Legal

Privacy Policy

Last updated: April 24, 2026

We collect almost nothing. No analytics scripts. No advertising pixels. No behavioral tracking. The only personal information we hold is what you voluntarily send us through the contact form on this site — and we use it only to write back to you. This page explains the specifics, the rights you have, and the few third parties involved in delivering the site to your browser.

01 Who we are

The data controller is MetroSys, Inc.

MetroSys, Inc. operates this website and is the controller of any personal information you submit through it. We are a services-first technology firm based in San Diego, California, integrating technology, professional services, telecom, and workforce under one accountable relationship since 2016.

Postal address: 113 W. G Street #656, San Diego, CA 92101, United States
Privacy contact: hello@metro-sys.com

02 What we collect

Only what you send through the contact form.

When you submit the form on the Contact page, we receive:

  • Name
  • Company
  • Work email address
  • Role / title (optional)
  • Inquiry type (the dropdown selection)
  • The message you write

We do not collect sensitive personal information (race, religion, health, biometric data, precise geolocation, etc.). We do not run advertising trackers. We do not have any first-party cookies that profile you across sessions.

Server logs

Our hosting provider (Cloudflare) automatically records standard web-server log data — IP address, browser type, pages requested, timestamps — for security, abuse prevention, and reliability. We do not use this data for marketing, do not enrich it with other data sources, and do not retain it beyond Cloudflare’s default retention.

03 How we use your information

To respond to your inquiry. That’s it.

The contact-form data you send us is used solely to:

  • Read and reply to your message
  • Route your inquiry to the right person internally (sales, recruiting, supplier diversity, etc.)
  • Maintain a record of correspondence in our email inboxes for follow-up and reference

We do not sell, rent, share, or trade your information for any purpose. We do not add you to a marketing list. We do not pass your details to anyone outside the listed processors below.

Legal basis (for visitors in the EU/UK)

Under GDPR, our legal basis for processing inquiry-form submissions is your consent (you chose to send us the form) and our legitimate interest in responding to commercial inquiries about our services.

04 Who handles your data on our behalf

Three vendors. No one else.

Three providers process limited data in the course of operating this site. Each has its own privacy commitments and security certifications.

Cloudflare, Inc. — hosting and content delivery

Cloudflare hosts the site, delivers it to your browser, and provides security against malicious traffic. Cloudflare receives standard request data (IP, headers) for every page view, by necessity.

Resend (Resend.com) — transactional email

When you submit the contact form, our backend uses Resend to deliver the message to the appropriate MetroSys mailbox (hello@, recruiting@, or diversity@metro-sys.com depending on inquiry type). Resend processes the form contents only as needed to send and log the email.

JazzHR — careers/applications page only

The job listings on our Careers page are embedded from JazzHR (applytojob.com). When you interact with that embed — viewing roles, applying, etc. — you are interacting with JazzHR’s platform under their privacy terms. JazzHR may set its own cookies on that page only.

What this means: If you only browse our marketing pages without submitting the contact form or visiting the Careers page, the only data leaving your browser goes to Cloudflare for site delivery. Nothing is sent to Resend or JazzHR unless you actively engage those features.

05 Cookies

Strictly necessary only. No tracking cookies.

This site does not set any first-party cookies for analytics, advertising, or behavioral profiling. The only cookies that may be set are:

  • Cloudflare technical cookies (__cf_bm, sometimes cf_clearance) — classified as strictly necessary for security, bot management, and serving content. Short-lived (typically 30 minutes for __cf_bm). These do not require consent under GDPR/ePrivacy.
  • Third-party cookies set by JazzHR on the Careers page only, when their iframe loads. These are governed by JazzHR’s privacy policy.

You can block or delete cookies in your browser settings without affecting your ability to view our marketing content. Blocking Cloudflare’s strictly-necessary cookies may affect site security checks; blocking JazzHR’s cookies may affect application functionality on the Careers page only.

06 Data retention

We keep correspondence as long as the relationship is active.

Contact-form submissions arrive in our email inboxes and are retained as part of normal business correspondence. We do not auto-delete them, because we may need to refer back to a thread months or years later in the course of an active engagement. If you would like us to delete a specific message or all records of a prior inquiry, email hello@metro-sys.com and we will do so within 30 days.

Resend retains delivery logs for a limited period per their terms. Cloudflare server logs are retained per their default retention policy.

07 International data transfers

If you are in the EU/UK, your data is processed in the United States.

MetroSys, Cloudflare, Resend, and JazzHR all operate primarily in the United States. If you submit a form from the EU/UK or other jurisdictions with cross-border transfer rules, your information will be transferred to and processed in the U.S. We rely on each processor’s applicable safeguards (Standard Contractual Clauses or equivalent) for those transfers.

08 Your rights

Access, correct, delete, or ask us a question.

Regardless of where you live, you can email hello@metro-sys.com to:

  • Ask what personal information we have about you
  • Request that we correct inaccurate information
  • Request deletion of your information
  • Withdraw consent for further use
  • Request a copy of your data in portable format

We will respond within 30 days. We will not charge a fee for a reasonable request.

For California residents (CCPA / CPRA)

You have the right to know what personal information we collect, the right to delete it, the right to correct it, and the right to opt out of the sale or sharing of personal information.

We do not sell or share personal information for cross-context behavioral advertising. Because we do not engage in those activities, there is no “Do Not Sell or Share My Personal Information” mechanism to invoke. To exercise any other right, email the privacy contact above.

For EU/UK residents (GDPR / UK GDPR)

In addition to the rights above, you may lodge a complaint with your local supervisory authority (e.g., your country’s data protection authority, or the ICO in the United Kingdom) if you believe we have processed your data unlawfully.

09 Children

This site is not directed to children.

MetroSys provides B2B services to enterprise organizations. We do not knowingly collect personal information from anyone under 16. If you believe a child has submitted information to us, contact hello@metro-sys.com and we will delete it.

10 Changes to this policy

We will update the “Last updated” date.

If we change this policy, we will revise the date at the top of the page. Material changes (e.g., adding a new processor or a new category of data) will be summarized at the top for a reasonable period after the change is made.

11 Contact

Questions about privacy go to a real person.

For any privacy-related question or request, write to hello@metro-sys.com or send a letter to:

MetroSys, Inc.
Attn: Privacy
113 W. G Street #656
San Diego, CA 92101
United States