Privacy Policy

CRM Central | CRM Central, LLC

Effective: May 7th, 2026

1. Introduction

CRM Central, LLC ("we," "us," or "our") operates the CRM Central platform accessible at www.crmcentral.co (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect information about you when you use our Service.

By using the Service, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, please do not use the Service.

This Privacy Policy is incorporated into and forms part of our Terms of Service.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you:

  • Create an account — name, email address, company name, phone number, billing address
  • Subscribe to the Service — payment information (processed by Stripe; we do not store full card numbers)
  • Use the Service — customer records, contacts, notes, tasks, pipeline data, and other CRM data you enter
  • Contact support — communications, support tickets, and related information
  • Participate in surveys or beta programs — feedback, ratings, and responses

2.2 Information Collected Automatically

When you use the Service, we automatically collect:

  • Log data — IP address, browser type, operating system, pages visited, time and date of access, referring URLs
  • Device information — device type, unique device identifiers, and hardware model
  • Usage data — features accessed, actions taken, session duration, and clickstream data
  • Cookies and similar technologies — as described in Section 7

2.3 Information from Third Parties

We may receive information about you from third parties, including:

  • Payment processors (Stripe) — transaction confirmation and fraud prevention signals
  • Authentication providers — if you register via Google OAuth or similar services
  • Integration partners — data from third-party services you connect to the Service

3. How We Use Your Information

We use the information we collect to:

  1. Provide, maintain, and improve the Service
  2. Process transactions and send related information including purchase confirmations and invoices
  3. Authenticate users and maintain account security
  4. Send administrative messages including updates, security alerts, and support messages
  5. Respond to your comments, questions, and customer service requests
  6. Send marketing communications (with your consent where required by law)
  7. Monitor and analyze usage patterns and trends to improve user experience
  8. Detect, investigate, and prevent fraudulent transactions and other illegal activities
  9. Comply with legal obligations and enforce our agreements
  10. Protect the rights, property, and safety of Company, our users, and the public

We will not use your Customer Data to train machine learning models or AI systems without your explicit written consent.

4. How We Share Your Information

4.1 Service Providers

We share information with trusted third-party vendors and service providers who assist us in operating the Service, subject to confidentiality obligations. Current key providers include:

  • Supabase — database hosting and authentication
  • Stripe — payment processing
  • Vercel — application hosting
  • PostHog — analytics (anonymized usage data)

4.2 Business Transfers

If we are involved in a merger, acquisition, reorganization, or sale of assets, your information may be transferred as part of that transaction. We will notify you by email or prominent notice within the Service before your information becomes subject to a different privacy policy.

4.3 Legal Requirements

We may disclose your information if required to do so by law or in the good faith belief that such disclosure is necessary to: (a) comply with a legal obligation; (b) protect and defend our rights or property; (c) prevent or investigate possible wrongdoing; (d) protect the personal safety of users or the public; or (e) protect against legal liability.

4.4 With Your Consent

We may share your information for other purposes with your explicit consent.

4.5 Aggregate Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you with third parties for research, analytics, and marketing purposes.

4.6 No Sale of Personal Data

We do not sell, rent, or trade your personal information to third parties for their own marketing purposes.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. We also retain and use your information as necessary to comply with legal obligations, resolve disputes, and enforce our agreements.

Upon account termination:

  • Account information is retained for 90 days to allow for account recovery, then deleted
  • Customer Data is retained for 30 days after termination, during which you may request export, then permanently deleted
  • Billing records are retained for 7 years as required by applicable law
  • Anonymized usage analytics may be retained indefinitely

6. Data Security

We implement industry-standard security measures to protect your information, including:

  • TLS/SSL encryption for all data in transit
  • AES-256 encryption for data at rest
  • Role-based access controls limiting employee access to Customer Data
  • Regular security assessments and penetration testing
  • Multi-factor authentication for internal systems

Despite these measures, no security system is impenetrable. We cannot guarantee the absolute security of your information. In the event of a data breach that affects your personal information, we will notify you as required by applicable law.

7. Cookies and Tracking Technologies

7.1 What We Use

We use cookies and similar tracking technologies (web beacons, pixels) to operate and improve the Service. Types of cookies we use:

  • Essential cookies — required for the Service to function, including authentication and security cookies
  • Functional cookies — remember your preferences and settings
  • Analytics cookies — help us understand how you use the Service (via PostHog)

7.2 Your Cookie Choices

Most browsers allow you to control cookies through browser settings. Note that disabling certain cookies may affect Service functionality. We will implement a cookie consent mechanism in compliance with applicable law.

8. Your Privacy Rights

8.1 General Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access — request a copy of the personal information we hold about you
  • Correction — request correction of inaccurate or incomplete information
  • Deletion — request deletion of your personal information, subject to legal obligations
  • Portability — request transfer of your information to another service provider
  • Objection — object to certain processing of your information
  • Restriction — request restriction of processing in certain circumstances

8.2 California Residents (CCPA/CPRA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA):

  • The right to know what personal information we collect, use, share, or sell
  • The right to delete personal information we have collected from you
  • The right to opt-out of the sale or sharing of personal information (we do not sell personal information)
  • The right to non-discrimination for exercising your privacy rights
  • The right to limit use of sensitive personal information

To exercise your California privacy rights, contact us at legal@crmcentral.co. We will respond within 45 days.

8.3 EEA/UK Residents (GDPR) — Future Readiness

If you are located in the European Economic Area or United Kingdom, you have rights under the General Data Protection Regulation (GDPR) including the rights listed above. Our legal bases for processing include performance of a contract, legitimate interests, and consent. You have the right to lodge a complaint with your local data protection authority.

8.4 Exercising Your Rights

To exercise any of the rights described above, please contact us at legal@crmcentral.co. We may require verification of your identity before processing your request. We will respond within the timeframe required by applicable law.

9. Children's Privacy

The Service is intended for use by businesses and individuals who are at least 18 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected personal information from a child under 13, we will delete it promptly. If you believe we have inadvertently collected such information, please contact us at legal@crmcentral.co.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States, where our servers are located. These countries may have data protection laws that differ from your country. By using the Service, you consent to such transfers. Where required by law, we will implement appropriate safeguards for international data transfers.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the new Privacy Policy on this page with a new effective date
  • Sending an email to the address associated with your account
  • Displaying a prominent notice within the Service

Your continued use of the Service after the effective date of the updated Privacy Policy constitutes your acceptance of the changes. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please contact us:

CRM Central, LLC

P.O. Box 681054

Franklin, TN 37068

Email: legal@crmcentral.co

Website: www.crmcentral.co