Legal

Privacy Policy

How we handle your information when you use our website or get in touch.

Effective date: March 13, 2026
Last updated: March 17, 2026

1. Who we are

Foreman IT Services LLC ("Foreman," "we," "us," or "our") is a technology consulting and managed services company based in San Diego, California. We operate the website at https://foremanits.com. This Privacy Policy describes how we collect, use, disclose, and protect personal information when you visit our website, submit information through our contact form, or otherwise interact with us.

This policy is provided in the interest of transparency and to comply with applicable privacy laws, including the California Consumer Privacy Act as amended by the California Privacy Rights Act (CCPA/CPRA), to the extent they apply to our business.

2. Information we collect

We collect the following categories of personal information:

A. Information you provide directly

When you use our contact form or otherwise reach out, you may provide:

  • Identifiers: Name, email address, phone number (optional)
  • Professional information: Company name, firm type, team size, job role
  • Service interests and needs: Technology challenges, areas of interest (e.g., managed IT, AI implementation, compliance, custom software), and any other details you share

B. Information collected automatically

When you visit our website, our hosting provider (Cloudflare) automatically collects certain technical and usage information:

  • Device and browser information: Browser type and version, operating system, device type (mobile or desktop), screen resolution, language preferences
  • Network information: IP address, internet service provider (ISP), autonomous system number (ASN), approximate geographic location (city, region, postal code, country, timezone), connection latency
  • Usage data: Pages visited, referring URL, date and time of visit
  • Security data: TLS/encryption details, connection protocol, and automated bot-detection signals used to protect our site from abuse

When you submit our contact form, the same technical information listed above is included alongside your submission so we can identify and prevent spam. This data is sent to our team via email and is subject to the same retention policy as contact submissions.

We use Google Analytics 4 (with Google Consent Mode v2) to measure aggregate site usage such as page views, scroll depth, and outbound clicks. Google Analytics uses first-party cookies (prefixed with _ga) to distinguish unique visitors. Analytics data is only collected when you consent via our cookie banner; if you decline or your browser sends a Global Privacy Control signal, no analytics cookies are set and no identifiable data is sent to Google. See Google's Privacy Policy. Our hosting provider (Cloudflare) also processes requests to deliver our site and provides aggregate analytics and security features.

C. Information we do not collect

We do not knowingly collect: Social Security numbers, financial account information, health or medical information, biometric data, precise geolocation (GPS), or any information classified as "sensitive personal information" under the CCPA/CPRA beyond what is listed above.

3. Sources of information

We collect personal information from two sources:

  • Directly from you: When you fill out our contact form, send us an email, or call us
  • Automatically from your device: Technical information collected by our hosting infrastructure when you visit our website

We do not purchase personal information from third parties or data brokers.

4. How we use your information

We use the information we collect for the following business purposes:

  • Responding to inquiries: To follow up on your contact form submission, answer questions, and provide the information or services you request
  • Business communications: To send relevant follow-up communications about our services (you can opt out at any time)
  • Website operation: To deliver, maintain, and secure our website
  • Security and fraud prevention: To detect and prevent spam, abuse, and unauthorized access using automated security features provided by our hosting platform
  • Improvement: To understand how visitors use our site so we can improve it

We do not use personal information for automated decision-making or profiling that produces legal or similarly significant effects on you.

5. How we share your information

We may disclose your personal information to the following categories of service providers, strictly for the business purposes described above:

  • Email delivery: Resend (to deliver form submissions to our team)
  • Hosting and security: Cloudflare (website hosting, CDN, and security)
  • Analytics: Google Analytics 4 (aggregate website usage measurement, only when you consent)
  • Domain and DNS: Infrastructure providers necessary to operate our website

These service providers process data on our behalf and are contractually prohibited from using your information for their own purposes.

We do not sell or share your personal information

We do not sell your personal information as defined under the CCPA/CPRA. We do not "share" your personal information for cross-context behavioral advertising. We have not sold or shared personal information in the preceding 12 months.

Other disclosures

We may disclose personal information if required to do so by law, regulation, legal process, or enforceable government request, or to protect the rights, property, or safety of our business, our users, or the public.

6. Data retention

We retain personal information only as long as reasonably necessary to fulfill the purposes described in this policy:

  • Contact form submissions: Retained in our email system for as long as needed to respond to your inquiry and for legitimate business follow-up, typically no longer than 24 months after last contact
  • Server logs and technical data: Retained by our hosting provider per their standard retention policies (generally 30 days or less for request logs)

When personal information is no longer needed, we delete or de-identify it.

