1. Information We Collect

Business & Contact Information

When you engage Manster for managed IT services, we may collect:

• Business name, address, and primary contact details
• Names and email addresses of authorized users and administrators
• Billing information and payment method details (processed via PCI-compliant providers)
• Service agreements, support tickets, and communication history

Technical & System Data

In the course of providing managed IT and cybersecurity services, we may access and process:

• Network topology, device inventory, and system configuration data
• Security event logs, threat intelligence feeds, and endpoint telemetry
• System performance metrics and uptime/availability records
• Microsoft 365 and Azure tenant configuration data (with explicit authorization)
• Helpdesk tickets, user activity logs, and workflow automation data

QuickBooks Integration Data

When you connect your QuickBooks account to Manster services, we may access and process the following data solely to deliver the services you have requested:

• Company profile, chart of accounts, and financial configuration settings
• Invoice records, payment history, and accounts payable/receivable data
• Vendor and customer contact information stored within QuickBooks
• Payroll data, expense reports, and tax-related records (when applicable to the service)
• API access tokens and OAuth credentials used to maintain the integration

We do not use QuickBooks data for any purpose other than providing and improving the specific services you have contracted with us. We do not sell, rent, or share your financial data with third parties for marketing or advertising purposes.

2. How We Use Your Information

We use the information we collect to:

• Provision, maintain, and improve managed IT and AI automation services
• Monitor and respond to security incidents on your behalf
• Generate invoices, process payments, and manage billing through QuickBooks integration
• Automate workflows and provide AI-powered business intelligence reports
• Communicate service updates, maintenance windows, and security advisories
• Comply with legal obligations and enforce our service agreements
• Conduct internal analytics to improve service quality and performance

3. Data Sharing & Disclosure

Manster does not sell your personal or business data. We may share information only in the following limited circumstances:

Service Providers

We engage vetted third-party vendors (cloud hosting, security tools, communication platforms) under data processing agreements that prohibit them from using your data beyond what is necessary to provide services to us.

QuickBooks / Intuit

Data transmitted to or from QuickBooks is subject to Intuit's Privacy Policy. Manster acts as an authorized integration partner and processes this data only as directed by you. We maintain the minimum necessary access scopes to perform contracted services.

Legal Requirements

We may disclose data when required by law, subpoena, court order, or to protect the rights, property, or safety of Manster, our clients, or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, client data may be transferred to the successor entity, subject to equivalent privacy protections.

4. Data Retention

We retain client data for the duration of the service agreement and for a period thereafter as required by applicable law or as needed for legitimate business purposes such as dispute resolution. QuickBooks integration data is purged or access is revoked within 30 days of service termination unless a longer retention period is required by law.

System logs and security event data may be retained for up to 12 months for forensic and compliance purposes, unless otherwise specified in your service contract.

5. Data Security

Manster implements industry-standard administrative, technical, and physical safeguards to protect your data, including:

• Encryption in transit (TLS 1.2+) and at rest (AES-256 where applicable)
• Role-based access control and multi-factor authentication for all internal systems
• Regular security assessments, vulnerability scanning, and penetration testing
• Incident response procedures with client notification protocols per applicable law

No method of transmission or storage is 100% secure. We will notify affected clients without undue delay in the event of a confirmed data breach involving their information.

6. Your Rights & Choices

Depending on your jurisdiction, you may have the right to:

• Access, correct, or request deletion of your personal and business data we hold
• Revoke QuickBooks integration access at any time through your QuickBooks account settings
• Opt out of non-essential communications by contacting us directly
• Request a copy of data we hold about you in a portable format
• Lodge a complaint with a relevant data protection authority

To exercise any of these rights, contact us at the information provided in Section 8.

7. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. We will notify active clients of material changes via email or through our client portal. Continued use of our services after notice of changes constitutes acceptance of the updated policy. The "Effective Date" at the top of this page indicates when the policy was last revised.

8. Contact Us

For questions, requests, or concerns regarding this Privacy Policy or our data practices, please contact: