Privacy Policy

Effective Date: January 2025

PHOENIXTSI, Inc. is committed to protecting your privacy and personal data. This Privacy Policy outlines how we collect, use, disclose, and safeguard your information when you visit our website, engage our services, or otherwise interact with us. It also explains your rights under GDPR, HIPAA, and CCPA (where applicable).

1. Information We Collect

We collect information in the following ways:

a. Information You Provide

  • Name

  • Email address

  • Phone number

  • Company name

  • Job title

  • Billing and mailing address

  • Payment details (processed through secure third-party services)

  • Health-related information (only when required by a HIPAA-covered service)

b. Automatically Collected Data

  • IP address

  • Device type

  • Browser type and version

  • Operating system

  • Pages viewed and actions taken on our website

  • Referring URL

c. Cookies and Tracking

We use cookies and similar technologies to track website usage and improve your experience. You can manage cookie settings in your browser or reject non-essential cookies via our cookie banner (if applicable).

2. How We Use Your Information

We use collected information to:

  • Deliver and manage IT consulting and related services

  • Respond to inquiries and provide support

  • Process payments and send invoices

  • Improve website functionality and service delivery

  • Send service updates, alerts, or marketing communications (only with consent)

  • Comply with regulatory, legal, or contractual obligations

3. Legal Bases for Processing (GDPR)

If you are located in the European Economic Area (EEA), we process your personal data under one or more of the following legal bases:

  • Consent

  • Contractual necessity

  • Legal obligation

  • Legitimate interest (e.g., to prevent fraud or improve services)

4. Your Rights Under GDPR

If you are in the EEA or UK, you have the right to:

  • Access your personal data

  • Correct inaccuracies

  • Request deletion (“right to be forgotten”)

  • Object to or restrict processing

  • Data portability

  • Withdraw consent at any time

To exercise your rights, contact us at DPO@PHOENIXTSI.com . We will respond within 30 days.

5. Your Rights Under CCPA

If you are a California resident, the California Consumer Privacy Act (CCPA) grants you the right to:

  • Know what personal information we collect and how we use it

  • Request deletion of your personal data

  • Opt-out of the sale of personal information (we do not sell personal information)

  • Not face discrimination for exercising your rights

To submit a CCPA request, email us at DPO@PhoenixTSI.com or call 623.932.0481.

6. HIPAA Compliance

For services involving access to Protected Health Information (PHI), we comply with the Health Insurance Portability and Accountability Act (HIPAA).

  • We sign Business Associate Agreements (BAAs) when applicable

  • PHI is only accessed, stored, and transmitted securely and lawfully

  • We apply strict access controls and audit logs to protect health information

If you have a HIPAA-related inquiry, contact our Privacy Officer at DPO@PHOENIXTSI.com

7. Data Sharing and Third Parties

We do not sell personal information. We only share data with trusted service providers who support our operations (e.g., cloud hosting, payment processors, CRM systems), and they are contractually obligated to protect your information.

We may also share data when:

  • Required by law, regulation, or legal process

  • Necessary to protect our rights, safety, or property

8. Data Security

We maintain strong technical and organizational measures to secure your data, including:

  • Data encryption (at rest and in transit)

  • Role-based access control

  • Regular audits and vulnerability assessments

  • Secure data disposal protocols

9. International Data Transfers

If you are located outside the United States, your data may be transferred to and processed in the U.S. where data protection laws may differ. When required, we implement safeguards such as Standard Contractual Clauses (SCCs) or obtain your explicit consent.

10. Data Retention

We retain your data only as long as necessary to fulfill the purposes described in this Policy or as required by law, regulation, or contractual obligation.

11. Children’s Privacy

Our services are not intended for children under 13. We do not knowingly collect personal data from children without verifiable parental consent.

12. Updates to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on our website with the revised effective date. Continued use of our services means you accept the changes.

13. Contact Us

If you have any questions, requests, or concerns about this Privacy Policy or our data practices, please contact:

PHOENIXTSI, Inc.
4600 E Washington St., Suite 300
Phoenix, AZ 85034

Email: DPO@PHOENIXTSI.com
Phone: 623.932.0481