Skip to content
Legal

Privacy Policy

How Athena IT, Inc. collects, uses, shares, and protects your personal information.

Effective: April 30, 2026 Last updated: April 30, 2026

Plain English summary. We collect the minimum information we need to run our website, respond to inquiries, and provide our managed IT and security services to clients. We do not sell your personal information. We honor data-subject rights from California, the EU/UK, and any other applicable jurisdiction. Where we act as a service provider for a client, that client owns their data — not us.

1. Who we are

This Privacy Policy describes how Athena IT, Inc. ("Athena IT," "we," "us," or "our"), located at 2261 Market St, STE 85291, San Francisco, CA 94114, processes personal information.

For privacy questions or to exercise your rights, contact [email protected] or write to the address above.

2. Scope

This Policy applies to:

  • Visitors to https://athenait.ai and our other web properties.
  • Prospects, leads, and contacts who interact with us through our forms, email, phone, or events.
  • Authorized representatives of our clients.
  • Job applicants who apply to roles at Athena IT.

It does not apply to personal information we process on behalf of our clients as their service provider or processor. That data is governed by our agreement with that client and their own privacy notices.

3. Information we collect

3.1 Information you provide

  • Identifiers: name, email, phone number, employer.
  • Commercial information: services you express interest in, headcount, industry.
  • Communications: messages you send us via forms, email, or chat.
  • Recruiting information: resume, work history, references (job applicants only).

3.2 Information collected automatically

  • Internet activity: IP address, browser, device, pages viewed, referring URL, dates and times.
  • Cookies and similar technologies: see our Cookie Policy.
  • Approximate location: derived from your IP address.

3.3 Information from third parties

  • Business contact databases (e.g., LinkedIn, ZoomInfo) for B2B prospecting.
  • Background-check providers (job applicants only, with consent).
  • Referrals from our clients or partners.

3.4 Sensitive information

We do not knowingly collect sensitive personal information from website visitors. Where applicable, certain HR processes (e.g., right-to-work checks) may collect categories of sensitive information from job applicants and employees, governed by separate notices.

4. How we use information

We use personal information to:

  • Operate, secure, and improve our website and services.
  • Respond to inquiries and provide quotes, demos, and proposals.
  • Provide managed IT, cybersecurity, and related services to clients.
  • Send service communications (e.g., outage notices, billing).
  • Send marketing communications (you can opt out anytime).
  • Comply with legal obligations and enforce our agreements.
  • Recruit and evaluate job applicants.
  • Detect, prevent, and respond to fraud or security incidents.

5. Legal bases (EU/UK/EEA)

Where the GDPR or UK GDPR applies, we rely on the following legal bases: (a) contract — to provide services you request; (b) legitimate interests — to operate our business, market our services, secure our environment; (c) consent — for non-essential cookies and certain marketing; (d) legal obligation — to comply with the law.

6. How we share information

We share personal information with:

  • Service providers who help us operate (e.g., hosting, analytics, CRM, email, payments). Each is bound by contract to use data only for our purposes.
  • Professional advisors (lawyers, auditors, insurers) under confidentiality.
  • Authorities when required by law or to protect rights, safety, and property.
  • In a business transfer (merger, acquisition, financing), subject to confidentiality and data protection commitments.

We do not sell personal information, and we do not "share" it for cross-context behavioral advertising as defined by California law.

7. Cookies and tracking

We use a small number of cookies for essential site functionality and aggregate analytics. See our Cookie Policy for details and how to opt out. We honor Global Privacy Control (GPC) signals where applicable.

8. Data retention

We retain personal information for as long as necessary for the purposes described here, unless a longer retention period is required by law or for our legitimate business interests (e.g., contract records, tax, audit).

9. Security

We maintain administrative, technical, and physical safeguards designed to protect personal information. Our environment is SOC 2 Type II audited and ISO 27001 aligned. No system is perfectly secure; we encourage you to use strong, unique passwords and to alert us to suspected security issues at [email protected].

10. International transfers

We are based in the United States with operational hubs in Ireland, India, and Singapore. Where we transfer personal information internationally, we use lawful transfer mechanisms (e.g., EU/UK Standard Contractual Clauses, the EU-US Data Privacy Framework) and appropriate safeguards.

11. Your rights

11.1 California (CCPA / CPRA)

If you are a California resident, you have the right to: (a) know what personal information we have collected about you; (b) request access to or a copy of that information; (c) request deletion; (d) request correction; (e) limit use of sensitive personal information; (f) opt out of sale or sharing (we do not sell or share); and (g) not receive discriminatory treatment for exercising these rights. See our CCPA / CPRA Notice for details and how to submit a verifiable consumer request.

11.2 Other US states

Residents of Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and other states with comprehensive privacy laws have similar access, deletion, correction, and opt-out rights. To exercise them, contact [email protected].

11.3 EU / UK / EEA

You have the right to access, correct, delete, restrict, port, and object to processing of your personal information, and to lodge a complaint with your supervisory authority. Where processing is based on consent, you may withdraw it at any time.

11.4 How to exercise your rights

Submit a request to [email protected] or write to us at the address above. We will respond within applicable legal timelines (typically 30–45 days). We may need to verify your identity before fulfilling certain requests.

12. Children's privacy

Our services are directed at businesses, not children. We do not knowingly collect personal information from anyone under 16. If you believe we have, contact us and we will delete it.

13. Do Not Track

We do not currently respond to Do Not Track browser signals. We do honor Global Privacy Control (GPC) where applicable.

14. Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version here with a new "Last updated" date. Material changes will be communicated by email or notice on the site.

15. Contact us

Athena IT, Inc.
2261 Market St, STE 85291
San Francisco, CA 94114
Email: [email protected]
Phone: (510) 224-4906