix app stability issues | Anonymized |
4. How We Use Your Data
We use collected data solely to operate and improve soloSupport. Specifically:
- Authenticate your account and scope your data to your private tenant.
- Store and sync your client companies, support tickets, time entries, and invoice records across your devices via Azure SQL.
- Store employee PII (names, emails, phone numbers) exclusively in your private iCloud CloudKit container.
- Deliver push notifications for ticket updates and Azure resource error alerts.
- Query your Azure subscriptions via the Azure REST API on your behalf using credentials you provide and store in iOS Keychain.
- Generate invoices from your logged time entries using PDFKit on-device โ no invoice content is processed on BassTech servers beyond storing the invoice record.
- Process in-app purchases for the Azure Connectivity add-on via Apple's StoreKit 2 framework.
- Diagnose and fix app crashes and technical issues using anonymized diagnostic data.
We do not use your data to train AI or machine learning models, to serve advertisements, or for any purpose not listed above.
5. Data Sharing & Disclosure
We do not sell, rent, or trade your personal or professional data. We share data only with the service providers necessary to operate the App:
| Service Provider | Purpose | Data Shared | Jurisdiction |
|---|---|---|---|
| Microsoft Azure (Azure SQL, Azure AD B2C, Azure Notification Hubs) | Backend database, authentication, push delivery | Account data, professional/client data, notification tokens | United States |
| Apple (iCloud / CloudKit) | On-device sync of employee PII across your Apple devices | Employee name, email, phone number records | Global (Apple infrastructure) |
| Apple (StoreKit 2 / App Store) | In-app purchase validation and restoration | Purchase receipts and product identifiers | Global (Apple infrastructure) |
| Apple (APNs) | Push notification delivery | Device push token, notification payload | Global (Apple infrastructure) |
| Microsoft Azure (Azure REST API) | Querying your Azure subscriptions for resource health and cost data | Your Azure credentials (Keychain-only); health and cost data returned to your device | Dependent on your Azure region |
We may disclose your information if required by law, court order, or to protect the rights and safety of our users โ and only to the extent required.
6. Data Storage & Security
Multi-Tenant Isolation
Every soloSupport account is provisioned in a logically isolated tenant in Azure SQL and Azure AD B2C. Your client data, tickets, time entries, and invoices are scoped to your User ID and are never accessible by other soloSupport users.
Employee PII โ iCloud CloudKit
All employee personally identifiable information (names, email addresses, phone numbers) is stored exclusively in your private iCloud CloudKit container. BassTech has zero access to this data. Only a UUID reference identifier is stored in Azure SQL for relational joins โ no employee PII is stored on BassTech servers.
Azure Credentials โ iOS Keychain
Your Azure client secrets and Function keys are stored exclusively in the iOS Keychain on your device. They are never transmitted to or stored in BassTech servers or Azure SQL. They are used only at query time by the App directly calling the Azure REST API.
Encryption
- All data transmitted between the App and Azure is encrypted in transit using TLS 1.2 or higher.
- Azure SQL databases use Transparent Data Encryption (TDE) at rest.
- iCloud/CloudKit private container data is encrypted by Apple both in transit and at rest.
- iOS Keychain data is encrypted using hardware-backed encryption on supported devices.
- App preferences stored on-device are protected by iOS data protection.
Authentication
soloSupport uses Sign in with Apple exclusively for initial authentication, providing privacy-by-default account creation. Azure AD B2C manages session tokens; no passwords are stored by BassTech Consulting Group.
7. Data Retention
Your data is retained for as long as your soloSupport account is active. If you delete your account:
- All client, ticket, time entry, and invoice data is permanently deleted from Azure SQL within 30 days.
- CloudKit employee PII data is deleted when you delete the App or sign out of iCloud.
- Azure credentials stored in iOS Keychain are cleared immediately upon account deletion.
- Push notification tokens are deregistered immediately upon account deletion.
- Anonymized crash/diagnostic logs may be retained for up to 12 months for reliability purposes.
8. Your Privacy Rights
Depending on your jurisdiction, you may have the following rights with respect to your personal data:
- Access: Request a copy of the personal data we hold about you.
- Correction: Request correction of inaccurate personal information.
- Deletion: Request permanent deletion of your account and all associated data.
- Portability: Request an export of your data in a machine-readable format.
- Restriction: Request that we restrict processing of your data in certain circumstances.
- Objection: Object to processing based on legitimate interests.
To exercise any of these rights, contact us at privacy@support.basstechdev.com. We will respond within 30 days. For account deletion, you may also use the Delete Account option within the App under Settings.
9. Children's Privacy
soloSupport is intended exclusively for use by IT professionals operating a business and is not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has created an account, contact us at privacy@support.basstechdev.com and we will promptly delete the account.
10. California Privacy Rights (CCPA)
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
- Right to Know: Request disclosure of the categories and specific pieces of personal information we have collected about you.
- Right to Delete: Request deletion of your personal information, subject to certain exceptions.
- Right to Opt-Out: We do not sell your personal information. There is nothing to opt out of.
- Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.
To submit a CCPA request, contact privacy@support.basstechdev.com. We will respond within 45 days.
11. International Users (GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR) or equivalent legislation, including the rights described in Section 8 above.
Legal Basis for Processing: We process your personal data under the following legal bases: (a) Contract โ to provide the App services you have requested; (b) Legitimate Interests โ to maintain app security and diagnose technical issues; (c) Consent โ for optional features such as Azure monitoring.
Data Transfers: Your data is stored on Microsoft Azure infrastructure in the United States. Transfers from the EEA are covered by Standard Contractual Clauses (SCCs) as provided by Microsoft.
To exercise your GDPR rights or lodge a complaint, contact privacy@support.basstechdev.com. You also have the right to lodge a complaint with your local supervisory authority.
12. Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will:
- Update the Effective Date and Version at the top of this page.
- Display an in-app notice for material changes.
- For significant changes affecting how we handle your professional data, we will send an email notification to your registered address.
Continued use of soloSupport after a policy update constitutes acceptance of the revised policy.
13. Contact Us
Privacy inquiries: privacy@support.basstechdev.com
General support: support@support.basstechdev.com
Website: basstechconsulting.com
We will respond to all privacy-related inquiries within 30 days.