Privacy Policy

Effective Date: January, 2025

Last Updated: June 17, 2026

YesTechie Corp ("YesTechie," "we," "us," or "our") is a California corporation with its principal place of business at 14701 Arminta St, Unit A, Panorama City, CA 91402, USA. We operate the website at https://yestechie.com (the "Site"), related subdomains including api.yestechie.com and gits.yestechie.com (the "Platform"), and provide IT services, low-voltage contracting, physical security systems (including access control, video surveillance with license plate recognition/LPR and AI-powered detection), networking solutions (including Ubiquiti UniFi deployments), and related technology platforms and software, including our edge AI-powered security and management platform (collectively, the "Services").

This Privacy Policy explains how we collect, use, disclose, retain, and safeguard personal information when you visit our Site, use our Platform, request or receive our Services, or otherwise interact with us. It also describes your privacy rights and choices.

We are committed to responsible data handling through transparency, data minimization, and purpose limitation. We use and share personal information only as necessary to deliver the Services you request, to operate and improve our business in support of those Services, as disclosed in this Policy, or with your consent. We do not sell personal information or share it for cross-context behavioral advertising.

By accessing or using the Site, Platform, or Services, you acknowledge that you have read and understood this Privacy Policy.

1. Categories of Personal Information We Collect

We collect personal information in the following categories, depending on your interactions with us:

Identifiers and Contact Information — Name, email address, phone number, company/organization name, job title, business or project address, and unique identifiers (e.g., IP address, device IDs, usernames).

Account and Authentication Data — Platform account credentials (hashed), multi-factor authentication details, session information, API keys, and integration tokens.

Financial and Transaction Information — Billing address, payment details (processed by PCI-DSS compliant third-party processors; we do not store full credit card numbers), invoice and subscription history.

Service and Project Information — Details provided in quote requests, proposals, contracts, support tickets, or onboarding (e.g., existing infrastructure details, network configurations, security requirements, site information).

Client Service / Operational Data (processed on behalf of clients) — Video footage, images, and metadata from cameras (including LPR and AI detection of people, vehicles, or objects); access control events, logs, badge/credential data, and visitor information; network performance metrics, device logs, and telemetry from deployed systems. This data is processed primarily at the edge or on-premises where technically feasible, with only necessary metadata, alerts, or aggregated insights transmitted to our management Platform according to your configuration and agreements.

Usage, Technical, and Device Data — Browser type/version, operating system, device type, referring and exit pages, pages viewed, time spent, clickstream data, error logs, and interactions with Site or Platform features.

Location Data — Approximate location from IP address (precise location only if you explicitly enable it for a specific feature, which is uncommon).

Communications Data — Content of emails, support requests, forms, or other communications with us.

Inferred or Derived Data — Preferences, usage patterns, or analytics insights (aggregated or de-identified where feasible).

We collect this information directly from you (via forms, emails, contracts, Platform registration and use), automatically via cookies, server logs, pixels, and similar technologies, and from third parties or integrations you authorize (e.g., Ubiquiti systems or Google Workspace).

We limit the collection of sensitive personal information (as defined under CPRA, such as precise geolocation, certain biometric data used for identification, or contents of private communications) to what is strictly necessary for the Services. Our AI detection focuses on objects, vehicles, and general presence rather than individual biometric identification unless explicitly configured and agreed upon with the client.

2. How We Use Personal Information

We use personal information only for purposes consistent with those disclosed at the time of collection and this Policy, applying data minimization and purpose limitation:

To provide, operate, secure, maintain, and improve the Site, Platform, and Services (including fulfilling quotes and contracts, performing installations and configurations, delivering AI-powered detections and alerts, remote management, billing, support, and troubleshooting).
To communicate with you about your projects, account, service updates, security alerts, invoices, and inquiries (transactional communications and, where permitted or with consent, marketing with easy opt-out).
To authenticate users, manage Platform access and permissions, and protect the security and integrity of our systems and client deployments.
To process payments and prevent fraud or abuse.
To analyze usage and performance for improvement (preferring aggregated or de-identified data).
To develop and enhance our technology and Services, including AI capabilities. We do not use Client Service Data, video footage, detection events, access logs, or other personal information from client deployments to train or improve AI models without your explicit, informed consent and appropriate safeguards. Improvements rely on internal testing, public/synthetic data, or aggregated anonymized insights where permitted.
To comply with legal obligations, enforce agreements, protect rights and safety, and respond to lawful requests.
For internal operations such as record-keeping, audits, quality assurance, and (using de-identified data) training or business evaluation.

