Privacy Policy

Effective Date: January 1, 2025

Last Updated: March 18, 2026

Intelligent Group, doing business as Intelligent iT ("we," "us," or "our"), operates the website intelligentit.io and provides managed IT services, cybersecurity, and technology consulting. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website, use our services, or otherwise interact with us.

1. Information We Collect

Personal Information You Provide

We may collect personal information that you voluntarily provide when you:

• Fill out a contact or inquiry form on our website
• Book a consultation or strategy call
• Subscribe to our newsletter or download resources
• Communicate with us via email, phone, or other channels
• Engage us for IT services under a service agreement

This information may include your name, email address, phone number, company name, job title, business website, and any other details you choose to provide.

Information Collected Automatically

When you visit our website, we may automatically collect certain information, including:

• IP address and approximate geographic location
• Browser type, operating system, and device information
• Pages visited, time spent on pages, and referring URLs
• Cookies and similar tracking technologies

2. How We Use Your Information

We use the information we collect for the following purposes:

• To respond to your inquiries and provide requested services
• To deliver, maintain, and improve our managed IT and cybersecurity services
• To send you relevant communications, including service updates and promotional materials (with your consent)
• To process transactions and send related information
• To monitor and analyze website usage and trends to improve user experience
• To detect, prevent, and address security incidents and technical issues
• To comply with legal obligations and enforce our agreements

3. How We Share Your Information

We do not sell, rent, or trade your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: We may share information with trusted third-party vendors who assist us in operating our website and delivering services (e.g., email delivery, form processing, analytics). These providers are contractually obligated to protect your information.
• Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
• With Your Consent: We may share information for other purposes with your explicit consent.

4. Data Security

We implement industry-standard technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest
• Access controls and authentication requirements
• Regular security assessments and vulnerability testing
• Employee security awareness training
• Incident response and breach notification procedures

While we strive to protect your information, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

5. Cookies and Tracking Technologies

Our website may use cookies and similar technologies to enhance your browsing experience, analyze traffic, and understand user behavior. You can control cookie preferences through your browser settings. Disabling cookies may affect the functionality of certain parts of our website.

We may use the following types of cookies:

• Essential Cookies: Necessary for the website to function properly
• Analytics Cookies: Help us understand how visitors interact with our website
• Marketing Cookies: Used to deliver relevant advertisements and track campaign effectiveness

6. Third-Party Links

Our website may contain links to third-party websites or services that are not operated by us. We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third-party sites or services. We encourage you to review the privacy policies of any third-party sites you visit.

7. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, including to satisfy legal, accounting, or reporting requirements. When your information is no longer needed, we will securely delete or anonymize it.

8. Your Rights and Choices

Depending on your jurisdiction, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate or incomplete information
• Deletion: Request deletion of your personal information, subject to certain exceptions
• Opt-Out: Unsubscribe from marketing communications at any time
• Portability: Request a portable copy of your data in a commonly used format

To exercise any of these rights, please contact us using the information provided below.

9. European Data Protection (GDPR)

If you are located in the European Economic Area (EEA), United Kingdom (UK), or Switzerland, the General Data Protection Regulation (GDPR) and applicable local data protection laws provide you with additional rights regarding your personal data. This section supplements the rights described in Section 8 above.

Legal Basis for Processing

We process your personal data only when we have a valid legal basis under Article 6 of the GDPR:

• Consent: Where you have given explicit consent for a specific purpose (e.g., subscribing to our newsletter or downloading resources). You may withdraw consent at any time.
• Contractual Necessity: Where processing is necessary to perform a contract with you or to take steps at your request prior to entering a contract (e.g., delivering managed IT services under a service agreement).
• Legitimate Interests: Where processing is necessary for our legitimate business interests (e.g., improving our services, website analytics, fraud prevention), provided those interests are not overridden by your rights and freedoms.
• Legal Obligation: Where processing is necessary to comply with a legal obligation to which we are subject.

Your Rights Under GDPR

In addition to the rights listed in Section 8, you have the right to:

• Restriction of Processing: Request that we restrict the processing of your personal data in certain circumstances (e.g., while we verify accuracy of data you have contested).
• Object to Processing: Object to processing of your personal data where we rely on legitimate interests as our legal basis, including profiling based on those interests.
• Withdraw Consent: Where we rely on consent as the legal basis for processing, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal.
• Lodge a Complaint: Lodge a complaint with your local data protection supervisory authority if you believe your rights have been violated. A list of EEA supervisory authorities is available at edpb.europa.eu.

