Privacy Policy

1. Introduction

AFScott LLC ("AFScott", "we", "our", or "us") provides managed IT services, cybersecurity services, infrastructure management, low-voltage and technology consulting, and related support services.

This Privacy Policy describes how we collect, use, process, disclose, and protect information in connection with our business operations, our public-facing website, and the systems, services, and environments we manage for clients.

2. Roles and Responsibilities

2.1 Data Controller

AFScott acts as a data controller with respect to information related to our own business operations, website visitors, marketing communications, vendor relationships, and client relationship management.

2.2 Data Processor

AFScott may also act as a data processor when delivering services to clients. In those cases, the client remains the data controller and determines the purpose and means of processing. We process information on behalf of clients only as necessary to deliver contracted services, protect systems, and comply with legal or contractual obligations.

3. Categories of Data Collected

3.1 Business and Contact Data

• Names, company names, job titles, email addresses, phone numbers, and business contact details
• Information submitted through forms, service requests, contracts, quotes, or support channels

3.2 Technical and System Data

• Device identifiers, hostnames, operating system details, IP addresses, and configuration metadata
• Authentication records, access logs, network telemetry, security alerts, and endpoint data
• Backup, recovery, and asset inventory information when relevant to service delivery

3.3 Client Environment Data

In the course of supporting client environments, we may process user account metadata, email routing data, file structures and metadata, security logs, audit records, and other operational data needed to administer, secure, maintain, back up, restore, or troubleshoot systems.

4. Purpose of Processing

We process information for legitimate business and service-delivery purposes, including to:

• Deliver managed IT, cybersecurity, cloud, infrastructure, and consulting services
• Monitor, maintain, secure, and improve systems and environments under our management
• Detect, investigate, and respond to outages, vulnerabilities, abuse, and security incidents
• Communicate with clients, users, vendors, and authorized representatives
• Fulfill contractual commitments, legal obligations, and internal operational requirements

5. Monitoring and Access

As part of our services, systems, devices, applications, and networks may be monitored, logged, reviewed, and analyzed for operational, security, compliance, backup, support, and troubleshooting purposes.

Authorized personnel may access data and systems only as necessary to provide support, maintenance, administration, remediation, incident response, or security services. Monitoring and analysis may include the use of automated tools, cloud platforms, and AI-assisted security or operational workflows.

6. Legal Basis for Processing

Where applicable, AFScott processes information under one or more of the following legal bases:

• Performance of a contract or pre-contractual steps requested by a client or prospective client
• Legitimate interests, including service operations, fraud prevention, security, and system integrity
• Compliance with legal obligations, regulatory requirements, or lawful process
• Consent, where consent is specifically required and obtained

7. Data Sharing and Subprocessors

We may share information with service providers, vendors, or subprocessors when reasonably necessary to:

• Host or deliver infrastructure, cloud, email, backup, communications, or security services
• Support business operations, billing, ticketing, documentation, monitoring, or incident response
• Comply with legal obligations or protect rights, safety, property, systems, or users

We evaluate vendors and service providers based on operational fit, security posture, and compliance expectations appropriate to the services involved.

8. Data Retention

We retain information only for as long as reasonably necessary to provide services, support business operations, preserve audit or security records, satisfy contractual requirements, resolve disputes, or comply with legal obligations. Retention periods vary based on service type, applicable agreements, and the nature of the data involved.

9. Data Security

AFScott uses administrative, technical, and organizational safeguards designed to protect information, including:

• Role-based access controls and least-privilege principles
• Encryption in transit and at rest where applicable and supported
• Monitoring, logging, alerting, and incident response processes
• Backup, resilience, and security best practices appropriate to managed environments

10. International Data Transfers

Information may be processed in the United States or other jurisdictions in which AFScott, its clients, or its service providers operate. Where applicable, we take reasonable measures intended to support appropriate protection of data transferred across jurisdictions.

11. Individual Rights

Depending on applicable law, individuals may have rights relating to access, correction, deletion, restriction, objection, or portability of personal data. Where AFScott acts as a processor, requests should generally be directed first to the relevant client organization that controls the data.

12. Cookies and Website Use

Our website may use cookies, analytics, or similar technologies to support site functionality, measure performance, improve user experience, and maintain security. We do not use website cookies to sell personal data.

13. Changes to this Policy

We may update this Privacy Policy from time to time. Any changes will be posted on this page with an updated effective date. Continued use of our website or services after changes are posted constitutes acceptance of those updates where permitted by law.

14. Contact Information

AFScott LLC
Bedminster, New Jersey
Email: zack@afscott.com