Privacy Policy - Xonicwave | IT Support, IT Services & Cybersecurity

INTRODUCTION

Xonicwave ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website xonicwave.com (the "Website") or use our managed IT services and cybersecurity solutions (the "Services").

Please read this Privacy Policy carefully. By accessing or using the Website or Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access the Website or use our Services.

1. INFORMATION WE COLLECT

We collect information about you in various ways when you use our Website and Services:

1.1 Information You Provide Directly

Contact Information: Name, email address, phone number, business name, mailing address, and job title when you submit contact forms, request information, or sign up for our Services
Account Information: Username, password, and account preferences when you create an account
Communication Information: Content of communications when you contact us via email, phone, or through our Website
Service Request Information: Details about your IT infrastructure, business needs, security requirements, and technical specifications when requesting quotes or consultations
Payment Information: Billing address and payment method information (note: credit card information is processed by our third-party payment processor and is not stored on our servers)
Feedback and Survey Responses: Information you provide in surveys, testimonials, or feedback forms

1.2 Information Collected Automatically

When you visit our Website, we automatically collect certain information about your device and usage:

Device Information: IP address, browser type and version, operating system, device identifiers, and mobile network information
Usage Information: Pages visited, time and date of visits, time spent on pages, links clicked, referring website addresses, and search terms used
Location Information: General geographic location based on IP address
Cookies and Tracking Technologies: We use cookies, web beacons, pixels, and similar technologies to collect information about your browsing activities (see Section 8 for details)

1.3 Information from Third Parties

We may receive information about you from third parties, including:

Business partners and referral sources who recommend our Services
Marketing and analytics providers who help us understand our audience
Social media platforms when you interact with our content
Publicly available sources such as business directories and professional networking sites
Service providers who assist us in delivering our Services

1.4 Information Collected During Service Delivery

When you engage our managed IT services and cybersecurity solutions, we collect:

System Information: Details about your IT infrastructure, network configuration, hardware, software, and security posture
Security Logs: Security event logs, threat detection data, vulnerability assessments, and incident response information
Performance Metrics: System performance data, uptime statistics, and service quality metrics
Support Information: Help desk tickets, support communications, and technical troubleshooting details

2. HOW WE USE YOUR INFORMATION

We use the information we collect for the following purposes:

2.1 Service Delivery and Management

Providing, operating, and maintaining our managed IT services and cybersecurity solutions
Monitoring and securing your IT infrastructure
Detecting, preventing, and responding to security threats and incidents
Performing system backups, disaster recovery, and business continuity services
Providing technical support and customer service
Managing user accounts and access controls

2.2 Communication

Responding to your inquiries, comments, and requests
Sending service-related notifications, updates, and alerts
Providing information about our Services that may interest you
Conducting customer satisfaction surveys and gathering feedback
Notifying you of changes to our Services, policies, or terms

2.3 Business Operations

Processing payments and maintaining billing records
Analyzing usage patterns to improve our Website and Services
Conducting internal research and development
Complying with legal obligations and industry regulations
Enforcing our Terms of Service and other agreements
Protecting against fraud, security threats, and illegal activity

2.4 Marketing and Advertising

Sending promotional communications about new services, special offers, and updates (with your consent where required)
Displaying targeted advertisements on third-party websites
Measuring the effectiveness of our marketing campaigns
Personalizing your experience on our Website

You may opt out of receiving marketing communications at any time by following the unsubscribe instructions in our emails or contacting us directly.

3. HOW WE SHARE YOUR INFORMATION

We do not sell your personal information to third parties. We may share your information in the following circumstances:

3.1 Service Providers and Business Partners

We share information with third-party vendors, consultants, and service providers who perform services on our behalf, including:

Cloud infrastructure providers (Microsoft Azure, AWS)
Payment processors and financial institutions
Email service providers and communication platforms
Analytics and marketing platforms
Customer relationship management (CRM) systems
Security and monitoring tools

These service providers are contractually obligated to use your information only as necessary to provide services to us and are required to maintain appropriate security measures.

3.2 Business Transfers

If we are involved in a merger, acquisition, asset sale, or bankruptcy proceeding, your information may be transferred as part of that transaction. We will notify you via email and/or prominent notice on our Website of any change in ownership or use of your personal information.

