Privacy Policy

Privacy Policy (Effitech IT Solutions, LLC)

Last Updated: September 9, 2025 Effective Date: September 9, 2025

This Privacy Policy explains how Effitech IT Solutions, LLC (“Effitech,” “we,” “us,” or “our”) collects, uses, shares, and protects personal information in the course of our business, including information collected through our website (effitechitsolutions.com) and through our IT support and consulting services. We are committed to protecting your privacy and ensuring that your personal information is handled in a safe and responsible manner. By using our services or our website, you agree to the collection and use of information in accordance with this Privacy Policy.

  1. Information We Collect We limit our data collection to only what is necessary to operate our business and provide you with our services. The types of information we may collect include:

Contact Information: When you inquire about our services, schedule an appointment (e.g., via phone or scheduling software), or become our client, we will collect personal contact details such as your name, email address, phone number, mailing address, and/or business name. This information is used to identify you, communicate with you, and perform services at the correct location (for on-site visits).

Service-Related Information: If you request IT support, we may ask for information about the issue you are experiencing and details about your device or system (e.g., device type, operating system, installed software, error messages). For example, we might collect your computer’s make/model, the network setup, or relevant configuration details to diagnose and resolve your problem. We only collect what you choose to share and what is needed to complete the service.

Credentials and Access Information: In some cases, to perform certain services, you may choose to provide us with login credentials, passwords, or access codes (for instance, remote desktop login, router admin password, or software credentials). We do not record or store any passwords or confidential credentials beyond the time they are needed for the service. If you provide us such information, we will use it only for the specific task and we strongly encourage you to change these passwords immediately after the service is concluded. Effitech does not maintain a repository of client passwords.

Payment Information: We use third-party payment processors (such as Stripe and PayPal) to handle online payments. When you pay an invoice via the link we send, you might provide credit card details, bank information, or other payment data. We do not directly collect or store your full payment card details on our servers. That information is provided by you directly to the payment processor (Stripe, PayPal, etc.), which is governed by their privacy policies. Effitech receives from the processor a confirmation of payment and basic information like your name, email, and the amount paid. In the case of check or cash transactions, we will record the payment amount and date, but we do not keep any banking account numbers in our system besides possibly the last four digits on a check for record-keeping.

Website Usage Data: When you visit our website (effitechitsolutions.com), certain information may be collected automatically about your device and browsing activity. This can include your IP address, browser type, device type, pages viewed on our site, and the date/time of your visit. We might use common web technologies like log files or analytics tools (e.g., Google Analytics) to collect this data. This information helps us understand how visitors navigate our site and improve the website experience. We do not use this data to personally identify you, and we do not link browsing data to individual identities except as needed for security (such as diagnosing malicious activity).

Cookies and Similar Technologies: Our website may use “cookies,” which are small text files stored on your device, to enhance user experience (for example, to remember your preferences or recognize you on a return visit). We may also use cookies or tracking pixels for basic analytics. You have control over cookies through your browser settings and can refuse or delete them, though note that certain site features might not function as intended without cookies. We do not use cookies for advertising or for capturing any sensitive personal data.

Communications: If you contact us via email, phone, or through a form on our website, we may keep a record of that correspondence. This could include the content of your message, your contact information, and our response. We use this information to address your inquiry or issue and for internal training or quality assurance.

Sensitive Personal Data: We do not actively collect any sensitive personal information such as Social Security numbers, government ID numbers, financial account passwords, health or biometric data, etc., as part of our services. We kindly ask that you do not disclose such information to us unless it is absolutely necessary for the service. In the rare case that you do (for example, giving us a software license key that might resemble a personal number), we will treat it with the highest confidentiality and only use it for its intended purpose.

  1. How We Use Your Information Effitech uses the information collected for the following purposes:

Providing and Improving Services: We use your information to schedule and provide the IT services you request. For example, we use contact details to reach you and visit your location, problem details to guide our troubleshooting, and credentials to perform tasks like remote support or device configuration. Internal notes about the service (like device details or steps taken) may be kept to serve you better in the future. Additionally, we may use service-related information in aggregate (non-identifiable) form to analyze common issues or improve our troubleshooting methods for all clients.

Communication: We use your email or phone number to send service-related communications. This includes appointment confirmations or reminders (if you schedule service), notifications about the status of a support ticket, follow-ups to ensure your issue was resolved, and invoices or billing reminders. We may also respond to any inquiries you send us. We will not send you marketing emails unrelated to your specific inquiry or service without your explicit consent. (For example, we do not add you to a general newsletter list automatically – since our client base is small and service-specific, we typically only contact you about your own services or perhaps an occasional important update directly relevant to clients.)

