PRIVACY POLICY
Effective Date: 1^st Oct 2025
Last Updated: 15^th Oct 2025

1. Introduction
Welcome to Volo CRM (“we,” “our,” “us”). We are committed to protecting your privacy and ensuring your personal data is handled responsibly. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our SaaS-based CRM platform, accessible via web or mobile applications. By using our Services, you consent to the terms of this Privacy Policy.

2. Scope of This Policy
This Policy applies to all users of Volo CRM, including those accessing from the European Economic Area (EEA), the United Kingdom (UK), the United States, and other regions subject to data protection regulations such as the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

3. Information We Collect
a. Information You Provide
- Account Information – Your name, company name, email address, phone number, and login credentials.
- Billing and Payment Data – Payment method, billing address, and transaction records. We use secure third-party payment processors and do not store full card details.
- Customer Data – All CRM data you upload, such as leads, contacts, deals, notes, emails, and attachments. You retain full ownership of this data.
- Support Information – Communications and feedback shared via chat, email, or support tickets.

b. Information Automatically Collected
- Usage Data – Information on your interactions with the platform, such as pages viewed, actions performed, and login timestamps.
- Device Information – IP address, browser type, operating system, and device identifiers.
- Cookies and Analytics – We use cookies and third-party analytics tools to enhance user experience, track performance, and analyze usage trends.

c. Information from Third Parties
- Integration data from external platforms (Google, Microsoft, WhatsApp, etc.).
- Publicly available business information or data provided through partner referrals.

4. How We Use Your Information
We process your information for
- Service Delivery – To operate, maintain, and improve the Volo CRM platform.
- Account Management – To verify users, provide billing, and manage subscriptions.
- Customer Support – To resolve issues and respond to inquiries.
- Service Improvement – To enhance product features and usability.
- Communication – To send updates, product notices, and system alerts.
- Compliance and Security – To detect, prevent, and investigate fraud, unauthorized access, or violations of our Terms.
We never sell or rent your personal data.

5. Legal Basis for Processing (GDPR)
For users in the EEA or UK, we process your personal data under the following lawful bases:
- Contractual Necessity – To deliver the CRM services you subscribe to.
- Legitimate Interests – To enhance service quality, prevent fraud, and maintain security.
- Legal Obligation – To comply with applicable tax, regulatory, or legal requirements.
- Consent – When you explicitly agree to marketing communications or optional integrations.

6. CCPA Compliance (California Residents)
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA)
- Right to Know what personal data we collect and how it’s used.
- Right to Access and request copies of your personal data.
- Right to Delete personal data we have collected.
- Right to Opt Out of data sharing or sale (Volo CRM does not sell data).
- Right to Non-Discrimination for exercising any of these rights.
To exercise these rights, email us at privacy@volocrm.com with the subject “CCPA Request.”

7. Data Ownership
- You own all data entered or uploaded into your CRM account.
- We act only as a data processor and handle your data on your behalf.
- You can export or delete your data anytime from within your account settings.

8. Data Retention
We retain your information:
- As long as your account remains active.
- For up to 60 days after account termination, unless deletion is requested earlier.
- For longer durations when required by law (e.g., financial records).

9. Data Security
We implement industry-standard security measures, including HTTPS, SSL encryption, role-based access control, and daily backups. While we take extensive precautions, no digital system is 100% secure.

10. Data Transfers
Your data may be processed outside your country, including on servers in the United States or India. We ensure appropriate data protection measures through Standard Contractual Clauses (SCCs) or other GDPR-compliant safeguards.

11. Sharing and Disclosure
We may share limited information only with:
- Service Providers – Hosting, email, analytics, and payment partners.
- Legal Authorities – When required by law or in response to valid legal processes.
- Business Transfers – In case of a merger, acquisition, or restructuring (with prior notice).

12. Your Rights (GDPR & CCPA)
You may access, correct, delete, or export your personal data, and file a complaint with your local authority. Contact privacy@volocrm.com to exercise these rights.

13. Cookies and Tracking
We use cookies for authentication, analytics, and preferences. You can disable cookies in your browser settings.

14. Children’s Privacy
Our services are not directed toward individuals under 18 years old. We do not knowingly collect data from minors.

15. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be available on our website.

16. Contact Us
support at volocrm dot com