We will not use your information for incompatible purposes without providing notice and obtaining any required consent.

3. Sharing and Disclosure of Personal Information

We do not sell your personal information. We do not share it for cross-context behavioral advertising. We share it only in these limited circumstances with appropriate protections:

Service Providers and Subprocessors — Trusted vendors who assist us, under contracts requiring them to use data only for our specified purposes, maintain security, and comply with privacy laws. Examples include:

Cloud infrastructure and hosting: Google Cloud Platform (GCP).
Payment processing: PCI-DSS compliant providers (e.g., Quickbooks or equivalent).
Productivity and email: Google Workspace and transactional email services.
Analytics and performance tools (e.g., Google Analytics with available privacy controls).
Professional advisors (legal, accounting, insurance) under confidentiality.
Vetted installation, maintenance, and technical subcontractors (bound by confidentiality and data protection agreements; access limited to need-to-know basis).

With Your Consent or at Your Direction — When you explicitly authorize sharing (e.g., Platform integrations you choose).

Business Transfers — In mergers, acquisitions, reorganizations, financing, or asset sales, subject to confidentiality and successor obligations to honor this Policy (or provide updated notice).

Legal and Protection Reasons — When required by law, regulation, court order, or valid legal process; to enforce agreements; to investigate/prevent fraud, security incidents, or illegal activity; or to protect rights, property, or safety. We provide notice where legally permitted.

Aggregated or De-identified Data — For research, improvement, or benchmarking (cannot reasonably identify individuals).

Client Service Data Specifically — When processing surveillance, access control, network, or operational data on behalf of clients (as a service provider/processor), we share only with client-authorized personnel or our subcontractors strictly for performing the contracted Services, on a need-to-know basis, and per your written agreements or instructions. We do not use this data for our own marketing or unrelated purposes. Upon termination or request, we return or securely delete it per the agreement (subject to any legal retention we disclose).

Custom AI and Operational Data. YesTechie installs and configures high-performance physical security systems, which may include edge-AI capabilities such as License Plate Recognition (LPR) or advanced object detection. By default, YesTechie retains only the baseline account information necessary to maintain service. Any advanced processing, retention schedules, or secure hosting of video feeds, LPR logs, or operational metadata via our Platform is not a default configuration and is governed exclusively by a tailored, project-specific written Service Agreement or Data Processing Addendum (DPA) executed directly with that specific Client. All such deployment-specific data practices are managed on a private, case-by-case basis under strict contractual confidentiality.

4. Your Rights and Choices

You have rights regarding your personal information, subject to verification and legal exceptions. We honor them without discrimination.

California Residents (CCPA/CPRA): You have the right to know (categories and specific pieces collected in the past 12 months), access, delete, correct, limit use/disclosure of sensitive personal information (where applicable), and non-discrimination. We currently do not sell or share personal information as defined, so the opt-out right for sale/sharing does not apply. If our practices change, we will update this Policy and implement required mechanisms (including support for Global Privacy Control signals where applicable) with confirmation of opt-out processing.

To exercise CCPA rights, email privacy@yestechie.com with "CCPA Privacy Request" in the subject (or use any future dedicated form). We will verify your identity reasonably and respond within legal timeframes (generally 45 days, extendable once). You may designate an authorized agent with proof of authorization.

Other Jurisdictions (e.g., GDPR/UK GDPR where applicable): You may have rights to access, rectification, erasure, restriction, portability, objection (including profiling), and withdrawal of consent, plus the right to complain to your supervisory authority. Contact us to exercise; we respond per applicable law (coordinating with the data controller for Service Data where relevant).

General Choices:

Marketing emails: Unsubscribe via the link or contact us.
Cookies: Manage via browser settings (blocking essentials may affect functionality).
Platform account: Update profile, manage permissions, or request closure/deletion, subject to active contracts, retention needs, and the termination provisions outlined in our Terms of Service (available at https://yestechie.com/terms).
Service Data requests (e.g., video or access logs): Submit through your organization's YesTechie account contact or project manager.

We respond to legitimate requests in good faith and within required timelines. Some data may be exempt (e.g., legal holds, backups, aggregated analytics, or data needed for active contracts).

