Legal & Trust Center

Privacy, security, and compliance at Amitrace

Amitrace Computer Systems, Inc. is a family-owned audiovisual and broadcast integrator approaching our 40th anniversary. We work primarily with K–12 school districts, government agencies, houses of worship, and broadcasters across the Southeast. The Trust Center brings our privacy, security, and compliance documentation together in one place so customers, prospects, and procurement teams can find what they need quickly.

Quick Links

Privacy Policy How we handle information collected through our website and general business interactions.
School District Data Practices Our role and obligations when working with K–12 school districts, including breach notification commitments.
SMS Terms Terms for our business SMS messaging program, including opt-in, opt-out, and frequency.
Cookie Policy (EU) How we use cookies on www.amitrace.com, with details for visitors from the EU/EEA, UK, and Switzerland.

Our Commitments

  • We do not sell personal information. Not contact data, not student data, not anything else.
  • We do not use customer or student data for advertising. Our business is selling and supporting professional AV equipment, not monetizing data.
  • We treat school districts as the controllers of their information. When we encounter district data during installation, training, or support, we handle it under the district’s direction and protect it accordingly.
  • We notify districts of incidents within 72 hours. Our standard practice is to report security incidents involving Student or Staff Record Information to the affected district within 72 hours of discovery.
  • We maintain insurance. Amitrace carries general liability and cyber liability insurance. Certificates of insurance are available on request.

Security Practices

People

  • Background checks are conducted on personnel assigned to school district work.
  • Employees and subcontractors are trained on confidentiality and the sensitive nature of school environments.
  • Access to customer systems and credentials is limited to personnel with a direct need.

Vendor Management

  • We use a small number of established service providers (Microsoft 365, Supabase, ActiveCampaign, Odoo) to operate our business.
  • Vendor relationships are governed by contracts that include data protection obligations.
  • We do not transfer customer data outside the United States.

Compliance

Amitrace supports our customers’ compliance obligations and aligns our own practices with applicable law, including:

  • FERPA: Family Educational Rights and Privacy Act, where Amitrace is acting as a school official with a legitimate educational interest.
  • Georgia Student Data Privacy, Accessibility, and Transparency Act: and comparable state laws in jurisdictions where we operate.
  • CCPA / CPRA: for California residents who interact with our website or business.
  • GDPR / UK GDPR: for visitors to our website from the European Economic Area, the United Kingdom, and Switzerland.
  • Carrier requirements (A2P 10DLC): for our SMS messaging program.

State Contracts and District DPAs

Amitrace holds institutional contracts with multiple school districts and is on the Georgia Mandatory AV statewide contract. We are familiar with district procurement processes and welcome the opportunity to review and execute district-specific data privacy agreements (DPAs) as part of our standard onboarding.

Reporting a Security Concern

If you believe you have identified a security or privacy issue involving Amitrace, please contact us at support@amitrace.com. We take reports seriously and will respond promptly.