Privacy Policy

1. Information We Collect

We collect information you provide directly to us and information automatically collected when you use our services.

Information You Provide

• Account Information: Name, email address, and password when you create a member portal account.
• Contact Information: Name, email, phone number, and company name when you contact us or request services.
• Service Information: Business details, IT infrastructure descriptions, and technical information you share during support sessions.
• Payment Information: Billing details processed through our secure payment provider (Stripe). We do not store credit card numbers on our servers.

Information Automatically Collected

• Usage Data: Pages visited, time spent on pages, and navigation patterns using privacy-first analytics (Plausible). No cookies or personal identifiers are tracked.
• Device Information: Browser type, operating system, and IP address for security and troubleshooting purposes.
• Remote Support Data: Session logs and screen sharing activity during Zoho Assist support sessions. Sessions are encrypted end-to-end and recordings are deleted after 30 days.

2. How We Use Your Information

• Provide, maintain, and improve our IT services and support
• Process transactions and send related information including confirmations and invoices
• Respond to your comments, questions, and support requests
• Send technical notices, updates, security alerts, and administrative messages
• Monitor and analyze trends, usage, and activities in connection with our services
• Detect, investigate, and prevent fraudulent transactions and abuse
• Facilitate contests, promotions, and surveys
• Personalize and improve your experience with our services

3. Information Sharing

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: With third-party vendors who perform services on our behalf (e.g., payment processing via Stripe, remote support via Zoho Assist, hosting via Netlify, authentication via Supabase). These providers are contractually obligated to protect your data.
• Legal Requirements: If required by law, subpoena, or government request, or to protect the rights, property, or safety of CCfamily Communications, our clients, or others.
• Business Transfers: In connection with any merger, acquisition, or sale of company assets, your information may be transferred as part of that transaction.
• With Your Consent: When you have given us explicit permission to share your information.

4. Data Security

We implement industry-standard security measures to protect your information:

• End-to-end encryption for all remote support sessions (Zoho Assist)
• SSL/TLS encryption for all website traffic (HTTPS)
• Row Level Security (RLS) on our database (Supabase)
• PCI-compliant payment processing via Stripe
• Regular security audits and vulnerability assessments
• Access controls limiting employee access to client data on a need-to-know basis

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security.

5. Data Retention

• Account Data: Retained while your account is active and for 30 days after deletion requests.
• Support Session Logs: Deleted after 30 days.
• Analytics Data: Plausible analytics are aggregated and anonymized — no individual user data is stored.
• Billing Records: Retained for 7 years as required by tax and accounting regulations.

6. Cookies and Tracking

We use privacy-first analytics (Plausible) that does not use cookies and does not track individual users across sessions. We do not use advertising trackers, retargeting pixels, or third-party tracking scripts.

We may use essential cookies for portal authentication (login session) only. These are strictly necessary for the portal to function and cannot be disabled.

7. Your Rights

You have the right to:

• Access: Request a copy of the personal information we hold about you.
• Correction: Request correction of inaccurate or incomplete information.
• Deletion: Request deletion of your personal information, subject to legal retention requirements.
• Portability: Request your data in a machine-readable format.
• Opt-Out: Unsubscribe from marketing communications at any time.

To exercise any of these rights, contact us at support@ccfamily.com or call (510) 274-1655.

8. Children's Privacy

Our services are not directed to children under 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected information from a child under 13, we will take steps to delete such information promptly.

9. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to request deletion of personal information
• Right to opt out of the sale of personal information (we do not sell personal information)
• Right to non-discrimination for exercising your privacy rights

10. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our services after changes constitutes acceptance of the updated policy.

11. Contact Us

If you have questions about this privacy policy or our data practices, please contact us:

• Email: support@ccfamily.com
• Phone: (510) 274-1655
• Company: CCfamily Communications
• Location: Hayward, CA