5. Data Retention

We retain personal information only as long as necessary for the purposes in this Policy, to fulfill contracts, or as required/permitted by law (e.g., tax, accounting, audit, or litigation purposes — typically up to 7 years after the relevant relationship ends, or as specified in agreements).

Website/lead data: While relevant for communication or legal needs, or until deletion is requested and feasible.
Platform account/usage data: Duration of active account/subscription plus reasonable wind-down/support period.
Client Service Data: Per your specific service agreement or Data Processing Addendum. We generally return or securely delete upon termination unless you direct otherwise or legal requirements apply (we notify you of any such needs).

When no longer needed, we securely delete, anonymize, or aggregate it.

6. Data Security

We maintain a comprehensive information security program with reasonable administrative, technical, and physical safeguards to protect personal information from unauthorized access, disclosure, alteration, or destruction. Measures include encryption in transit (TLS) and at rest where appropriate, access controls with least privilege and MFA, secure development practices, vulnerability management, monitoring (including edge AI capabilities where deployed), employee training, and incident response procedures.

For our edge AI platform, we prioritize on-premises/edge processing to minimize transmission of raw sensitive data (e.g., video). Only essential metadata, events, and management data are exchanged with our backend, configurable by you.

No system is 100% secure. We cannot guarantee absolute security. Use strong credentials and MFA, and notify us immediately at privacy@yestechie.com of any suspected compromise. In a confirmed breach affecting personal information, we notify affected individuals and regulators as required by law (e.g., California timelines) and take remedial steps.

7. Cookies and Tracking Technologies

We use cookies, pixels, local storage, server logs, and similar technologies for:

Essential functionality (authentication, security, session management).
Performance and analytics (e.g., Google Analytics with available controls like IP anonymization).
Remembering preferences for a better experience.
Limited advertising/remarketing, if any (disclosed and with opt-out options).

Manage cookies in your browser settings. Do Not Track Signals. We do not track our website visitors over time and across third-party websites to provide targeted advertising, and therefore our Site does not alter its practices or respond to "Do Not Track" (DNT) signals from your browser. We apply strict purpose limitation: data collected through our lead capture forms is used solely to provision the requested Services, is managed within our secure proprietary analytics environment, and is never shared with third parties for cross-context behavioral marketing or commercial advertising.

8. Third-Party Links, Integrations, and Websites

Our Site and Platform may link to or integrate with third-party sites or services (e.g., Ubiquiti portals, payment gateways, or tools you connect). We are not responsible for their privacy practices. Review their policies before providing information. Integrations you initiate are also governed by your agreements with those providers.

9. Children's Privacy and Educational Clients

Our Site, Platform, and Services are not directed to children under 13 (or applicable digital consent age). We do not knowingly collect personal information from children without verifiable parental consent. Contact us immediately if you believe we have inadvertently done so.

For K-12 or educational clients handling student data, we address additional obligations (e.g., FERPA, COPPA, state laws) through tailored contracts and Data Processing Addenda. Discuss specific requirements with your YesTechie representative.

10. International Data Transfers

Our primary operations and data storage are in the United States (GCP US regions). If you are outside the US or we transfer data internationally (e.g., to subprocessors), your information may be processed in countries with different protections. Where required (e.g., GDPR), we use appropriate safeguards such as Standard Contractual Clauses or other valid mechanisms. By using our Services, you consent to necessary transfers to provide them.

11. Changes to This Privacy Policy

We may update this Policy to reflect changes in practices, technology, legal requirements, or operations. We will update the "Last Updated" date and post the revised version here. For material changes affecting your rights or data handling, we will provide prominent notice on the Site, via email to registered users/clients where feasible, or other reasonable means before the effective date.

Your continued use after the effective date constitutes acceptance. Review this Policy periodically. We update it at least annually or as needed for compliance.

12. Contact Us

For questions about this Policy, our practices, or to exercise your rights:

YesTechie Corp

Attn: Privacy Officer

14701 Arminta St, Unit A

Panorama City, CA 91402, USA

Email: support@yestechie.com (include "Privacy Request" or "CCPA Request" in the subject for faster handling)

Phone: +1 (818) 275 2707

We respond as promptly as possible, typically within 30 days or legal timeframes. This Policy is in English; contact us for translation or accessibility assistance.

Thank you for trusting YesTechie. We are committed to protecting your privacy while delivering high-quality, reliable IT, security, and technology solutions.