1. Introduction and Scope

This Privacy and Use Agreement ("Agreement") governs the relationship between Ozenik MSP Services ("Provider," "we," "us," or "our") and our clients ("Client," "you," or "your") regarding the provision of managed technology services, including but not limited to technical support, dark web monitoring, and managed security services.

By engaging our services, you acknowledge that you have read, understood, and agree to be bound by this Agreement. This Agreement applies to all services provided by Ozenik MSP Services, whether delivered remotely, on-site, or through cloud-based platforms.

2. Services Provided

2.1 Technical Support Services

Our technical support services encompass:

• 24/7 helpdesk support for critical issues
• Remote desktop assistance and troubleshooting
• Software installation, configuration, and updates
• Hardware diagnostics and coordination of repairs
• Network connectivity troubleshooting
• Email and communication system support
• End-user training and documentation

2.2 Dark Web Monitoring

Our dark web monitoring services include:

• Continuous scanning of dark web marketplaces and forums
• Monitoring for compromised credentials and personal information
• Real-time alerts for detected breaches or exposures
• Quarterly threat intelligence reports
• Incident response recommendations
• Employee security awareness notifications

2.3 Managed Security Services

Our comprehensive security management includes:

• Endpoint detection and response (EDR)
• Security information and event management (SIEM)
• Vulnerability assessments and penetration testing
• Patch management and security updates
• Firewall and intrusion prevention management
• Security policy development and enforcement
• Incident response and forensics
• Compliance assistance (HIPAA, PCI-DSS, GDPR)

3. Privacy and Data Protection

3.1 Information We Collect

In providing our services, we may collect and process:

• Business Information: Company name, address, contact details, and billing information
• Technical Data: Network configurations, system logs, IP addresses, and device identifiers
• Security Data: Security events, threat indicators, and vulnerability scan results
• User Data: Employee names, email addresses, and access credentials (encrypted)
• Support Data: Ticket history, communication logs, and service usage patterns

3.2 How We Use Your Information

We use collected information exclusively for:

• Providing and maintaining our managed services
• Detecting and preventing security threats
• Troubleshooting technical issues
• Improving service quality and performance
• Ensuring compliance with legal and regulatory requirements
• Billing and account management

3.3 Data Security Measures

We implement industry-leading security measures including:

• AES-256 encryption for data at rest and in transit
• Multi-factor authentication for all administrative access
• Regular security audits and penetration testing
• Strict access controls and principle of least privilege
• Security incident response procedures
• Employee background checks and security training

4. Acceptable Use Policy

4.1 Client Responsibilities

As our client, you agree to:

• Provide accurate and complete information necessary for service delivery
• Maintain appropriate licenses for all software we manage
• Promptly notify us of security incidents or suspicious activities
• Cooperate with security recommendations and remediation efforts
• Ensure authorized use of our services by your employees
• Maintain confidentiality of access credentials

4.2 Prohibited Activities

The following activities are strictly prohibited:

• Using our services for illegal or unauthorized purposes
• Attempting to bypass security controls or access restrictions
• Sharing access credentials with unauthorized parties
• Interfering with service operations or other clients' services
• Transmitting malicious code or engaging in cyberattacks
• Violating intellectual property rights

5. Data Retention and Deletion

5.1 Retention Periods

We retain different types of data for varying periods:

• Support Tickets: 2 years from resolution
• Security Logs: 1 year for compliance purposes
• Dark Web Monitoring Data: 90 days for active threats, archived indefinitely for resolved issues
• Backup Data: According to agreed backup retention policies
• Billing Records: 7 years for tax and legal requirements

5.2 Data Deletion Rights

Upon contract termination or upon request, we will securely delete or return all client data within 30 days, except where retention is required by law or for legitimate business purposes such as billing disputes or legal proceedings.

