Privacy Policy

Core IT Services is committed to protecting the privacy, security, and confidentiality of the personal information we handle. This Privacy Policy explains how we collect, use, store, and protect information when providing managed IT services, support, and related solutions to our clients.

1. Information We Collect

We may collect the following types of information:

1.1 Personal Information

• Names, email addresses, phone numbers, and job titles

• Login credentials or authentication details (where required for service delivery)

• Billing and account information

1.2 Technical & System Information

• Device identifiers, IP addresses, and network logs

• System performance data and diagnostic information

• Security event logs and monitoring data

1.3 Client Data

As an MSP, we may access or process data stored on client systems strictly for the purpose of delivering contracted services. This may include:

• Files, databases, and application data

• Backup data

• System configurations and infrastructure information

We do not access client data unless required for support, maintenance, monitoring, or security purposes.

2. How We Use Information

We use collected information to:

• Deliver managed IT services and technical support

• Monitor, maintain, and secure client systems

• Improve service performance and reliability

• Communicate about service updates, incidents, or scheduled maintenance

• Meet legal, regulatory, or contractual obligations

• Manage billing, invoicing, and account administration

We do not sell or trade personal information.

3. Information Sharing

We may share information only in the following circumstances:

3.1 Service Providers & Partners

With trusted third‑party vendors who assist in delivering our services (e.g., cloud providers, security vendors, backup platforms). These parties are bound by confidentiality and data‑protection obligations.

3.2 Legal Requirements

If required by law, regulation, court order, or government authority.

3.3 Client Authorisation

When a client explicitly requests or authorises us to share information.

4. Data Security

We take data protection seriously and implement industry‑standard security measures, including:

• Encryption of data in transit and at rest (where applicable)

• Multi‑factor authentication and access controls

• Network monitoring and threat detection

• Regular security audits and patching

• Staff confidentiality agreements and security training

Despite our efforts, no system is completely immune to risk, but we work continuously to minimise threats.

5. Data Retention

We retain information only for as long as necessary to:

• Provide services

• Meet legal or contractual obligations

• Resolve disputes

• Maintain accurate business records

Backup data and logs may be retained according to client agreements or regulatory requirements.

6. Your Rights

Depending on your jurisdiction, you may have rights to:

• Access your personal information

• Request corrections or updates

• Request deletion (where legally permissible)

• Restrict or object to certain processing

• Request a copy of your data

Requests can be made using the contact details below.

7. Cookies & Website Data

If you use our website, we may collect:

• Basic analytics data

• Cookies for functionality and performance

• Form submissions (e.g., contact forms)

You can manage cookie preferences through your browser settings.

8. Third‑Party Services

Our services may integrate with third‑party platforms. We are not responsible for the privacy practices of external providers. We encourage clients to review their policies.

9. Changes to This Policy

We may update this Privacy Policy from time to time. Any changes will be posted on our website with an updated revision date.

10. Contact Us

If you have questions about this Privacy Policy or how we handle data, please contact:

Core IT Services Email: support@coreitservices.co.nz