Billing and Records: We use payment and contact information to bill for our services and maintain accurate financial records. For instance, we generate an invoice with your name, the services provided, the amount due, and your email for delivery. We keep records of invoices, payments, and communications as required for accounting and tax purposes, and to track our business performance.

Maintaining Security: Information such as IP addresses or device information may be used to help protect against fraud, unauthorized access, or other security issues. For example, if we detect repeated suspicious login attempts to our systems or a scheduling abuse, we might use logs to mitigate this. Likewise, during remote support, we might log certain actions for auditing what changes were made (for both our protection and yours). These logs are kept secure and are only used to improve security and accountability.

Legal Compliance: We may use or disclose your personal information as necessary to comply with applicable laws, regulations, legal processes, or enforceable governmental requests. For example, to respond to a subpoena or to enforce our agreements (such as using your contact info to send a demand for overdue payment or to address a legal dispute). We will only do so to the extent required or permitted by law.

Business Transfers (unlikely for a sole proprietorship): In the event that Effitech IT Solutions, LLC is involved in a merger, acquisition, or asset sale, personal information held by us may be transferred to the new owner/partner, so that the services can continue. If this happens, we will ensure the successor is bound to respect your personal data in a manner consistent with this Privacy Policy and applicable law, and we will notify you of any change in data control.

We do not use personal information for any purposes other than those described above. Specifically, we do not sell or rent your personal data to third-party marketers, and we do not use your data to profile you for advertising.

  1. How We Share and Disclose Information Effitech respects the confidentiality of your personal information. We only share information with third parties in very limited circumstances, as outlined below:

Service Providers (Third-Party Processors): We may share necessary information with third-party service providers and partners who perform services on our behalf in order to facilitate our operations. This includes:

Payment Processors: As mentioned, if you pay online, your payment details go directly to Stripe, PayPal, or a similar processor. They are independent data controllers for your payment data. We share with them only the information needed to process the payment (e.g. the invoice number, amount, your name/email) and they inform us of the transaction status.

Scheduling or CRM Tools: We might use a scheduling service (like Calendly or a similar booking tool) to allow you to book appointments. When you enter your information to schedule a meeting, that information is stored with the scheduling service provider and shared with us. They are obligated to protect it under their privacy terms, and we use it only for managing appointments. Similarly, if we use any customer relationship management (CRM) or help-desk software, your contact info and support history might reside on those platforms, which are used under contract with confidentiality and security obligations.

Email/Hosting Providers: Our email communications (to effitechitsolutions@gmail.com) are handled by Google’s Gmail service. So if you email us or we email you, your messages pass through Google’s systems. Google’s privacy policy will apply to data processed through Gmail. We use reputable providers who employ strong security.

IT Tools: During remote support, we may use third-party remote access software (such as TeamViewer, AnyDesk, or similar). These tools may temporarily handle data from your computer to facilitate the connection. We choose reputable, encrypted services for remote sessions, but they are third parties involved in the process. They typically do not retain your personal data beyond connection logs.

We ensure that any third-party service providers we use are under obligations to use your data solely for the purposes of providing services to us and to maintain appropriate confidentiality and security measures. We do not allow our vendors to use your info for their own marketing.

With Your Consent: We may share your information with third parties if (and only if) you specifically ask or authorize us to do so. For example, if you ask us to coordinate with another vendor (like speaking with your internet provider’s support on your behalf, or collaborating with a software company’s support team to resolve your issue), we will share information as needed to fulfill your request, and we will do so only with your permission. Another example: if we ever wanted to use a positive testimonial or case study including your name or business, we would only publish it with your explicit consent.

Legal Requirements: We may disclose your personal information if required to do so by law or in response to valid legal requests by public authorities (e.g., a subpoena, court order, or government demand). We will only share the information that is legally necessary. Additionally, we may disclose information if we believe in good faith that such action is necessary to (i) comply with a legal obligation, (ii) protect and defend the rights or property of Effitech (including enforcing our agreements), (iii) act in urgent circumstances to protect the personal safety of clients or the public, or (iv) protect against legal liability. If legally permissible and practicable, we would attempt to notify you of any such disclosure.

Business Transfer or Reorganization: As noted earlier, if Effitech undergoes a business transition such as a merger, acquisition by another company, or sale of all or a portion of our assets, user information (which is typically limited to client contact info and service history) may be among the assets transferred. We would ensure the continued protection of your information and inform you of any significant change in data handling.

