Privacy Policy

We collect information you provide directly to us, including:

**Personal Identification Information:** Name, email address, phone number, company name, job title, and mailing address when you complete our contact forms, subscribe to our newsletter, or engage our services.

**Business Information:** Company size, industry, technology stack, IT challenges, project requirements, and budget range provided during consultations or proposal processes.

**Communication Data:** Records of correspondence, meeting notes, and any information you share when communicating with us by email, phone, or in-person meetings.

**Technical Data:** IP addresses, browser type and version, operating system, referral source, and pages visited, collected automatically through cookies and analytics tools.

**Payment Information:** Billing address and payment details processed securely through PCI-DSS compliant payment processors. We do not store full credit card numbers.

We use the information we collect for the following purposes:

**Service Delivery:** To provide IT consulting, cloud, cybersecurity, software development, and managed IT services as contracted.

**Communications:** To respond to inquiries, provide project updates, and send service-related information.

**Marketing (with consent):** To send you newsletters, case studies, whitepapers, and promotional content about our services when you have opted in.

**Improvement:** To analyze how our website and services are used, identify areas for improvement, and develop new offerings.

**Legal Compliance:** To comply with applicable laws, regulations, legal processes, or governmental requests.

**Security:** To detect, investigate, and prevent fraudulent transactions, abuse, and other illegal activities.

HASZ-IT LLC is an Iowa limited liability company operating under United States law. We are not subject to GDPR or EU data protection regulations; however, we follow reasonable data minimization and purpose-limitation principles as a matter of good practice.

We process your personal data for the following reasons:

- **Contract Performance:** To deliver the services you have engaged us for. - **Legitimate Business Interests:** To respond to inquiries, improve our website, and market our services to business professionals. - **Legal Compliance:** To meet applicable US federal and Iowa state legal obligations. - **Your Consent:** Where you have opted in to marketing communications.

We do not sell, trade, or rent your personal information. We may share it with:

**Service Providers:** Trusted third-party vendors who assist in operating our business (CRM, email platforms, analytics, payment processors), bound by confidentiality agreements.

**Professional Advisors:** Attorneys, accountants, and insurers where necessary for business operations.

**Business Transfers:** In connection with any merger, acquisition, or sale of assets, with appropriate notice.

**Legal Requirements:** When required by law, court order, or government authority.

**Consent:** With your explicit consent for any other sharing purpose.

We retain personal data for as long as necessary to fulfill the purposes for which it was collected, including legal, accounting, or reporting requirements:

- **Client Data:** Retained for the duration of the engagement plus 7 years for legal and accounting purposes. - **Prospect Data:** Retained for up to 3 years from last interaction. - **Marketing Data:** Retained until you unsubscribe or withdraw consent. - **Website Analytics:** Aggregated data retained for up to 26 months.

You may request deletion of your data subject to our legal retention obligations.

Depending on your jurisdiction, you may have the following rights:

- **Access:** Request a copy of the personal data we hold about you. - **Rectification:** Request correction of inaccurate or incomplete data. - **Erasure:** Request deletion of your personal data ("right to be forgotten"). - **Restriction:** Request that we restrict processing of your data. - **Portability:** Request a machine-readable copy of your data. - **Objection:** Object to processing based on legitimate interests or for direct marketing. - **Automated Decisions:** Not be subject to solely automated decisions that significantly affect you.

To exercise these rights, contact us at privacy@hasz-it.com. We will respond within 30 days.

We use cookies and similar tracking technologies to enhance your experience on our website:

**Essential Cookies:** Required for basic website functionality. Cannot be disabled.

**Analytics Cookies:** Help us understand how visitors interact with our website (Google Analytics 4, with IP anonymization enabled).

**Marketing Cookies:** Used to deliver relevant advertising and track campaign effectiveness (only with your consent).

You can manage your cookie preferences through our cookie consent banner or your browser settings. Note that disabling some cookies may affect website functionality.

Your data is stored on servers located in the United States. HASZ-IT LLC does not operate internationally or transfer personal data outside the United States.

We implement industry-standard security measures including TLS encryption for data in transit, restricted access controls, and regular security reviews. Despite these safeguards, no transmission over the Internet is 100% secure.

We implement industry-standard security measures to protect your information, including:

- TLS/SSL encryption for all data in transit - Encryption for sensitive data at rest - Multi-factor authentication for all internal systems - Strict access controls and role-based permissions - Employee security training

Despite these measures, no transmission over the Internet is 100% secure. We cannot guarantee absolute security.

For privacy-related inquiries or to exercise your rights:

**Data Controller:** HASZ-IT LLC 1566 S Gilbert St #9537 Iowa City, IA 52240, USA EIN: 42-2437846

**Privacy Contact:** Email: privacy@hasz-it.com Phone: +1 (319) 800-4279

This Privacy Policy is governed by the laws of the State of Iowa, United States.