Privacy Policy

U.S. law, international readers, and who may use the Service

Primary audience. We are a U.S. company and we draft this policy for customers and visitors in the United States. Our practices are designed to align with applicable U.S. federal and state privacy and consumer-protection laws.

We do not offer or market the Service outside the United States. The site and portals may be technically reachable from other countries; that reachability is not an offer to provide regulated services, support, or billing relationships in any non-U.S. jurisdiction.

Your responsibility if you are outside the United States. If you choose to access the Service, create an account, purchase a subscription, or otherwise send us information while located outside the United States, you are solely responsible for determining whether your use is lawful where you are, and for meeting any registration, consent, data-localization, tax, employment, telecommunications, or other requirements that apply to you locally. We do not represent that the Service or our data practices satisfy the laws of any country other than the United States.

Information for readers worldwide. The sections below describe categories of data, purposes, retention, security, subprocessors, and rights in plain language so international readers can understand our practices. Where foreign privacy laws grant you additional rights (for example in the European Economic Area or United Kingdom), we will honor valid requests to the extent required by law; see “European Economic Area, United Kingdom, and Switzerland” below.

Definitions

• Service — tatespc.com, the subdomains and portals described above, and the software-led offerings we provide under the Tates PC brand, including Ai PC Fix (monitoring and automation), the Two Minute Fix engine, related backup and security offerings that may involve third-party platforms we license (for example endpoint management and backup vendors), onboarding and checkout flows on this site, and operator tools used to deliver support.
• Personal information / Personal Data — information that identifies, relates to, describes, or can reasonably be linked with you or your household or (where applicable) a living individual.
• Usage Data — technical information generated when you use the Service (for example IP address, browser type, pages viewed, timestamps, and diagnostic or error data).
• Cookies and similar technologies — small files or tokens stored on your device to operate sessions, remember preferences, reduce fraud, and measure traffic.

Information we collect

Depending on how you interact with us, we may collect:

• Contact and account details — such as name, business name, email address, phone number, mailing or service address, and preferences you provide on forms or in tickets.
• Authentication and security signals — for example one-time login codes sent to your email, session identifiers, fraud-prevention scores from Google reCAPTCHA Enterprise, and security logs tied to sign-in or checkout attempts.
• Commercial and subscription information — products or tiers you select, license identifiers, subscription status, invoices or payment references, and internal correlation keys (for example identifiers returned by our payment processor).
• Payment method relationship (not full card or bank numbers on our servers) — we route payment setup and charges through our payment processor (Stripe). Stripe collects and vaults payment methods you choose (see “Billing, autopay, cards, and ACH” below). We may store processor references (such as customer or subscription IDs) and limited billing metadata needed to run accounts and support.
• Managed-device and service-delivery data — when you use our monitoring, automation, backup, or security offerings, our tools and integrated vendor platforms may process device names, identifiers, telemetry, patch status, security findings, backup metadata, and similar operational data needed to render the Service. Some of that data may identify individuals at a business (for example user profiles on a managed PC).
• Support and communications content — messages you send us, ticket descriptions, and attachments you choose to provide.
• Usage Data and cookies — as described in this policy; see “Cookies and analytics”.

We do not use the Service to collect sensitive categories (such as government ID numbers, health information, or precise geolocation) unless you voluntarily submit them to us for a legitimate support or billing purpose, in which case we use them only for that purpose and retain them only as long as needed.

Cookies and analytics

We use cookies and similar technologies that are strictly necessary to operate secure sessions, honor your preferences, and protect the Service. Where configured on a given page, we may also use Google Analytics to understand aggregate traffic patterns. You can control cookies through your browser; blocking strictly necessary cookies may break login or checkout.

How we use personal information

• Provide, configure, invoice, and support the Service
• Authenticate users, prevent fraud and abuse, and protect security
• Process payments and manage subscriptions, trials, upgrades, and cancellations
• Communicate about service changes, security notices, and (where permitted) offers you can opt out of
• Maintain backups, monitoring, alerting, and reporting you have purchased
• Comply with law, enforce our agreements, and defend legal claims
• Improve reliability and performance of our websites and portals

Billing, autopay, cards, and ACH (U.S. bank debit)

We use Stripe as our payment processor and subscription billing platform. When you subscribe or update payment methods, Stripe may present hosted payment flows (including Stripe Checkout or the Stripe customer billing portal) where you enter payment details directly with Stripe.

