This Privacy Policy describes how Helix I.T.C.S. ("Helix I.T.C.S.", "we", "us", or "our") collects, uses, and shares information about you when you visit helixitcs.com or contact us through our website. We are committed to protecting your privacy and complying with applicable data protection laws, including the GDPR and CCPA.
We collect information you provide directly to us and information collected automatically when you use our website.
When you submit our contact form, we collect: your full name, email address, phone number (optional), company name (optional), the service you are interested in, and your message. This information is used solely to respond to your inquiry and provide the services you request.
When you visit our website, we may automatically collect certain technical information, including: your IP address, browser type and version, operating system, referring URL, pages viewed, and the date and time of your visit. This information is collected through server logs and, if you consent, through analytics cookies.
We use the following categories of cookies:
| Category | Purpose | Legal Basis |
|---|---|---|
| Strictly Necessary | Session management, security, and core site functionality. These cannot be disabled. | Legitimate Interest |
| Analytics | Aggregate, anonymized traffic analysis to improve site performance (only with your consent). | Consent |
| Preferences | Remembering your cookie consent choice. | Legitimate Interest |
You may withdraw your consent to analytics cookies at any time by clearing your browser's localStorage or by contacting us.
We use the information we collect for the following purposes:
| Purpose | Legal Basis (GDPR) |
|---|---|
| Responding to contact form inquiries and providing requested services | Contract / Legitimate Interest |
| Sending operational notifications related to your inquiry | Legitimate Interest |
| Improving website performance and user experience (with consent) | Consent |
| Complying with legal obligations | Legal Obligation |
| Detecting and preventing fraud, spam, and security threats | Legitimate Interest |
We do not sell, rent, or trade your personal information to third parties for marketing purposes.
We do not sell your personal data. We may share your information only in the following limited circumstances:
Service Providers: We use trusted third-party service providers to operate our website and deliver services (e.g., email delivery, hosting infrastructure). These providers are contractually bound to process your data only on our instructions and in accordance with applicable law.
Legal Requirements: We may disclose your information if required to do so by law or in response to valid legal process (e.g., a court order or government request).
Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or a prominent notice on our website before your information is transferred.
We retain contact form submissions and associated personal data for a maximum of 24 months from the date of submission, unless a longer retention period is required by law or necessary to fulfill an ongoing service relationship. After this period, your data is securely deleted or anonymized.
Analytics data (if consented) is retained in aggregate, anonymized form and does not identify individual users.
If you are located in the European Economic Area or United Kingdom, you have the following rights under the General Data Protection Regulation (GDPR):
| Right | Description |
|---|---|
| Right of Access | Request a copy of the personal data we hold about you. |
| Right to Rectification | Request correction of inaccurate or incomplete data. |
| Right to Erasure | Request deletion of your personal data ('right to be forgotten'). |
| Right to Restriction | Request that we limit how we process your data. |
| Right to Data Portability | Receive your data in a structured, machine-readable format. |
| Right to Object | Object to processing based on legitimate interests or for direct marketing. |
| Right to Withdraw Consent | Withdraw consent at any time where processing is based on consent. |
If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA):
| Right | Description |
|---|---|
| Right to Know | Request disclosure of the categories and specific pieces of personal information we have collected about you. |
| Right to Delete | Request deletion of your personal information, subject to certain exceptions. |
| Right to Opt-Out of Sale | We do not sell personal information. No opt-out is required. |
| Right to Non-Discrimination | We will not discriminate against you for exercising your CCPA rights. |
To exercise any of these rights, please contact us using the details in Section 9. We will respond to verified requests within 30 days (GDPR) or 45 days (CCPA).
We implement industry-standard technical and organizational security measures to protect your personal information against unauthorized access, disclosure, alteration, or destruction. These measures include:
Transport Layer Security (TLS 1.2+) for all data in transit; HTTP Strict Transport Security (HSTS) with preload; Content Security Policy (CSP) headers; server-side input sanitization and output encoding; rate limiting and anti-spam controls on all form endpoints; and access controls limiting data access to authorized personnel only.
However, no method of transmission over the internet or electronic storage is 100% secure. We cannot guarantee absolute security, but we are committed to promptly notifying affected individuals and relevant authorities in the event of a data breach, as required by applicable law.
Our website may contain links to third-party websites. This Privacy Policy does not apply to those websites. We encourage you to review the privacy policies of any third-party sites you visit. We are not responsible for the content or privacy practices of third-party websites.
Our website and services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have inadvertently collected such information, please contact us immediately and we will take steps to delete it.
If you have questions about this Privacy Policy, wish to exercise your privacy rights, or want to submit a data deletion request, please contact our Privacy Officer:
We will acknowledge receipt of your request within 5 business days and complete our response within the timeframes required by applicable law.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or by placing a prominent notice on our website.
Your continued use of our website after any changes constitutes your acceptance of the updated Privacy Policy. We encourage you to review this page periodically.