7. Your privacy rights

Regardless of whether we meet the statutory thresholds for CCPA/CPRA compliance, we voluntarily honor the following privacy rights for all users:

  • Right to know: You may request the categories and specific pieces of personal information we have collected about you
  • Right to delete: You may request that we delete the personal information we hold about you, subject to certain legal exceptions
  • Right to correct: You may request correction of inaccurate personal information
  • Right to opt out of sale/sharing: We do not sell or share personal information, so there is nothing to opt out of. If this ever changes, we will provide an opt-out mechanism
  • Right to limit use of sensitive personal information: We do not collect sensitive personal information beyond what is necessary to provide our services
  • Right to non-discrimination: We will not discriminate against you for exercising any of these rights

How to exercise your rights

To submit a privacy request, contact us at:

We will acknowledge your request within 10 business days and respond within 45 calendar days. If we need additional time (up to an additional 45 days), we will notify you of the reason and extension period.

Verification

To protect your privacy, we will verify your identity before fulfilling a request. We will ask you to confirm information you previously provided to us (such as your name and email address). We will not require you to create an account to submit a request.

Authorized agents

You may designate an authorized agent to submit a request on your behalf. We may require the agent to provide proof of authorization (such as a signed written permission or power of attorney) and may separately verify your identity.

Global Privacy Control (GPC)

We honor the Global Privacy Control signal. If your browser sends a GPC signal, we treat it as a valid opt-out request under California law and will not set any non-essential cookies or collect non-essential data.

Other U.S. state privacy laws

Residents of states with comprehensive privacy laws (including Colorado, Connecticut, Virginia, Utah, Texas, Oregon, Montana, and others) may have similar rights to access, correct, and delete personal data, and to opt out of targeted advertising or sale of personal data. To exercise these rights, contact us using the methods listed above. We will respond within the timeframe required by your state's law.

8. Cookies and tracking technologies

Our website uses a limited number of cookies and similar technologies:

  • Essential/functional: Our hosting provider (Cloudflare) may set strictly necessary cookies for security purposes (bot detection, DDoS protection). Your cookie consent preference is stored in your browser's localStorage.
  • Google Fonts: We load typefaces from Google Fonts. Google may collect your IP address when serving font files. Google states that it does not use this data for profiling or targeted advertising. See Google Fonts privacy information and Google's Privacy Policy.
  • Map library (Leaflet via unpkg): Our service area map loads the open-source Leaflet library from unpkg.com CDN. Unpkg may log your IP address when serving files. See unpkg.
  • Map tiles (CARTO): Our service area map loads tiles from CARTO CDN. CARTO may log your IP address when serving map images. See CARTO's Privacy Policy.
  • Analytics (with consent): Google Analytics 4 sets first-party cookies (_ga, _ga_*) to distinguish unique visitors and measure engagement. These cookies are only set when you accept analytics via our cookie banner. See Google Analytics cookie usage and Google's Privacy Policy.

When you accept analytics via our cookie banner, Google Analytics sets first-party cookies (_ga, _ga_*) to measure site usage. These cookies expire after 2 years (or when you clear your browser data). If you decline or send a Global Privacy Control signal, no analytics cookies are set.

We do not use advertising pixels, remarketing services, or social-media tracking pixels. We do not participate in cross-site tracking, ad networks, or data brokers.

9. Children's privacy

Our website and services are not directed at individuals under the age of 16. We do not knowingly collect personal information from children. If we learn that we have collected personal information from a child under 16, we will delete it promptly. If you believe we have collected information from a child, please contact us immediately at hello@foremanits.com.

10. Security

We implement reasonable administrative, technical, and physical safeguards to protect personal information, including:

  • Encrypted data transmission (TLS/HTTPS) for all website traffic and form submissions
  • Access controls limiting who within our organization can view submitted information
  • Security monitoring and DDoS protection via our hosting provider

No method of electronic transmission or storage is completely secure. While we strive to protect your personal information, we cannot guarantee absolute security.

11. Do-not-track and opt-out signals

We honor the Global Privacy Control (GPC) browser signal as a valid opt-out request under California law. Our website does not currently respond to the older "Do Not Track" (DNT) browser signal because there is no uniform standard for how to respond to it. However, as described above, we do not engage in cross-site tracking regardless of signal.

12. Changes to this policy

We may update this Privacy Policy from time to time. When we make material changes, we will update the "Last updated" date at the top of this page. We encourage you to review this page periodically. Your continued use of our website after changes are posted constitutes acceptance of the updated policy.

13. Contact us

If you have questions about this Privacy Policy, our privacy practices, or wish to exercise your privacy rights, contact us at:

Foreman IT Services LLC
630 1st Ave #403
San Diego, CA 92101
Email: hello@foremanits.com
Phone: (619) 616-2743