6. Third-Party Services and Data Sharing

6.1 Third-Party Tools

We may utilize third-party services including:

• Cloud infrastructure providers (AWS, Azure, Google Cloud)
• Security tool vendors (antivirus, EDR, SIEM providers)
• Ticketing and communication platforms
• Dark web intelligence providers
• Backup and disaster recovery services

6.2 Data Sharing Limitations

We will never sell, rent, or trade your data. We share information only when:

• You provide explicit consent
• Required by law or valid legal process
• Necessary to protect against imminent harm or security threats
• Required for service delivery with approved subprocessors

7. Compliance and Certifications

Ozenik MSP Services maintains compliance with:

• SOC 2 Type II: Annual audits for security, availability, and confidentiality
• ISO 27001: Information security management certification
• HIPAA: Healthcare data protection compliance
• PCI-DSS: Payment card industry security standards
• GDPR: European data protection regulations
• CCPA: California consumer privacy requirements

8. Incident Response and Breach Notification

8.1 Security Incident Response

In the event of a security incident, we will:

• Immediately initiate our incident response procedures
• Contain and mitigate the incident to prevent further damage
• Conduct forensic analysis to determine scope and impact
• Notify affected clients within 72 hours of discovery
• Provide regular updates throughout the investigation
• Deliver a comprehensive incident report upon resolution

8.2 Client Notification

Breach notifications will include the nature of the incident, types of data affected, steps taken to address the breach, and recommendations for protective measures.

9. Service Level Agreements

9.1 Availability Commitments

• Help Desk: 99.9% availability during business hours
• Critical Security Response: 15-minute response time
• Dark Web Monitoring: Continuous 24/7 monitoring
• Managed Security: 99.99% uptime for security services

9.2 Support Response Times

• Critical (P1): 15 minutes
• High (P2): 1 hour
• Medium (P3): 4 hours
• Low (P4): 1 business day

10. Limitation of Liability

To the maximum extent permitted by law, Ozenik MSP Services' total liability for any claims arising from this Agreement shall not exceed the total fees paid by the client in the twelve months preceding the claim.

We shall not be liable for indirect, incidental, special, consequential, or punitive damages, including but not limited to loss of profits, data, or business opportunities, even if advised of the possibility of such damages.

11. Intellectual Property

All intellectual property rights in our services, including software, methodologies, and documentation, remain with Ozenik MSP Services or our licensors. Clients retain all rights to their data and proprietary information.

We may use aggregated, anonymized data derived from service delivery for improving our services and developing industry insights, provided such use does not identify any specific client.

12. Term and Termination

12.1 Agreement Term

This Agreement remains in effect for the duration specified in your service contract. It automatically renews unless terminated by either party with 30 days written notice.

12.2 Termination Rights

Either party may terminate this Agreement:

• For convenience with 30 days written notice
• Immediately for material breach after 10 days notice to cure
• Immediately in case of insolvency or bankruptcy

12.3 Post-Termination

Upon termination, we will provide a final data export and securely delete client data according to Section 5. Sections relating to confidentiality, liability, and dispute resolution survive termination.

13. Dispute Resolution

Any disputes arising from this Agreement shall first be addressed through good faith negotiations. If unresolved within 30 days, disputes shall be submitted to binding arbitration under the rules of the American Arbitration Association.

This Agreement is governed by the laws of [Your Jurisdiction] without regard to conflict of law principles. The prevailing party in any dispute shall be entitled to recover reasonable attorneys' fees and costs.

14. Changes to This Agreement

We may update this Agreement to reflect changes in our services, legal requirements, or industry standards. Material changes will be communicated with 30 days notice. Continued use of our services after changes take effect constitutes acceptance of the modified Agreement.

15. Contact Information

16. Acknowledgment and Acceptance

By using Ozenik MSP Services, you acknowledge that you have read, understood, and agree to be bound by this Privacy and Use Agreement. You further acknowledge that this Agreement constitutes the entire agreement between you and Ozenik MSP Services regarding privacy and acceptable use of our managed services.