Privacy Policy & Data Governance

Rev. 2026-01-27 | AvanteTec Corporation Internal Policy

1. Introduction

AvanteTec Corporation (“AvanteTec,” “we,” “us,” or “our”) operates as a Managed Service Provider (MSP) and Cybersecurity consultancy. We are committed to protecting the privacy and security of our clients’ data. This Privacy Policy describes how we collect, use, and protect information across our website (www.avantetec.com), our client portal, and our managed services infrastructure.

2. Security Standards & Governance

AvanteTec provides services led by a CMMC Registered Practitioner (RP). While we assist clients in navigating complex regulatory frameworks, our internal data handling is governed by industry-standard security best practices designed to protect Business Identifiable Information (BII) and Personal Information (PI) in accordance with:

  • CPRA/CCPA: California Privacy Rights Act.
  • CalOPPA: California Online Privacy Protection Act.
  • Secure Lifecycle Management: Standardized internal protocols for data handling and system access.

3. Information We Collect

3.1 Client & Prospect Data

We collect personally identifiable information (PII) voluntarily provided via our contact forms, including names, business email addresses, and phone numbers. This information is utilized solely for business communication and service delivery.

3.2 Technical & Derivative Data

Our servers automatically collect "Derivative Data" such as IP addresses, browser types, and access times. This data is used for security monitoring, threat detection, and optimizing website performance.

4. Use of Information

AvanteTec processes data strictly for the following purposes:

  • Service Delivery: Managing IT support, cybersecurity monitoring, and BCDR services.
  • Security Operations: Investigating potential security incidents and maintaining the integrity of our Managed Platforms.
  • Client Communication: Providing updates on service tickets, security alerts, and compliance-related advisory.

5. Data Sharing & Subprocessors

AvanteTec does not sell, rent, or trade client data to third parties. We may disclose information to authorized subprocessors (such as our SOC partner or Helpdesk platform) only as required to perform our contractual duties. We select vendors based on their ability to maintain high levels of data security and confidentiality.

6. Data Security Measures

We implement a defense-in-depth approach to protect the data in our custody. Current measures include:

  • Encryption: Utilization of HTTPS/TLS for data in transit and industry-standard encryption for data at rest.
  • Access Control: Multi-Factor Authentication (MFA) and Principle of Least Privilege (PoLP) for all internal administrative access.
  • Auditing: Regular review of system logs to identify and mitigate potential vulnerabilities.

7. California Privacy Rights (CPRA)

California residents have the right to request access to their personal data, request deletion, and request correction of inaccurate data. To exercise these rights, please contact [email protected] with the subject line "CPRA Request."

8. Changes to this Policy

AvanteTec reserves the right to update this Privacy Policy at any time. Material changes will be communicated via our Client Portal or by updating the "Revision Date" at the top of this document.

Privacy & Compliance Contact

AvanteTec Corporation
11995 Bernardo Plaza Drive, Suite 101
San Diego, California 92128
Email: [email protected]
Phone: (858) 771‑6100