Privacy

What this website does

This site is a static collection of pages. There is no application, no account system, no comment system, no newsletter form, and no shopping cart. You read it; you leave; nothing follows you out.

What this website does not do

We do not set cookies. We do not run analytics. We do not load Google Analytics, Google Tag Manager, Facebook Pixel, Plausible, Fathom, Hotjar, or any other measurement script. We do not embed any third-party tracking widgets. We do not feed visitor data to ad networks, marketing platforms, AI training pipelines, or data brokers. We do not sell, rent, or share visitor information with anyone, for any purpose. The only exception that could ever change that is a valid court order — in which case we would comply with the order, tell the truth under oath, and notify the affected party to the extent the law permits. That's it. There is no other circumstance under which your information leaves this site.

You can verify this in your browser's developer tools. Open Network and reload the page. Every request goes to it-help.tech or its own subdomains. No third parties.

What our infrastructure sees

This site is served by Amazon CloudFront in front of an Amazon S3 bucket. For DDoS protection and access logging, CloudFront and S3 record standard request metadata — IP address, timestamp, requested path, user-agent string, response code. We do not query those logs for analytics, audience profiling, or marketing purposes. They exist to keep the site reachable and to investigate abuse if it occurs.

How we handle client data during engagements

Every IT firm runs on tools made by other companies — laptops, operating systems, cloud storage, encrypted password vaults, accounting software. The question worth asking isn't "do you use third-party tools" — every honest answer is yes. The questions worth asking are what is stored where, who can read it, and what are they allowed to do with it. Our answers:

• Personally identifying information (PII) is encrypted with keys only we hold. Passwords, credentials, payment information, account recovery keys, and other deeply sensitive material live in zero-knowledge encrypted vaults. The vault vendor's servers host the encrypted blobs; the vendor cannot decrypt them and has no way to read them. In nearly three decades, we have never had to tell a client that a tool we use was breached — because we deliberately choose tools with stronger security track records than the industry average, and we revisit that choice every time a new disclosure surfaces.
• Technical work product is worked on without client-identifying context. When a network configuration, a DNS issue, or a troubleshooting question goes into an AI assistant for analysis, the client's name and identifying details are not part of the question. The tools see "this is the network topology I need to debug," not "this belongs to so-and-so."
• Tools we use are configured to not train on customer data. Where a vendor offers an opt-out from model training, we take it. Where a vendor will not offer that opt-out, we don't use the tool for client work.
• No data goes to ad networks, marketing platforms, or data brokers. Ever.
• We don't share client data with vendors, marketers, or referral partners, and we accept no commissions, kickbacks, or affiliate fees. There is no commercial incentive to disclose anything.
• We do not speak with media or third parties about client matters. Not journalists. Not paparazzi. Not "industry analysts." Not anyone. Period.
• For sensitive legal work — eDiscovery, iMessage extractions for law firms, and similar — the work is done on-site, on your equipment, so the data never leaves your office. We document the workflow on first engagement and train your staff so future extractions can be done in-house.

Our track record

We have served high-profile and security-sensitive clients for over twenty-seven years. For long-standing clients, that includes holding credentials, payment information, and other deeply sensitive material under strong encryption that only we can decrypt. We have never had a breach. We have never had a leak. We have never spoken about a client to a journalist, a paparazzi, or any third party. That track record exists because of how the work is structured, and the same clients have referred us to other clients on the strength of it for nearly three decades. If anything were ever to change about that — a breach, a legal compulsion to disclose, a policy change — affected clients would be told directly, in writing, before any other communication.

What we record, and what we tell you about it

When you call our main line, the recorded greeting tells you: "All calls are transcribed by AI to help us provide better service." That's an audible consent notice. California Penal Code § 632 requires both parties to consent to the recording of confidential communications, and an audible notice on connect — combined with continuing the call — is how every California business handles this, from rideshare to banking. The transcript is used to keep accurate notes of what we discussed. It is not shared, not sold, and not used for marketing.

When we're on-site at your home or office, we sometimes use a meeting transcription tool (Fireflies.ai) so the technical decisions made in the room are documented and can be referred back to. We turn it on visibly and walk you through it before it starts. The transcript becomes part of the engagement record. If you'd rather we don't transcribe a particular visit or conversation, tell us and we don't.

Recommendations are independent

We don't sell products and we don't accept commissions, affiliate fees, or kickbacks. Recommendations are made on technical merit. You purchase hardware and software directly from the vendor at vendor pricing. See Rates & Billing for the full ethics statement.

Reporting a security issue

For vulnerability disclosures or security incidents involving systems we operate, see the Security Policy or email security@it-help.tech.

Contact

For questions about this policy or about how your data has been handled during an engagement, call (619) 853-5008 or use the contact methods on the Contact page.

This page describes the practices of IT Help San Diego Inc. for the website at it-help.tech. The DNS Tool web app at dnstool.it-help.tech has its own privacy disclosure at dnstool.it-help.tech/privacy.