Privacy Policy

Your data pays for the service. It is not the product.

The short version: we never sell your personal information, and we never share it with third parties for marketing or advertising purposes. Not your email, not your company name, not your usage data, not anything. No exceptions, no "partners," no fine print elsewhere in this policy that quietly undoes this paragraph.

Who we are and what this covers

Power Admin IT is the managed IT services division of Power Admin Solutions ("Power Admin IT," "we," "us," "our"). This policy explains how we handle personal information in connection with poweradminit.com and the services we offer through it: our support chat, contact and booking forms, security audits, and managed and co-managed IT services. Our services are directed to businesses in the United States, and this policy is written for that audience.

If you have questions about anything here, or you want to exercise a privacy right, contact us through the chat on this site or the contact page and a real person will respond.

Two roles: when we control data, and when we only process it

This distinction matters under US state privacy laws, so we spell it out. For information about visitors to this website and people who contact us about our services, we act as the business or "controller": we decide why and how it's handled, and this policy governs it.

For the data inside a client's environment that we touch while delivering managed services, including support requests from your employees, configuration data, and security telemetry, we act as a "service provider" or "processor." We handle that data on your instructions and under the service agreement we sign with you, we use it only to deliver the service, and we do not sell it, share it, or use it for our own purposes. If you are an employee of one of our clients, the controller of your data is your employer, and their privacy policy governs it; direct your requests to them and we'll support their response.

What we collect, and the categories it falls into

We collect only what we need. Mapped to the categories that US state privacy laws use, that is:

Identifiers and contact data: name, work email, company name, phone number, and similar details you give us on a form, in the support chat, or by email.

Commercial and account data: the services you engage, ticket and support history, and billing records. Payment card and bank account numbers are handled by our payment processors; we don't store full card or account numbers on our systems.

Internet and device activity: basic, aggregate analytics about how the website is used (see the analytics section below).

Content you provide: the text of your support conversations, contact-form notes, and anything you send us in the course of getting help.

Client environment data (as processor): configuration data, license inventories, security posture details, and the contents of employee support requests. This is your company's confidential data; we treat it as described in the "two roles" section above.

We do not intentionally collect sensitive personal information (such as government IDs, precise geolocation, or data revealing health, race, religion, or the like) to run this website or our sales process. If sensitive data reaches us inside a client environment we're contracted to manage, we handle it only to provide the service and never to infer characteristics about anyone or for any secondary purpose.

Where it comes from, and why we use it

We collect personal information directly from you (forms, chat, email, calls), automatically from your use of the website (analytics), and from the client environments we're engaged to manage. We use it for these business purposes and no others: to respond to your inquiries and provide, maintain, and secure the services; to verify support requests and create and resolve tickets; to run security audits; to bill you and keep account records; to communicate with you about your own service (tickets, reports, invoices, renewals, and security notices); to meet legal, tax, and insurance obligations; and to detect and prevent fraud or abuse. If we ever send anything resembling marketing, it comes directly from us and every message includes a one-click opt-out.

AI processing, disclosed plainly

Part of our service is an AI service desk. Support requests, including their contents, are processed by AI systems to classify, route, and in some cases resolve them. Every AI action is logged with an audit trail, sensitive requests (credentials, access changes, MFA resets, deletions, and the like) are always escalated to humans, and AI processing happens for one purpose only: resolving your request. We do not use your support conversations or your company's data to train AI models for anyone else, and we do not permit our AI vendors to use your data for their own purposes. We do not use AI to make decisions that produce legal or similarly significant effects about you without human involvement.

Analytics and cookies

The website is quiet on purpose. We store your theme preference (light or dark) in your own browser, not on our servers. We use Google Analytics to understand aggregate traffic: which pages get visited, roughly where visitors come from, and how they found us. We use that to improve the site, not for advertising, and we don't use it to build profiles about you or connect it to your identity. We don't run third-party advertising or cross-site tracking networks. Because we don't sell or share personal information or serve targeted ads, there is nothing here to opt out of on that front, but if your browser sends a Global Privacy Control or similar opt-out preference signal, we treat it as a valid request to the extent any applicable law requires.

