Privacy Policy

1. Introduction and Overview

BinaryCRM LLC ("BinaryCRM", "we", "us", "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services (the "Service").

This Privacy Policy applies to all information collected through our Service, including:

• Website (binarycrm.com)
• Web application and dashboard
• Mobile applications (if applicable)
• API and integrations
• Email communications
• Customer support interactions

By using BinaryCRM, you agree to the collection and use of information in accordance with this Privacy Policy.

2. Information We Collect

2.1 Information You Provide Directly

We collect information you provide when you:

• Create an Account: Name, email address, phone number, company name, job title
• Use the Service: Customer data, contacts, invoices, tickets, messages, files, notes
• Make Payments: Billing information (processed by third-party payment processors)
• Contact Support: Support tickets, chat messages, email correspondence
• Participate in Surveys: Feedback, preferences, opinions

2.2 Information Collected Automatically

When you access the Service, we automatically collect:

• Device Information: IP address, browser type, operating system, device identifiers
• Usage Data: Pages viewed, features used, time spent, click patterns
• Log Data: Server logs, error reports, performance metrics
• Cookies and Tracking: Session cookies, authentication tokens, analytics data
• Location Data: General geographic location based on IP address

2.3 Information from Third Parties

We may receive information about you from:

• Payment Processors: Stripe, PayPal, Square, Paddle, Frame (transaction data)
• OAuth Providers: If you sign in using third-party services
• Business Partners: If you are referred by a partner
• Public Sources: Publicly available information for business purposes

3. How We Use Your Information

We use your information for the following purposes:

3.1 Provide and Maintain the Service

• Create and manage your account
• Process transactions and send invoices
• Enable communication features (SMS, email, chat)
• Store and manage your files securely
• Provide customer support
• Monitor and improve Service performance

3.2 Personalization and Improvement

• Customize your experience based on preferences
• Analyze usage patterns to improve features
• Develop new features and functionality
• Conduct research and analytics

3.3 Communication

• Send service notifications and updates
• Respond to inquiries and support requests
• Send marketing communications (with your consent)
• Provide important security alerts

3.4 Security and Compliance

• Detect, prevent, and address fraud and abuse
• Comply with legal obligations
• Enforce our Terms of Service
• Protect rights, property, and safety

3.5 Business Operations

• Process payments and manage subscriptions
• Generate invoices and receipts
• Maintain business records
• Conduct audits and compliance reviews

4. Legal Basis for Processing (GDPR Compliance)

For users in the European Economic Area (EEA), we process your personal data based on the following legal grounds:

• Contractual Necessity: To fulfill our contract with you (provide the Service)
• Legitimate Interests: To improve our Service, prevent fraud, and ensure security
• Legal Compliance: To comply with applicable laws and regulations
• Consent: For marketing communications and optional features (you may withdraw consent at any time)

5. Information Sharing and Disclosure

5.1 We DO NOT Sell Your Data

BinaryCRM does NOT sell, rent, or trade your personal information to third parties for their marketing purposes.

5.2 Service Providers

We share information with trusted service providers who assist in operating our Service:

• Cloud Infrastructure: Cloudflare (hosting and security)
• Database: Neon (PostgreSQL hosting)
• Payment Processing: Stripe, PayPal, Square, Paddle, Frame
• Email Service: Resend (transactional emails)
• SMS Provider: Telnyx (text messaging)
• File Storage: Cloudflare R2 (file hosting)
• Analytics: Privacy-focused analytics tools

All service providers are bound by data protection agreements and process data only as instructed by us.

5.3 Business Transfers

If BinaryCRM is involved in a merger, acquisition, or sale of assets, your information may be transferred. We will provide notice before your data is transferred and becomes subject to a different Privacy Policy.

5.4 Legal Requirements

We may disclose your information if required to do so by law or in response to:

• Valid legal requests (subpoenas, court orders)
• Governmental or regulatory requirements
• Protection of rights, property, or safety
• Prevention of fraud or security threats

5.5 With Your Consent

We may share your information with third parties when you explicitly consent to such sharing.

6. Data Retention and Deletion

6.1 Retention Period

We retain your personal data for as long as necessary to:

• Provide the Service to you
• Comply with legal obligations (tax records, financial reporting)
• Resolve disputes and enforce agreements
• Maintain business records

6.2 Account Deletion

Upon account termination or deletion request:

• Your data will be retained for 30 days for recovery purposes
• After 30 days, all personal data will be permanently deleted
• Some data may be retained longer as required by law (e.g., financial records for 7 years)
• Anonymized or aggregated data may be retained indefinitely for analytics

6.3 Backup Retention

Backup copies containing your data may persist for up to 90 days after deletion due to our backup retention policies.

7. Data Security Measures

BinaryCRM implements robust security measures to protect your information:

7.1 Technical Safeguards

• Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
• Access Controls: Role-based access controls and multi-factor authentication
• Network Security: Firewalls, DDoS protection, intrusion detection
• Password Security: Passwords hashed using bcrypt with salt
• Database Security: Encrypted database connections, regular security patches
• File Storage: Secure cloud storage with encryption and access controls

7.2 Organizational Safeguards

• Regular security audits and penetration testing
• Employee training on data protection
• Confidentiality agreements with all personnel
• Incident response procedures
• Secure development practices

7.3 Data Breach Notification

In the event of a data breach affecting your personal information, we will notify you within 72 hours as required by applicable law.