International Data Transfers

Your personal data may be transferred to and processed in the United States, where our servers and operations are located. When we transfer data outside the EEA/UK, we implement appropriate safeguards in accordance with GDPR requirements, including:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequacy decisions where applicable
• Additional technical and organizational security measures

Data Processing Agreements

Where Intelligent iT acts as a data processor on behalf of enterprise clients (as defined under GDPR Article 28), we enter into Data Processing Agreements (DPAs) that specify the scope, nature, and purpose of processing, the types of personal data involved, and our obligations regarding subprocessors, data breach notification, and data deletion or return upon termination of services. To request a DPA, contact us at sales@intelligentit.io.

Data Breach Notification

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority within 72 hours of becoming aware of the breach, as required by GDPR Article 33. Where the breach is likely to result in a high risk to your rights and freedoms, we will also notify affected individuals without undue delay, as required by GDPR Article 34.

Subprocessors

We use the following categories of subprocessors to deliver our services:

• Cloud Infrastructure: Microsoft Azure, Amazon Web Services (AWS) — data hosting and compute services
• Email & Communication: Microsoft 365 — email delivery and collaboration
• Analytics: HubSpot — website analytics and CRM
• Form Processing: FormSubmit — contact form handling
• Security Monitoring: Third-party SIEM and endpoint detection platforms used in the delivery of managed security services

Enterprise clients under a DPA will be notified in advance of any changes to our subprocessor list.

Data Protection Contact

For all GDPR-related inquiries, requests, or complaints, contact:

Intelligent Group (Intelligent iT) — Data Protection
Email: sales@intelligentit.io
Midtown Manhattan, New York, NY

We will respond to all data subject requests within 30 days, as required by GDPR.

10. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), provides you with specific rights regarding your personal information. This section applies in addition to the rights described in Section 8.

Categories of Personal Information Collected

In the preceding 12 months, we have collected the following categories of personal information as defined by the CCPA:

• Identifiers: Name, email address, phone number, IP address
• Professional Information: Company name, job title, business website
• Internet Activity: Browsing history on our website, pages visited, search queries, interactions with our site
• Geolocation Data: Approximate location derived from IP address
• Inferences: Preferences and characteristics derived from the above categories to provide relevant services

How We Use Personal Information

We collect and use personal information for the business purposes described in Section 2 of this policy, including providing services, responding to inquiries, improving our website, and complying with legal obligations.

Sale and Sharing of Personal Information

We do not sell your personal information. We do not and will not sell personal information of California residents to third parties for monetary or other valuable consideration as defined by the CCPA/CPRA.

We may share certain information (such as online identifiers and browsing activity) with analytics and advertising partners for cross-context behavioral advertising purposes. Under the CPRA, this may be considered "sharing." You have the right to opt out of this sharing.

Your Rights Under CCPA/CPRA

As a California resident, you have the right to:

• Right to Know: Request that we disclose the categories and specific pieces of personal information we have collected about you, the categories of sources, the business purposes for collection, and the categories of third parties with whom we share it.
• Right to Delete: Request that we delete the personal information we have collected about you, subject to certain exceptions (e.g., completing a transaction, detecting security incidents, complying with legal obligations).
• Right to Correct: Request that we correct inaccurate personal information we maintain about you.
• Right to Opt-Out of Sharing: Opt out of the sharing of your personal information for cross-context behavioral advertising purposes.
• Right to Limit Use of Sensitive Information: If we collect sensitive personal information, you have the right to limit our use to what is necessary to perform our services.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA/CPRA rights. You will not receive different pricing, quality of service, or access as a result of exercising your rights.

How to Submit a Request

You or your authorized agent may submit a verifiable consumer request by:

• Emailing us at sales@intelligentit.io
• Calling us at 1-833-721-7332

We will verify your identity before fulfilling any request by matching the information you provide against the information we have on file. We will respond to verifiable requests within 45 days, as required by law. If additional time is needed (up to 90 days total), we will notify you of the extension and the reason.

Authorized Agents

You may designate an authorized agent to submit a request on your behalf. We may require the agent to provide proof of written authorization and may separately verify your identity before fulfilling the request.

California "Shine the Light" Law

Under California Civil Code Section 1798.83, California residents may request information about our disclosure of personal information to third parties for their direct marketing purposes. As stated above, we do not disclose personal information to third parties for their direct marketing purposes.

11. Children's Privacy

Our website and services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child, we will take steps to delete it promptly.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will post the updated policy on this page with a revised "Last Updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Intelligent Group (Intelligent iT)

Midtown Manhattan, New York, NY

Email: sales@intelligentit.io

Phone: 1-833-721-7332