Last updated: February 2024
Privacy policy
Bay Area IT Tech LLC Privacy Policy
Effective Date: 10/01/2025
This Privacy Policy explains how Bay Area IT Tech (referred to as “we,” “us,” or “our”) collects, uses, and discloses personal information when you use our IT services, managed services, cloud solutions, website, and other products (collectively, the “Services”).
1. Scope of this Policy
This policy applies to:
- Clients and Client Personnel who utilize our Managed IT Services, Cloud Hosting, or other technology solutions.
- End Users who interact with our services via our client’s systems (where we act as a Data Processor).
- Visitors to our website, https:bayareait.tech
2. Information We Collect
We collect information directly from you, automatically through your use of our Services, and from third parties.
| Category of Information | Examples of Data Collected | Purpose/Source |
| A. Identifiers & Contact Data | Name, email address, phone number, postal address, unique client ID, username. | Provided by you during signup, contract negotiation, or support requests. |
| B. Financial & Billing Data | Payment information (e.g., credit card details, bank account info), transaction records. | Provided by you for service subscriptions and billing. |
| C. Service/Usage Data | Log files, error reports, system access times, performance metrics, ticket history, IP addresses, device identifiers, operating system. | Collected automatically from your use of the Services to monitor, secure, and troubleshoot. |
| D. Sensitive Information | Passwords (typically stored in encrypted form), security questions, and, for certain services, client data that may contain sensitive categories like employee or customer data. | Provided by you to enable us to manage and support your IT infrastructure. |
| E. Website & Cookie Data | Browsing history on our website, information collected via cookies, web beacons, and other tracking technologies. | Collected automatically for website analytics, marketing, and personalization. |
3. How We Use Your Information (Purposes of Processing)
We use the collected information for the following purposes and under the following legal bases (where applicable, e.g., GDPR):
| Purpose of Use | Legal Basis (e.g., GDPR) |
| To Provide & Manage Services | Necessary for the performance of a contract. |
| Technical Support & Troubleshooting | Necessary for the performance of a contract; Legitimate Interest (to maintain system health). |
| Billing & Account Administration | Necessary for the performance of a contract; Legal Obligation (tax, accounting). |
| Security & Fraud Prevention | Legitimate Interest (protecting our systems and clients); Legal Obligation. |
| Improvement of Services | Legitimate Interest (to analyze usage and enhance our technology offerings). |
| Marketing & Promotional Communications | Consent (for direct marketing); Legitimate Interest (for existing clients/services). |
Export to Sheets
4. Data Processing on Behalf of Our Clients (Data Processor Role)
In many cases, we act as a Data Processor and our Client acts as the Data Controller.
- When we access or host a Client’s internal systems, databases, or end-user data (e.g., in a cloud environment or for a backup service), we do so strictly on the Client’s instructions as defined in the Master Service Agreement (MSA) and/or a separate Data Processing Addendum (DPA).
- In this capacity, the Client is responsible for establishing the legal basis for processing, managing data subject rights, and providing required privacy notices to their own employees and customers.
5. Sharing and Disclosure of Information
We may share your personal information with the following third parties:
- Sub-Processors & Service Providers: Trusted third-party vendors who perform services on our behalf, such as cloud hosting providers, software developers, or payment processors. These parties are contractually obligated to protect your data and only use it for the purposes we specify.
- Legal & Compliance: When required by law, subpoena, or other legal process, or if we believe in good faith that such action is necessary to comply with a legal obligation, protect our rights or property, or ensure the safety of our clients or the public.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity.
- With Your Consent: We may share information with other third parties when you explicitly consent to the disclosure.
6. Data Security
We are committed to protecting your personal information. We employ reasonable and appropriate technical, organizational, and physical security measures to protect against unauthorized access, disclosure, or destruction of your data. These measures include:
- [Example: Data encryption at rest and in transit]
- [Example: Multi-factor authentication for administrative access]
- [Example: Regular security audits and vulnerability assessments]
However, please note that no method of transmission over the Internet or method of electronic storage is 100% secure. We cannot guarantee absolute security.
7. Data Retention
We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law (e.g., for tax, accounting, or legal requirements).
8. Your Privacy Rights
Depending on your jurisdiction (e.g., residents of the EEA, UK, or California), you may have the right to:
- Access: Request a copy of the personal information we hold about you.
- Correction/Rectification: Request that we correct inaccurate or incomplete data.
- Deletion/Erasure (“Right to be Forgotten”): Request the deletion of your personal information, subject to certain exceptions.
- Object or Restrict Processing: Object to or request the restriction of processing your personal information.
- Data Portability: Request that we transfer your personal information to another organization.
- Opt-Out of Sales or Sharing (e.g., CCPA/CPRA): If applicable, opt out of the “sale” or “sharing” of your personal information for targeted advertising.
To exercise any of these rights, please contact us using the details in Section 10.
9. Changes to this Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will post the updated policy on our website and update the “Effective Date” at the top. We encourage you to review this policy periodically.
10. Contact Us
If you have any questions or concerns about this Privacy Policy or our data practices, please contact us:
Bay Area IT Tech Attention:
Privacy Officer Email: [email protected]
Mailing Address: 1075 1st St, Ste 5, Benicia, CA 94510