Who we share data with, and who we don't

We share personal information only with the service providers required to operate, and only the minimum each needs: our hosting and infrastructure providers, our analytics provider, our payment processors (for ACH and card billing), and the software platforms we use to deliver your IT services (for example, Microsoft, when we manage your licenses). Each is bound by contract to use the data only to perform services for us and not for its own marketing. We may also disclose information to professional advisors (such as our lawyers and accountants), or in connection with a merger or sale of the business, in which case this policy continues to apply to your information.

We do not sell personal information, and we do not share personal information for cross-context behavioral advertising or any other marketing, as those terms are defined under US state privacy laws. We have not done so, and this policy is our commitment not to. We do not trade lists, run data co-ops, or monetize your information in any form.

If the law compels disclosure (a subpoena, court order, or lawful government request), we'll comply, disclose only what's required, and where legally permitted, tell you it happened.

How we protect it

We're a security company, so we hold ourselves to the standards we audit others against: encryption in transit, access controls with multi-factor authentication, least-privilege access to client environments, and logging on the systems that touch your data. No system is breach-proof, and anyone who tells you otherwise is selling something. If an incident ever affects your personal information, we'll notify you and the appropriate authorities as required by applicable law, and tell you what happened and what we're doing about it.

How long we keep it

We keep personal information only as long as we need it for the purposes above. Prospect information (contact forms, sales conversations) is kept while we're in contact and deleted on request. Client service records, tickets, and audit reports are kept for the duration of the engagement plus the period needed for legal, tax, and insurance purposes, then deleted or anonymized. Client environment data goes with you at offboarding: we return or delete it on your instruction.

Your privacy rights (all US residents)

Wherever you live in the United States, you can ask us to tell you what personal information we hold about you, to correct it, or to delete it, and you can ask for a copy in a portable format. You will never be treated differently for exercising a privacy right; we don't deny service, change prices, or degrade quality because you asked. We extend these baseline rights to everyone, not only to residents of states that mandate them.

State-specific rights

A growing number of US states have comprehensive consumer privacy laws, including California, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and others. If you are a resident of one of these states, you may have some or all of the following rights, depending on your state: to know and access the personal information we hold; to correct inaccuracies; to delete your information; to obtain a portable copy; to opt out of the sale of personal information, of sharing for targeted or cross-context behavioral advertising, and of certain profiling; and to limit the use of sensitive personal information.

Because we do not sell personal information, do not share it for targeted advertising, and do not profile you or use sensitive personal information for those purposes, several of these opt-out rights have nothing to act on in our case. The access, correction, deletion, and portability rights still apply, and we honor them.

California residents (CCPA/CPRA): in addition to the rights above, you have the right to know the categories of personal information we collect (listed earlier in this policy), the sources, the business purposes for which we use them, and the categories of third parties (our service providers) to whom we disclose them. We do not sell or share personal information as those terms are defined under the CCPA, and we do not use or disclose sensitive personal information for purposes that would trigger the right to limit. You may use an authorized agent to submit requests on your behalf.

Virginia, Colorado, Connecticut, and similar states: if we decline a request, you have the right to appeal. We'll explain how to appeal in our response, and if an appeal is denied we'll tell you how to contact your state attorney general.

How to exercise your rights

Contact us through the chat or the contact page and tell us what you'd like to do. We'll verify your identity by reasonable means (usually by confirming control of the email address we have on file) before acting, which protects you as much as us. We respond within the timeframe your state's law requires, generally within 45 days, and we'll tell you if we need a permitted extension. There's no portal to navigate and no fee for a legitimate request. If you are an employee of a client and your request concerns data we process on your employer's behalf, we'll route it to your employer, who is the controller.

Children

Our services are for businesses. We don't knowingly collect personal information from anyone under 18, we don't sell the personal information of minors (we don't sell anyone's), and if we learn we've collected a minor's information we'll delete it.

Changes to this policy

If we make a material change to this policy, we'll post the updated version here and, for changes that affect active clients, notify them directly. What will not change is the commitment in the box at the top of this page.