Privacy Policy

Last Modified: October 10, 2025

Secure IT Service Management, Inc. (“SecureITSM,” “we,” “us,” or “our”) is committed to protecting the privacy of our clients, prospective clients, and visitors to our website (www.secureitsm.com) and any subdomains or web addresses that link to this Privacy Policy (collectively, the “Site”).

This Privacy Policy explains our practices for collecting, using, and disclosing personal information that identifies, relates to, describes, or could reasonably be linked to an individual or household (“Personal Information”), as defined by applicable privacy laws. It applies to information collected through our Site and when you use our products and services (collectively, the “Services”).

By accessing or using our Services or by otherwise providing information to SecureITSM you consent to this Privacy Policy, including the collection, use, and disclosure of your Personal Information as described below. If you do not agree, please discontinue use of the Services. Limiting certain information may affect available functionality.

Modifications and Revisions

We may update this Privacy Policy from time to time. If material changes are made, we will post the updated notice on this page, revise the “Last Modified” date, and/or notify you directly if we have your contact information. Continued use of the Services after such changes constitutes your acknowledgement and acceptance of the updated Privacy Policy. We encourage you to review this page periodically.

Information We Collect

We collect Personal Information and related data in three main ways:

  1. Directly from you – when you submit forms, register for an account, or request support.
  2. Automatically – through cookies, analytics, and system logs when using our Services.
  3. From third parties – such as service providers, partners, and publicly available sources.

Information You Provide

Depending on how you interact with SecureITSM, we may collect:

  • Contact Information – name, email, phone number, company, job title.
  • Transaction/Payment Details – billing contact, company name, and limited payment data (processed securely by our payment processor).
  • Communications – messages, requests, and survey responses.

Information Collected Automatically

We and our service providers may automatically collect certain technical and usage data to maintain security, optimize performance, and improve user experience, such as:

  • Internet/Electronic Activity - IP address, device identifiers, browser type, operating system, referring pages, pages viewed, time stamps, session duration, and general location derived from IP.
  • Cookies & Similar Technologies – small data files used for:
    • Necessary Functions – authentication, session management, and security.
    • Analytics/Performance – usage metrics and traffic patterns (aggregated or de-identified).
    • Preferences – saving user settings and choices.

Most browsers allow you to block or delete cookies; doing so may affect certain features of the Site.

Third-Party Tools We May Use

(Actual tools may vary. Update this list as needed.)

  • Google Analytics – to understand Site usage and improve performance. See Google’s Privacy Policy and opt-out tool.
  • Marketing/CRM Platform (e.g., HubSpot or GoHighLevel) – used for analytics, forms, and communications; may set session or tracking cookies.
  • Heatmapping/Session Recording (e.g., Microsoft Clarity) – for usability analysis and fraud detection. See Microsoft Privacy Statement.

How We Use Personal Information

We use Personal Information for the following purposes, as permitted by law:

  • Provide and Operate Services – to deliver features, process transactions, and provide support.
  • Secure and Monitor – to detect fraud, prevent abuse, and maintain system reliability.
  • Communicate – to respond to inquiries and send administrative or legal updates.
  • Improve and Develop – to analyze usage, enhance design, and develop new offerings.
  • Marketing (Optional) – to send relevant updates and promotional materials (opt-out available).
  • Compliance and Legal Obligations – to meet DFARS 252.204-7012, CMMC 2.0, NIST 800-171, and other regulatory standards.
  • Other Purposes – as disclosed at collection or with your explicit consent.

How We Share Personal Information

We do not sell Personal Information. We may share or disclose it in the following limited circumstances:

  • Affiliates/Subsidiaries – including Paragone Solutions, Inc., for operations consistent with this Policy.
  • Service Providers/Contractors – for secure hosting, analytics, support, marketing, or billing (under strict contractual safeguards).
  • Business Transactions – as part of mergers, acquisitions, or asset transfers.
  • Legal Compliance/Protection – to comply with laws or protect rights and security.
  • Aggregated/De-Identified Data – for analytics that do not identify individuals.
  • With Consent – when you authorize specific sharing.

Your Choices

Marketing Communications

You may opt out of marketing emails using the unsubscribe link or by contacting us directly. Transactional or service-related communications may still be sent.

Interest-Based Advertising

If applicable, you can learn more or opt out of personalized ads from participating organizations at:

Do Not Track

Currently, we do not respond to browser-based “Do Not Track” signals, as no standard exists.

Data Security

SecureITSM uses administrative, technical, and physical safeguards designed to protect Personal Information, including:

  • Encryption in transit and at rest within Microsoft GCC and GCC High environments.
  • Zero-trust and least-privilege access controls.
  • Continuous SOC monitoring and vulnerability management.
  • Regular internal compliance and system security reviews.

Despite our efforts, no system is 100% secure. We continuously improve our defenses in line with industry and federal standards.

Data Retention

We retain Personal Information only as long as necessary to meet the purposes outlined here, comply with legal requirements, or enforce agreements. Afterward, information is securely deleted or anonymized.

Children’s Privacy

Our Services are not directed to children under 13, and we do not knowingly collect their information. If you believe a child has submitted Personal Information, contact us for prompt deletion.

International Data Transfers

Our Services are hosted in the United States and may also be processed in Canada. By using the Services from outside these countries, you consent to the transfer and processing of your data under U.S. data protection laws.

California Privacy Rights (CCPA/CPRA)

If you are a California resident, you have the following rights under the CCPA/CPRA:

  • Right to Know/Access your data (twice per year).
  • Right to Delete your data.
  • Right to Correct inaccurate data.
  • Right to Opt-Out of sale or sharing (we do not sell Personal Information).
  • Right to Non-Discrimination for exercising privacy rights.

Requests can be submitted via the contact methods below. We will verify your identity before fulfilling any request.

Contact Information

Questions, concerns, or privacy requests may be directed to:

📧 privacy@secureitsm.com

📞 (555) 123-4567

📍 SecureITSM – Paragone Solutions, Inc.
1234 Business Park Blvd, Suite 200, Huntsville, AL