Privacy Policy

Introduction

Byte Sized Counsel LLC ("Company," "we," "us," or "our") is a Managed Service Provider (MSP) headquartered in California. This Privacy Policy describes how we collect, use, disclose, and protect personal information obtained through our website, client portal, marketing activities, and service delivery operations.

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), described in Section 10 below.

This Policy does not govern information we process solely on behalf of our clients under a separate Data Processing Agreement (DPA) or Business Associate Agreement (BAA). In those contexts, our clients are the data controllers and bear independent privacy obligations for their end users' data.

1. Scope

This Policy applies to:

• Visitors to our public website at www.bytesizedcounsel.com
• Prospective clients who submit inquiries, contact forms, or quote requests
• Current and former clients using our support portal or receiving managed services
• Vendor, partner, and contractor contacts with whom we maintain a business relationship
• Job applicants

2. Information We Collect

3. How We Use Your Information

We use personal information for the following purposes:

• Service delivery: Provisioning, managing, monitoring, and supporting the IT services described in your service agreement
• Account management: Creating and managing client portal accounts, processing invoices, and handling renewals
• Support and communications: Responding to tickets, inquiries, and escalations
• Sales and marketing: Sending service announcements and promotional content (with opt-out available)
• Security and compliance: Monitoring for threats, conducting audits, and meeting legal retention requirements
• Legal obligations: Complying with applicable laws and lawful government requests

4. How We Share Your Information

We may share personal information with subprocessors and vendors (RMM platforms, cloud hosting, cybersecurity tools, payment processors), professional advisors, and legal authorities when required by law.

We do not sell personal information. We do not share personal information with third parties for their own independent marketing purposes.

5. Data Retention

We retain personal information for as long as necessary to fulfill the purposes described, typically 5–7 years for client records and 2–3 years for support logs.

6. Cookies and Tracking

Our website uses strictly necessary cookies, analytics cookies, and marketing/preference cookies. You may manage cookie preferences through your browser settings.

7. Security

We implement administrative, technical, and physical safeguards including encryption (TLS 1.2+), multi-factor authentication, and role-based access controls. No security measure is perfect, and we have breach notification procedures in place.

10. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have the Right to Know, Delete, Correct, and Opt Out of sale/sharing, as well as the Right to Non-Discrimination.