8. Your Privacy Rights

8.1 General Rights (All Users)

• Access: Request a copy of your personal data
• Correction: Update or correct inaccurate information
• Deletion: Request deletion of your data ("right to be forgotten")
• Export: Download your data in portable format (JSON/CSV)
• Opt-Out: Unsubscribe from marketing communications

8.2 GDPR Rights (EEA Users)

If you are located in the European Economic Area, you have additional rights:

• Right to Restriction: Limit how we use your data
• Right to Object: Object to processing based on legitimate interests
• Right to Portability: Receive your data in machine-readable format
• Right to Withdraw Consent: Withdraw consent at any time
• Right to Lodge Complaint: File complaint with supervisory authority

8.3 CCPA Rights (California Users)

If you are a California resident, you have the right to:

• Know what personal information we collect, use, and share
• Delete personal information we have collected (with exceptions)
• Opt-out of the sale of personal information (we don't sell data)
• Non-discrimination for exercising CCPA rights

8.4 Exercising Your Rights

To exercise any of these rights, contact us at privacy@binarycrm.com or through your account settings. We will respond to requests within 30 days.

9. Cookies and Tracking Technologies

9.1 Types of Cookies We Use

Essential Cookies: Required for the Service to function (authentication, security, session management)

Performance Cookies: Help us understand how users interact with the Service

Functional Cookies: Remember your preferences and settings

Analytics Cookies: Analyze traffic and usage patterns (anonymized)

9.2 Third-Party Cookies

Some of our service providers may set their own cookies. We have no control over third-party cookies and recommend reviewing their privacy policies.

9.3 Cookie Management

You can control cookies through your browser settings. Note that disabling essential cookies may affect Service functionality.

9.4 Do Not Track

We honor Do Not Track (DNT) signals and do not track users across third-party websites.

10. International Data Transfers

BinaryCRM is based in the United States (Delaware). If you access the Service from outside the U.S., your information will be transferred to, stored, and processed in the United States.

For users in the EEA, we ensure appropriate safeguards:

• Standard Contractual Clauses (SCCs) approved by the European Commission
• Adequate security measures compliant with GDPR
• Data processing agreements with all service providers

11. Children's Privacy

BinaryCRM is not intended for users under the age of 18. We do not knowingly collect personal information from children under 18.

If we become aware that we have collected personal data from a child under 18, we will take steps to delete such information immediately. If you believe we have collected information from a child, please contact us at privacy@binarycrm.com.

12. Marketing Communications and Opt-Out

12.1 Email Marketing

With your consent, we may send you marketing emails about:

• New features and updates
• Product announcements
• Tips and best practices
• Special offers and promotions

12.2 SMS Marketing

We will only send SMS messages after obtaining your explicit opt-in consent. Standard message and data rates may apply.

12.3 How to Opt-Out

• Click "Unsubscribe" in any marketing email
• Reply "STOP" to any SMS message
• Update preferences in your account settings
• Contact us at unsubscribe@binarycrm.com

12.4 Transactional Emails

Note: You cannot opt-out of essential transactional emails (account notifications, security alerts, billing updates) as these are necessary for the Service.

13. Data Subject Access Requests (DSAR)

13.1 How to Submit a Request

To submit a data access, correction, or deletion request:

1. Email privacy@binarycrm.com with subject line "Privacy Rights Request"
2. Include your full name, email address, and account details
3. Specify the type of request (access, correction, deletion, etc.)
4. Provide verification information to confirm your identity

13.2 Response Timeline

• GDPR Requests: 30 days (extendable to 60 days for complex requests)
• CCPA Requests: 45 days (extendable to 90 days with notice)
• General Requests: Within 30 days

13.3 Verification Process

To protect your privacy, we verify your identity before fulfilling requests. This may require additional information or documentation.

14. Third-Party Websites and Services

The Service may contain links to third-party websites, applications, or services. BinaryCRM is not responsible for the privacy practices of these third parties.

We encourage you to read the privacy policies of any third-party services you access through our Service.

14.1 Integrated Services

BinaryCRM integrates with third-party services for enhanced functionality. Your use of these integrations is governed by their respective privacy policies:

• Stripe, PayPal, Square, Paddle, Frame (payment processing)
• Telnyx (SMS services)
• Resend (email delivery)
• Cloudflare (CDN and security)

15. Data Protection Officer

For privacy-related inquiries, you may contact our Data Protection Officer:

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

• Update the "Last Updated" date at the top of this page
• Send you an email notification
• Display a prominent notice in the Service
• For material changes, request your renewed consent where required by law

We encourage you to review this Privacy Policy periodically. Your continued use of the Service after changes constitutes acceptance of the updated policy.

17. Contact Information

For any privacy-related questions, concerns, or requests, please contact us:

Response Time

We strive to respond to all privacy inquiries within 2-3 business days.

18. Additional Privacy Information

18.1 California Privacy Rights (Shine the Light Law)

California residents may request information about our disclosure of personal information to third parties for direct marketing purposes. To make such a request, contact privacy@binarycrm.com.

18.2 Nevada Privacy Rights

Nevada residents have the right to opt-out of the sale of their personal information. BinaryCRM does not sell personal information as defined under Nevada law.

18.3 European Data Protection Supervisor

EEA users have the right to lodge a complaint with their local data protection authority if they believe we have not adequately addressed their privacy concerns.

18.4 Automated Decision Making

BinaryCRM may use automated systems for fraud detection and service optimization. These systems do not make decisions that significantly affect you without human review.