Privacy Policy

1. Scope and Applicability

This Privacy Policy governs the collection, use, disclosure, and protection of personal information by IT Network Systems, LLC (“the Company,” “we,” “us,” or “our”). This Policy applies to all users of the Company’s websites, applications, products, and services. Jurisdiction‑specific rights and obligations apply as outlined herein, including those under HIPAA, the GDPR, and the CCPA/CPRA.

2. Categories of Information Collected

The Company may collect the following categories of information:

  • Information provided directly by the user — including identification, contact information, account credentials, and, where applicable, health‑related information.

  • Technical and usage information — including IP address, device identifiers, browser type, access times, and interaction data.

  • Information collected for compliance purposes — including identity verification, audit logs, and records required by law.

The Company collects only information necessary for lawful business operations, security, and service improvement.

3. Permitted Uses of Information

Personal information may be used for the following purposes:

  • Provision, maintenance, and enhancement of services

  • Authentication, fraud prevention, and security

  • Compliance with contractual, legal, and regulatory obligations

  • Communication regarding service updates, notices, or support

  • Internal analytics and operational functions consistent with applicable law

Personal information is not used for targeted advertising, profiling, or automated decision‑making that produces legal or similarly significant effects.

4. No Sale or Sharing of Personal Information

IT Network Systems, LLC does not sell, rent, share, or otherwise disclose personal information to third parties for marketing, advertising, cross‑context behavioral advertising, or other commercial purposes.

Disclosure occurs only under the following limited circumstances:

  • To service providers acting on behalf of the Company under binding confidentiality and data‑protection obligations

  • To comply with applicable laws, regulations, legal processes, or governmental requests

  • To protect the rights, property, or safety of the Company, its users, or the public

  • With the explicit, informed consent of the user

This prohibition applies under all relevant legal definitions of “sale” and “sharing,” including those under the CCPA/CPRA.

5. HIPAA Compliance

To the extent the Company receives, maintains, or transmits Protected Health Information (PHI) as defined under HIPAA:

  • The Company complies with the HIPAA Privacy Rule, Security Rule, and Breach Notification Rule.

  • PHI is used or disclosed solely for permitted purposes, including treatment, payment, or healthcare operations, or as otherwise authorized by the individual.

  • Administrative, technical, and physical safeguards are implemented to protect PHI.

  • Business Associate Agreements (BAAs) are executed where required.

If the Company does not process PHI, this section serves to confirm that no such data is collected.

6. GDPR Compliance

For individuals located in the EU/EEA, the Company processes personal data in accordance with the General Data Protection Regulation (GDPR). Processing is conducted on lawful bases including consent, contract performance, legitimate interests, or compliance with legal obligations.

GDPR Rights

Individuals subject to the GDPR have the right to:

  • Access their personal data

  • Request rectification or erasure

  • Restrict or object to processing

  • Request data portability

  • Withdraw consent where processing is based on consent

  • Lodge a complaint with a supervisory authority

Requests may be submitted using the contact information provided below.

7. CCPA/CPRA Compliance

For California residents, the Company complies with the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Rights of California Residents

California residents have the right to:

  • Know the categories and specific pieces of personal information collected

  • Request deletion of personal information

  • Request correction of inaccurate personal information

  • Access personal information in a portable format

  • Opt out of the sale or sharing of personal information

  • Limit the use and disclosure of sensitive personal information

  • Be free from retaliation or discrimination for exercising their rights

Sale and Sharing Disclosure

The Company does not sell or share personal information as defined under the CCPA/CPRA. If this practice changes, the Company will update this Policy and provide all required notices and opt‑out mechanisms.

8. Data Security

The Company implements commercially reasonable administrative, technical, and physical safeguards designed to protect personal information against unauthorized access, disclosure, alteration, or destruction. While no security measure is infallible, the Company continually evaluates and enhances its security practices.

9. Data Retention

Personal information is retained only for as long as necessary to fulfill the purposes for which it was collected, to comply with legal obligations, to resolve disputes, or to enforce agreements.

10. Children’s Privacy

The Company does not knowingly collect personal information from children under the age of 13. If such information is inadvertently collected, it will be promptly deleted upon discovery.

11. Changes to This Policy

The Company may amend this Privacy Policy at its discretion. Material changes will be communicated as required by applicable law. The “Last Updated” date will reflect the effective date of the most recent revision.

12. Contact Information

Questions, requests, or concerns regarding this Privacy Policy or the handling of personal information may be directed to:

IT Network Systems, LLC Email: marketing@itnetworksystems.com

IT Network Systems, LLC

Woman owned business, providing top-notch IT services and managed solutions.

IT Network Systems, LLC © 2024. All rights reserved.

E-mail
Call Us
Fax