Other than the cases above, Effitech does not share your personal data with any third parties. We do not sell customer lists or email addresses to marketing companies. We do not share your information with other clients or any external parties not involved in providing your service.

  1. Data Security Measures Effitech is committed to protecting your personal information and has implemented a variety of security measures to help safeguard it:

Secure Systems: We utilize reputable platforms and software with built-in security. Our computers and devices used in service delivery are protected by up-to-date antivirus and anti-malware solutions. We apply security patches and updates regularly to the software and operating systems we use.

Encryption: Wherever possible, we use encryption to protect data in transit. For example, our email accounts are accessed via SSL/TLS encryption, our website (effitechitsolutions.com) uses HTTPS encryption for any forms or pages to prevent eavesdropping safeoffsitebackups.com . When using remote support tools, we choose ones that encrypt the remote session. If we store any sensitive documents (e.g., a configuration backup file from a client’s router), we encrypt those files and/or use password protection and delete them as soon as they are no longer needed.

Access Controls: Since Effitech is operated by a sole owner, access to client personal information is extremely limited – essentially, only the owner/technician (Michael Perdue) has access to client data. We do not have multiple employees or contractors accessing your info. In the event we expand and involve additional personnel, we will implement role-based access controls to ensure that only authorized individuals who need information to perform their job can access it. Any future staff would also be bound by confidentiality agreements.

Password Practices: We do not keep a repository of client passwords, as stated. For any credentials that we do handle (even temporarily), we handle them with care – for example, if a password is noted down, it’s stored only as long as needed and then securely destroyed. We encourage clients to share passwords in a secure manner (verbally or using an encrypted method, rather than plain email, if possible) and to change them afterward.

Physical Security: Our business records (if any physical copies exist, such as printed invoices or notes) are kept in a secure location. The home office address (35130 Buck Ct, Pittsville, MD) is a private residence with controlled access. Computers are locked and stored safely when not in use. Documents with personal data are shredded before disposal.

Monitoring and Training: We monitor our systems for any signs of security breaches or unauthorized access. Since it’s just the owner, “training” is a matter of personal discipline, but we keep updated on best security practices for small IT businesses. If we ever detect a data breach involving client information, we will notify affected clients and take appropriate remediation steps in accordance with applicable laws.

While we take prudent measures to protect your information, no method of transmission over the internet or method of electronic storage is 100% secure. Thus, we cannot guarantee absolute security of your data. However, we do strive to use commercially acceptable means to protect your personal information and update our safeguards as new threats emerge. You also play a role in security – for example, please do not send highly sensitive personal information (like credit card numbers or passwords) to us via unencrypted channels like standard email. And always update the passwords you might have shared with us once the service is done.

  1. Data Retention We will retain your personal information only for as long as is necessary to fulfill the purposes for which we collected it, including for satisfying any legal, accounting, or reporting requirements.

Service Data: Information related to the services we perform (your contact info, service history, invoices) is typically retained for a period of at least 7 years. This retention period is guided by business record-keeping requirements (for example, U.S. tax regulations often require retaining financial records for 7 years). We keep these records to maintain a history of services provided (useful for ongoing support), to refer to past solutions, and to comply with legal obligations.

Communications: Emails and communications with clients may be retained for a similar period, especially if they contain information relevant to your service history or our business transactions. This helps us in case you come back with a related issue or for liability protection to have a record of what was said.

Web Analytics: Anonymized website usage data (via Google Analytics or server logs) is typically retained in aggregate form for a shorter period (often 26 months by Google’s default) and is used only for trend analysis. It does not directly identify you and we do not tie it to individual contacts.

Credentials: As emphasized, any passwords or secure access information you provide are not stored long-term. They are deleted or expunged immediately after use. We do not include such sensitive info in our retained service notes. If by necessity a certain credential must be stored (for example, if we manage a device for you and you ask us to keep the admin password), we will do so only with your explicit permission and will store it in an encrypted form. You have the right to ask us to delete such stored credentials at any time.

Disposal: When personal information is no longer required and past any mandated retention period, we will dispose of it securely. Digital data will be deleted or anonymized. Physical documents will be shredded. Backups will eventually cycle out old data as well.

  1. Your Rights and Choices We are based in the United States and primarily serve clients in Maryland, but we respect the privacy rights of all individuals. Depending on your jurisdiction (for example, if you are in the EU, UK, or California), you may have certain legal rights regarding your personal data. We aim to extend basic privacy considerations to all clients, even if specific laws might not directly apply. These rights may include:

Right to Access: You may request details about the personal information we hold about you. We will provide you with a copy of your data in a commonly used format, if required (there may be some exceptions as allowed by law, but generally for our small dataset we can share whatever we have).

