How ArchiTECH MSP collects, uses, and protects the personal information of website visitors, assessment participants, and clients.
01Who We Are
ArchiTECH MSP ("ArchiTECH," "we," "us," or "our") is a veteran-owned managed IT services and cybersecurity firm headquartered at 127 W. Rodney French Blvd., New Bedford, MA 02744. This Privacy Policy describes how we handle personal information collected through our website at architechmsp.com, our free cybersecurity self-assessment tool, and our contact forms.
This Policy applies only to information collected through our website and marketing channels. Information collected in the course of delivering managed services to clients is governed by the applicable Master Services Agreement, Business Associate Agreement (where HIPAA applies), or Data Processing Addendum.
02Information We Collect
We collect the following categories of information:
- Contact details you submit voluntarily — name, company, email address, phone number, and any message content you provide via contact forms, the cybersecurity self-assessment, or newsletter signups.
- Assessment responses — the answers you provide in our free cybersecurity self-assessment, used to generate your personalized risk score and recommendations.
- Technical and usage data — IP address, browser type and version, device type, operating system, referring page, pages viewed, time on page, and approximate geographic location (city/region level).
- Cookies and similar technologies — see Section 6 below.
We do not knowingly collect information from children under 13. If you believe we have inadvertently collected information from a child, contact us immediately and we will delete it.
03How We Use Your Information
We use collected information to:
- Respond to inquiries and schedule consultations, assessments, or baseline calls.
- Generate and deliver cybersecurity self-assessment reports and related recommendations.
- Send requested communications, such as the Threat Briefing newsletter (you can unsubscribe at any time).
- Improve our website, services, and security — including detecting and preventing abuse, fraud, or security incidents.
- Comply with legal obligations and enforce our Terms of Service.
We do not sell your personal information. We do not rent or trade it. Full stop.
04Legal Bases for Processing
Where the EU/UK General Data Protection Regulation (GDPR) applies to you, we rely on the following legal bases: (a) your consent, for newsletter signups and non-essential cookies; (b) performance of a contract, to respond to service inquiries; (c) our legitimate interests, to operate and improve our website and secure our systems; and (d) legal obligation, where processing is required by law.
05Who We Share Information With
We share personal information only with trusted service providers who help us operate our business, and only to the extent necessary for them to perform services for us. Categories of recipients include:
- Hosting and infrastructure — providers who host our website and deliver it reliably.
- Email and communications — email delivery, transactional email, and calendar-booking platforms.
- Customer relationship management (CRM) — systems we use to track inquiries and assessment submissions.
- Analytics — privacy-conscious analytics platforms used to understand aggregate site usage.
- Professional advisors — lawyers, accountants, and auditors when reasonably necessary.
We may also disclose information when legally required (for example, in response to a valid subpoena or court order), to protect our rights or the safety of others, or in connection with a merger, acquisition, or sale of assets (in which case you will be notified).
06Cookies & Similar Technologies
Our website uses a limited set of cookies and similar technologies:
- Strictly necessary — required for basic site functionality and security. These cannot be disabled.
- Analytics — help us understand how visitors use the site in aggregate. You can opt out through your browser settings or a global privacy control signal.
We do not use advertising cookies, cross-site tracking, or third-party marketing pixels that track you across unrelated websites.
07Data Retention
We keep personal information only as long as needed for the purposes described in this Policy, or as required by law. Specifically:
- Contact-form submissions and assessment responses — up to 36 months from the date of submission, unless you become a client (in which case client-agreement retention applies) or you request earlier deletion.
- Newsletter subscribers — until you unsubscribe, and for a short reasonable period thereafter to honor suppression.
- Server and security logs — typically 90 days, longer if needed for investigation of a security incident.
08How We Protect Your Information
Security is not a side-project here; it is what we do. We apply administrative, physical, and technical safeguards appropriate to the sensitivity of the information we hold, including encryption in transit, access controls, multi-factor authentication for our systems, and regular review of our vendors' security posture. No system is 100% secure, but we hold ourselves to the same standards we set for our clients.
09Your Privacy Rights
Depending on where you live, you may have the right to:
- Request a copy of the personal information we hold about you.
- Request correction of inaccurate or incomplete information.
- Request deletion of personal information, subject to legal exceptions.
- Object to or restrict certain processing.
- Request data portability, where applicable.
- Withdraw consent for processing that is based on consent.
- Opt out of any sale or sharing of personal information (we do neither).
- Lodge a complaint with a data protection authority.
To exercise any of these rights, email info@architechmsp.com with the subject line "Privacy Request." We will verify your identity before acting on the request, and respond within the timeframe required by applicable law (typically 30–45 days).
10California & U.S. State Rights
If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the CPRA grants you the rights listed in Section 9, as well as the right to non-discrimination for exercising those rights. We do not sell or share personal information as those terms are defined under the CCPA/CPRA. Residents of other U.S. states with comprehensive privacy laws (including Virginia, Colorado, Connecticut, Utah, Texas, and Oregon) have similar rights; the same process applies.
11International Users
ArchiTECH MSP is based in the United States, and our service providers are primarily located in the U.S. If you access our website from outside the U.S., your information will be transferred to, stored in, and processed in the U.S. Where required, we rely on appropriate safeguards (such as Standard Contractual Clauses) for international data transfers.
12Third-Party Links
Our website may contain links to third-party sites (for example, our LinkedIn profiles, Google Maps, or calendar booking tools). Those sites are governed by their own privacy policies; we are not responsible for their practices. Review their policies before providing personal information.
13Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will change the "Last Updated" date at the top and, for material changes, provide more prominent notice (such as an email or a banner on the site). Continued use of the website after an update means you accept the revised Policy.
14Contact Us
Questions, requests, or complaints about this Policy can be sent to:
127 W. Rodney French Blvd.
New Bedford, MA 02744
Email: info@architechmsp.com
Phone: (508) 625-6320
This Policy is provided for transparency and does not constitute legal advice. For specific legal questions about your rights, consult a qualified attorney.