• Cards. Card payments are processed by Stripe under its PCI-DSS program. We do not store complete card numbers or card security codes on our web servers.
• ACH and U.S. bank debits. Where enabled for your account, you may link a U.S. bank account so Stripe can originate ACH debits (bank transfers) for recurring subscription charges and, when applicable, one-time charges you authorize. Bank account verification, mandates, micro-deposits, or instant verification flows are handled by Stripe and its financial partners under their terms and timelines.
• Autopay and saved payment methods. Subscriptions are recurring unless you cancel in accordance with your agreement or the tools we provide. Stripe maintains the saved payment methods and billing profile for your customer record. We receive status information (for example whether a payment succeeded, the last four digits of a card or bank account, brand, expiration for cards, and subscription lifecycle events) so we can operate accounts, show summaries in our customer portal, and help with support.
• Webhooks and business systems. Stripe sends automated event notifications to our servers (webhooks). Those events may include subscription IDs, customer IDs, invoice references, and payment outcome metadata. We use them to activate services, reconcile access, and maintain internal billing caches.

Stripe’s handling of payment data is governed by the Stripe Privacy Policy and, where presented at collection, Stripe’s terms for Financial Connections or ACH debits.

How we share personal information

We do not sell your personal information and we do not share it for cross-context behavioral advertising as defined under California law. We disclose personal information only as follows:

• Service providers and subprocessors who assist us under contract (hosting, email delivery, payment processing, security and fraud prevention, analytics, remote monitoring and management, backup, helpdesk, and similar functions). They may process personal information only on our instructions or as otherwise required to deliver their service.
• Legal and safety when we believe disclosure is required by law, subpoena, or court order, or is necessary to protect rights, safety, or security.
• Business transfers in connection with a merger, acquisition, financing, or sale of assets, subject to appropriate confidentiality and continuity commitments.

Service providers you should know about

Depending on the products you use, relevant providers include:

• Stripe, Inc. — payments, subscriptions, invoicing, customer billing portal, ACH/card vaulting, and related fraud tooling. stripe.com/privacy
• Google LLC — reCAPTCHA Enterprise on sign-in and sensitive flows; optional Google Analytics where enabled. Google privacy
• Remote monitoring, backup, security, and collaboration vendors we integrate to deliver purchased services (for example endpoint management, backup storage, antivirus, and Microsoft cloud services). Those vendors process data under their own agreements and privacy notices for the portions of the stack they operate.

Retention

We keep personal information only as long as needed for the purposes described in this policy, to meet legal, tax, and accounting obligations, and to resolve disputes and enforce agreements. Operational logs and security telemetry may be kept for shorter rolling periods. Processor-side records (Stripe subscriptions, invoices, and payment methods) are retained according to Stripe’s policies and our business needs.

Security

We use administrative, technical, and organizational measures appropriate to the nature of the Service, including encryption in transit (HTTPS), access controls, separation of privileged operator tools, and monitoring. No method of storage or transmission is perfectly secure; we encourage strong passwords, safeguarding OTP codes, and promptly revoking access for departed staff on customer-controlled systems.

U.S. state privacy rights (including California)

Residents of certain U.S. states may have rights to know what personal information we collect, to request deletion subject to exceptions, to correct inaccuracies in certain cases, to receive a portable copy where applicable, and to opt out of sale or certain sharing. We do not sell personal information. We also do not use or disclose sensitive personal information for inferring characteristics in a manner that would trigger opt-out rights under California regulations.

To exercise rights granted by your state, contact us through our contact page. We will verify your request consistent with law (for example by confirming control of the email on file). You may designate an authorized agent where your state allows it; we may require proof of agency. We will not discriminate against you for exercising privacy rights.

European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, UK, or Switzerland and we are required to apply local law to you, our legal bases may include performance of a contract, legitimate interests that are not overridden by your rights, consent where we asked for it, and legal obligation. You may have rights to access, rectify, erase, restrict, or port Personal Data, and to object to certain processing. You may lodge a complaint with your local supervisory authority. Because we are based in the United States, your information will be processed in the United States and potentially other countries where our service providers operate. Where required, we rely on appropriate safeguards such as standard contractual clauses adopted by the European Commission for transfers to the United States, in addition to your consent where that is the lawful basis.

Legal basis (GDPR) — summary

For processing governed by the GDPR, our bases include contract, consent, legitimate interests (for example securing accounts and improving reliability), payment processing, and legal compliance.

Your GDPR rights — summary

Where the GDPR applies, you may have the rights described in the EEA/UK section above, including withdrawal of consent where processing was consent-based.

Children’s privacy

The Service is not directed to children under 18, and we do not knowingly collect personal information from children. If you believe a child has provided us information, please contact us and we will take appropriate steps to delete it.

Links to other sites

Our Service may link to third-party websites or open hosted pages (for example a payment page). Their privacy policies govern information you provide to them.

Changes to this policy

We may update this policy to reflect new products, laws, or practices. We will post the revised version on this page and update the “Last materially updated” date. If a change is material, we will provide additional notice as appropriate (for example a banner or email). Continued use of the Service after the effective date of an update constitutes your acceptance of the revised policy, except where your consent is required by law.

Contact

Questions about this policy or requests to exercise privacy rights: contact Tates PC.

This policy is provided for transparency. It is not legal advice. For regulated industries or complex cross-border situations, consult qualified counsel.