3.3 Legal Requirements and Protection

We may disclose your information when we believe disclosure is necessary to:

Comply with applicable laws, regulations, legal processes, or governmental requests
Enforce our Terms of Service, Privacy Policy, or other agreements
Protect the rights, property, or safety of Xonicwave, our clients, or the public
Detect, prevent, or address fraud, security issues, or technical problems
Respond to claims of violation of the rights of third parties

3.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

3.5 Aggregate and De-identified Information

We may share aggregated or de-identified information that cannot reasonably be used to identify you for research, marketing, analytics, or other purposes.

4. DATA SECURITY

We implement appropriate technical and organizational security measures designed to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

Encryption of data in transit using TLS/SSL protocols
Encryption of data at rest using industry-standard encryption algorithms
Multi-factor authentication for administrative access
Regular security assessments and vulnerability scanning
Intrusion detection and prevention systems
Secure backup and disaster recovery procedures
Employee training on data security and privacy practices
Limited access to personal information on a need-to-know basis
Security incident response and notification procedures

However, no method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security.

If we become aware of a data breach that affects your personal information, we will notify you in accordance with applicable law and take appropriate steps to mitigate harm.

5. DATA RETENTION

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law.

Our retention periods vary depending on the type of information and purpose:

Contact and inquiry information: Retained for up to 3 years after last contact or until you request deletion
Customer account information: Retained for the duration of the service relationship plus 7 years for business and legal compliance purposes
Service delivery data: Retained according to contractual obligations and regulatory requirements (typically 7 years)
Security logs and incident data: Retained for 3-7 years depending on regulatory requirements
Marketing communications data: Retained until you unsubscribe or request deletion
Payment and billing records: Retained for 7 years for tax and accounting purposes
Website usage data: Retained for 12-36 months depending on the type of analytics

When we no longer need your personal information, we will securely delete or anonymize it in accordance with our data retention and disposal policies.

6. YOUR PRIVACY RIGHTS

Depending on your location, you may have certain rights regarding your personal information:

6.1 Access and Portability

You have the right to request access to the personal information we hold about you and to receive a copy of that information in a structured, commonly used, and machine-readable format.

6.2 Correction and Update

You have the right to request that we correct or update inaccurate or incomplete personal information.

6.3 Deletion

You have the right to request deletion of your personal information, subject to certain exceptions (such as legal obligations, ongoing services, or legitimate business interests).

6.4 Restriction and Objection

You have the right to request that we restrict processing of your personal information or to object to certain types of processing, such as direct marketing.

6.5 Withdraw Consent

Where we rely on your consent to process personal information, you have the right to withdraw that consent at any time.

6.6 Opt-Out of Marketing

You have the right to opt out of receiving marketing communications from us by following the unsubscribe instructions in our emails or contacting us directly.

6.7 California Privacy Rights

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

Right to know what personal information is collected, used, shared, or sold
Right to delete personal information (subject to exceptions)
Right to opt-out of the sale of personal information (note: we do not sell personal information)
Right to non-discrimination for exercising your privacy rights

6.8 Exercising Your Rights

To exercise any of these rights, please contact us using the information in Section 13. We will respond to your request within the timeframes required by applicable law (typically 30-45 days). We may require verification of your identity before fulfilling your request.

7. CHILDREN'S PRIVACY

Our Website and Services are not intended for children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18 without parental consent, we will take steps to delete that information as quickly as possible.

If you believe we may have collected information from a child under 18, please contact us immediately using the information in Section 13.

8. COOKIES AND TRACKING TECHNOLOGIES

8.1 What Are Cookies?

Cookies are small text files stored on your device when you visit websites. We use cookies and similar tracking technologies (web beacons, pixels, tags) to collect information about your browsing activities and preferences.