Right to Rectification: If any of your personal information that we have is incorrect or incomplete, please inform us. We will promptly correct any inaccuracies. For instance, if your email or phone number changes or if we misspelled your name, we will update our records.

Right to Deletion: You can request that we delete your personal data. Keep in mind there are legal and business requirements that may prevent immediate deletion of some data – e.g., we must retain invoices and transaction records for accounting purposes. However, for data that isn’t required to be retained (such as an old support inquiry or any data beyond what’s necessary), we will honor a deletion request. If you cease to be a client and wish to have your contact information purged from our active list, we can do so. Note that due to the nature of our services, deletion might simply mean we archive your records in a secure manner (since outright deletion of a service record might not be feasible without affecting transactional integrity). We will explain what we can delete and what we must keep if you make such a request.

Right to Withdraw Consent: If we ever process your information based on consent (for example, if you consented to receive a newsletter or allowed us to post a testimonial), you have the right to withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of any processing conducted prior to the withdrawal, and it will not affect processing of your information under other legal bases (like fulfilling a contract or legal obligations).

Right to Object or Restrict Processing: You might have the right to object to or request that we limit the processing of your personal information in certain circumstances. For example, if you object to us using your email for any reason other than service communications, let us know and we will refrain from non-essential communications. Given the limited ways we use data (mostly just to do the job you asked for), such requests are rarely applicable, but we will certainly accommodate reasonable requests.

Right to Portability: If applicable (mostly for EU residents under GDPR), you can request a copy of the personal data you provided to us in a machine-readable format, and you can also request that we transmit it to another controller where technically feasible. In practice, this might simply mean we give you an export of your contact info and service history if you needed it.

To exercise any of these rights, please contact us at effitechitsolutions@gmail.com with your request. We may need to verify your identity before fulfilling certain requests (to ensure that we don’t disclose or delete someone else’s data by mistake). We will respond to your inquiry as soon as possible and at least within the timeframe required by applicable law (if any). Typically, since our client base is small, we can turn around requests quickly.

Please note that if you are a resident of a region with comprehensive data protection laws (like the European Economic Area, United Kingdom, California, etc.), additional specific rights or nuances might apply. We have not listed every jurisdiction’s rights in detail here, but we aim to uphold the core principles of privacy and will work with you to address any concerns.

  1. Children’s Privacy Our services and website are not directed to children under the age of 13. We do not knowingly collect personal information from children under 13 years old. As an IT services company, our clients are generally adults or businesses. A child may indirectly benefit from our services (for instance, a parent might hire us to set up parental controls on a home network), but we perform services under the parent/guardian’s request and information.

If you are a parent or guardian and believe that your child under 13 has provided us with personal information without your consent, please contact us. We will take steps to delete such information from our records. Similarly, if for some reason we need to work with data relating to minors (for example, recovery of a family computer that contains a child’s files), we treat all data as confidential and do not use it for any purpose.

  1. Third-Party Websites Our website or communications may contain links to third-party websites or services that are not operated by Effitech (for example, links to software providers, articles, or payment portals like Stripe/PayPal). This Privacy Policy does not cover those third-party sites. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the Privacy Policy of every site or service you interact with. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services. However, we strive to only partner with or recommend reputable services with strong privacy practices.

  2. Updates to This Privacy Policy We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. If we make material changes to how we handle personal data, we will notify you by posting the updated policy on our website (at effitechitsolutions.com/privacy-policy) and updating the “Last Updated” date at the top. In some cases, we might also notify clients via email or a notice on our homepage, especially if you are an active client at the time of change. We encourage you to review this Privacy Policy periodically for any updates. Your continued use of our services or website after any modifications indicates your acknowledgment of the changes and agreement to the updated policy.

  3. Contact Us If you have any questions, concerns, or requests regarding this Privacy Policy or how we handle your personal information, please do not hesitate to contact us:

Effitech IT Solutions, LLC Attn: Privacy Officer (Michael Perdue) 35130 Buck Ct, Pittsville, MD 21850, USA Email: effitechitsolutions@gmail.com Phone: 410-914-7776

We will be happy to answer your questions and address any issues to the best of our ability. Your privacy is important to us, and we appreciate the trust you place in Effitech IT Solutions to handle your IT needs and personal information with care.