Privacy Policy

Last updated: February 20, 2026

1. Introduction

This Privacy Policy explains how Startup ("we", "our", or "us") collects, uses, stores, and protects personal data when you use our CRM and LeadGen platform, including AI-assisted workflows. We are committed to protecting customer and end-user privacy while enabling secure business operations.

2. Information We Collect

  • Account and workspace data: name, email, authentication identifiers, role assignments, and account preferences.
  • CRM and LeadGen data you provide: contacts, companies, campaign definitions, pipeline records, tasks, notes, and related business metadata.
  • Usage and diagnostic data: request logs, security events, product interactions, and service performance telemetry.
  • Support communications: messages you send to support, including troubleshooting context.

3. How We Use Information

  • Provide and operate CRM, LeadGen, and workflow automation capabilities.
  • Authenticate users, enforce workspace permissions, and maintain account security.
  • Run AI-assisted operations based on your instructions and configured workspace rules.
  • Maintain auditability, troubleshooting, abuse prevention, and legal compliance.
  • Improve reliability, usability, and security of the platform.

4. AI Processing and Data Boundaries

We process AI-related workflows in controlled hosting environments designed for business data protection. AI actions are bounded by workspace rules, role permissions, and audit logging controls.

We do not sell your customer data. We do not intentionally use your private workspace data to train public foundation models.

5. Legal Bases for Processing

Depending on jurisdiction, we process data under one or more of the following bases: contract necessity, legitimate interests, consent, and legal obligations.

6. Data Sharing

We share data only as necessary to deliver the service and meet legal obligations, including with infrastructure providers, security/monitoring providers, and professional service partners under confidentiality and data protection obligations.

We may disclose information when required by law, legal process, or to protect rights, users, and platform security.

7. Security Measures

  • Encryption in transit and at rest where applicable.
  • Role-based access controls and workspace isolation boundaries.
  • Authentication controls and server-side authorization checks.
  • Operational logging, audit trails, and incident response procedures.

No system can guarantee absolute security, but we continuously work to reduce risk through technical and organizational safeguards.

8. Data Retention

We retain data for as long as needed to provide the service, support contractual obligations, resolve disputes, maintain security records, and satisfy legal requirements. Retention windows vary by data type and customer configuration.

9. International Data Transfers

Where data is transferred across borders, we apply appropriate contractual and technical safeguards as required by applicable law.

10. Your Rights

Subject to local law, you may have rights to access, correct, delete, restrict, or export personal data, and to object to certain processing. You may also withdraw consent where processing relies on consent.

11. Cookies and Similar Technologies

We may use cookies and similar technologies for authentication, session continuity, security, analytics, and product performance.

12. Changes to This Policy

We may update this Privacy Policy periodically. Material changes will be posted with an updated effective date.

13. Contact

Privacy questions or requests: [email protected]

You can also visit our Terms of Service.