Privacy Policy

This Privacy Policy describes how ITva Technologies LLC ("ITva," "we," "our," or "us") collects, uses, stores, and shares information about you when you visit our website (itvatechnologies.com) or contact us about our services. We are committed to protecting your privacy and handling your information responsibly.

This policy applies to information collected through our website and during pre-engagement discussions. Once you become an ITva client, separate Master Service Agreements (MSAs) and Business Associate Agreements (BAAs) govern how we handle your business data.

1. Information We Collect

1.1 Information You Provide Directly

When you fill out a form on our website, request a free assessment, download a resource, or contact us, we collect the information you provide. This typically includes:

• Name and job title
• Business name and industry
• Email address and phone number
• Office address (for on-site assessments)
• Information about your current IT environment, vendors, and challenges
• Any other information you choose to include in your message

1.2 Information Collected Automatically

When you visit our website, we automatically collect certain technical information:

• IP address and approximate geographic location
• Browser type and version
• Device type (desktop, mobile, tablet)
• Operating system
• Pages visited, time on site, navigation paths
• Referring website (if applicable)
• Date and time of visit

1.3 Information from Cookies and Similar Technologies

We use cookies and similar tracking technologies to operate and improve our website. See Section 6 below for details about cookies and your choices.

2. How We Use Your Information

We use the information we collect for the following purposes:

• Responding to inquiries: Following up on assessment requests, answering questions about our services, and providing information you requested.
• Service delivery: If you become a client, communicating about your engagement, scheduling meetings, and delivering services.
• Marketing communications: Sending newsletters and updates about our services (only if you've opted in or have a pre-existing business relationship).
• Website improvement: Analyzing how visitors use our website to improve content and functionality.
• Security: Detecting and preventing fraud, abuse, and security threats.
• Legal compliance: Complying with applicable laws, regulations, and legal processes.

3. How We Share Your Information

We do not sell your personal information. We share information only in the following limited circumstances:

3.1 Service Providers

We work with carefully selected third-party service providers who help us operate our business. These include:

• Website hosting and infrastructure: Akamai Cloud (Linode) for website hosting
• Email and productivity: Microsoft 365 for business email and collaboration
• Marketing automation: HubSpot or similar CRM for lead management
• Web analytics: Google Analytics for understanding website usage
• Form processing: Fluent Forms (running on our own infrastructure)

3.2 Business Transfers

If ITva is involved in a merger, acquisition, sale of assets, or bankruptcy, your information may be transferred as part of that transaction. We will notify affected individuals before any such transfer of personal information.

3.3 Legal Requirements

We may disclose information when required by law, subpoena, court order, or other legal process. We may also disclose information to:

• Protect our rights, property, or safety, or that of our clients or others
• Investigate potential violations of our Terms of Service
• Respond to claims of unauthorized use of our intellectual property

4. Information Security

We implement reasonable administrative, technical, and physical safeguards to protect the information we hold. As an MSSP, our internal practices include:

• Encryption of data in transit (TLS/SSL) and at rest where applicable
• Multi-factor authentication on all business systems
• Endpoint detection and response on company devices
• Workforce security awareness training
• Regular security audits and risk assessments
• Incident response plan and procedures

No method of transmission or storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee absolute security. If you believe your information has been compromised, contact us immediately at security@itvatechnologies.com.

5. Data Retention

We retain personal information for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements. Specifically:

• Inquiry information (no engagement): 24 months from last contact
• Client engagement records: 7 years from end of engagement (matches Florida statute of limitations)
• Website analytics data: 14 months (Google Analytics default)
• Marketing communications: Until you opt out
• Required compliance records: As required by applicable law (HIPAA: 6 years; IRS: 7 years)

6. Cookies and Tracking Technologies

Our website uses cookies and similar technologies to function properly and improve user experience. We use the following types:

6.1 Essential Cookies

Required for the website to function. These cannot be disabled. Examples: session cookies for form submissions, security cookies.

6.2 Analytics Cookies

Help us understand how visitors interact with our website. We use Google Analytics 4 with IP anonymization enabled. You can opt out via the Google Analytics Opt-out Browser Add-on.

6.3 Functional Cookies

Remember your preferences and choices (e.g., dismissed cookie banner, language preference). These improve your experience but are not strictly necessary.

6.4 Your Choices

You can control cookies through your browser settings. Most browsers allow you to:

• View what cookies are stored
• Delete some or all cookies
• Block third-party cookies
• Block cookies from specific sites
• Block all cookies

Note: Blocking essential cookies may prevent certain website features from working.

7. Your Rights and Choices

Depending on your location and applicable law, you may have the following rights:

7.1 General Rights

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your information (subject to retention requirements)
• Opt-out of marketing: Unsubscribe from marketing emails at any time

7.2 Florida Residents

Under the Florida Information Protection Act (FIPA), you have rights related to data breach notification. ITva commits to notifying Florida residents of any breach affecting their personal information within 30 days of discovery, as required by FIPA.

7.3 California, Colorado, Virginia, and Other State Residents

Residents of states with comprehensive privacy laws (CCPA/CPRA, CPA, VCDPA, etc.) may have additional rights including the right to know, delete, correct, opt out of sale, and non-discrimination. To exercise these rights, contact us at privacy@itvatechnologies.com.

7.4 How to Exercise Your Rights

To exercise any of these rights, email us at privacy@itvatechnologies.com. We will respond within 30 days. We may need to verify your identity before processing requests.

8. Children's Privacy

Our website and services are not directed at children under 13. We do not knowingly collect personal information from children under 13. If you become aware that a child has provided us with personal information, please contact us and we will delete it.

9. International Users

ITva Technologies is based in the United States. If you are accessing our website from outside the U.S., be aware that your information will be transferred to, stored, and processed in the United States. By using our website, you consent to this transfer.

10. Third-Party Links

Our website may contain links to third-party websites (e.g., partner sites, vendor documentation, social media). We are not responsible for the privacy practices of these third parties. Review their privacy policies separately.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the "Last Updated" date at the top and, where appropriate, by email or website notice. Your continued use of the website after changes are posted constitutes acceptance of the updated policy.

12. Contact Us

For questions about this Privacy Policy or our data practices, contact us at the information above. We aim to respond within 5 business days.