8.2 Types of Cookies We Use

Essential Cookies: Necessary for the Website to function properly (e.g., session management, security)
Performance Cookies: Collect information about how visitors use our Website (e.g., Google Analytics)
Functionality Cookies: Remember your preferences and personalize your experience
Targeting/Advertising Cookies: Track your browsing habits to deliver relevant advertisements

8.3 Third-Party Cookies

We use third-party services that may set cookies on your device:

Google Analytics for website analytics
Google Ads for advertising and remarketing
LinkedIn Insights for professional audience analytics
Facebook Pixel for social media advertising
HubSpot or similar CRM platforms for marketing automation

8.4 Managing Cookies

Most web browsers allow you to control cookies through settings. You can:

Block all cookies
Accept only first-party cookies
Delete cookies after browsing sessions
Receive notifications when cookies are set

Please note that disabling cookies may affect the functionality of our Website. For more information about managing cookies, visit www.allaboutcookies.org.

8.5 Do Not Track Signals

Some browsers transmit "Do Not Track" (DNT) signals. Our Website does not currently respond to DNT signals due to lack of industry standards for compliance.

9. THIRD-PARTY WEBSITES AND SERVICES

Our Website may contain links to third-party websites, services, or applications that are not operated by us. This Privacy Policy does not apply to third-party websites or services.

We are not responsible for the privacy practices or content of third-party websites. We encourage you to review the privacy policies of any third-party websites or services before providing them with your information.

10. INTERNATIONAL DATA TRANSFERS

Xonicwave is based in Southern California, United States. If you are accessing our Website or Services from outside the United States, please be aware that your information may be transferred to, stored, and processed in the United States or other countries where our service providers operate.

These countries may have data protection laws that differ from those in your country. By using our Website or Services, you consent to the transfer of your information to the United States and other countries.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland, we implement appropriate safeguards for international data transfers, such as Standard Contractual Clauses approved by the European Commission.

11. CHANGES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or for other operational reasons. We will notify you of any material changes by:

Posting the updated Privacy Policy on our Website with a new "Last Updated" date
Sending an email notification to the address associated with your account (for material changes)
Displaying a prominent notice on our Website

Your continued use of our Website or Services after changes become effective constitutes acceptance of the updated Privacy Policy. We encourage you to review this Privacy Policy periodically.

12. ADDITIONAL INFORMATION FOR SPECIFIC JURISDICTIONS

12.1 California Residents (CCPA/CPRA)

In addition to the rights described in Section 6, California residents have specific rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).

Categories of Personal Information Collected (last 12 months):

Identifiers (name, email, phone, IP address)
Commercial information (purchase history, service interactions)
Internet activity (browsing history, website interactions)
Professional information (company name, job title)
Geolocation data (general location from IP address)

Business or Commercial Purposes for Collection:

Providing and improving Services
Customer support and communication
Marketing and advertising
Security and fraud prevention
Legal compliance

Categories of Third Parties with Whom We Share Information:

Service providers and contractors
Business partners (with consent)
Legal and regulatory authorities (when required)

We do not sell personal information or share it for cross-context behavioral advertising.

12.2 European Economic Area (EEA), United Kingdom, and Switzerland

For users in the EEA, UK, or Switzerland, we process personal data in accordance with the General Data Protection Regulation (GDPR) and equivalent UK/Swiss laws.

Legal Bases for Processing:

Consent: When you have given explicit consent
Contract: When necessary to perform our Services
Legitimate Interests: For business operations, security, and improvements
Legal Obligation: When required by law

You have additional rights under GDPR, including the right to lodge a complaint with your local supervisory authority.

12.3 Nevada Residents

Nevada residents have the right to opt-out of the sale of certain covered information. We do not sell covered information as defined under Nevada law. If you have questions, please contact us using the information in Section 13.

13. CONTACT US

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

Xonicwave
Attn: Privacy Officer
3111 Camino del Rio North Suite 400
San Diego, CA 92108
Email: privacy@xonicwave.com
Phone: 866-844-9283

For California residents exercising CCPA rights:
Email: ccpa@xonicwave.com

We will respond to your inquiry within a reasonable timeframe, typically within 30 days for general inquiries and within the timeframes required by applicable law for formal privacy rights requests.

14. DATA PROTECTION OFFICER

For users in the European Economic Area, United Kingdom, or Switzerland, you may contact our Data Protection Officer:

Data Protection Officer
Xonicwave
Email: dpo@xonicwave.com

ACKNOWLEDGMENT

By using our Website or Services, you acknowledge that you have read and understood this Privacy Policy and agree to its terms.

Last Updated: December 22, 2025
Version: 1.0