Privacy Policy

Effective date: March 1, 2025  ·  Last updated: March 7, 2026

CPCRM ("we", "our", or "us") operates the CPCRM mobile application and web platform (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use it, and your rights regarding that information.

1. Information We Collect

We collect the following categories of information when you use CPCRM:

Account & Profile Information

  • Name, email address, and phone number provided during registration
  • Business name and role (e.g., channel partner, agent)
  • Profile photo (optional)

Leads & CRM Data

  • Lead contact details (name, phone, email) that you or your organisation enter into the app
  • Activity notes, follow-up reminders, and deal pipeline information
  • Leads imported from Facebook Lead Ads (with your explicit authorisation)

Device & Usage Information

  • Device identifiers (used for push notifications only)
  • App version, operating system, and general usage analytics
  • Crash reports and diagnostic data to improve stability

We do not collect precise GPS location, contacts from your device address book, camera or microphone access, or any data unrelated to the CRM functionality.

2. How We Use Your Information

  • To create and manage your CPCRM account
  • To provide lead management, pipeline tracking, and CRM features
  • To send push notifications for reminders and lead updates (you can opt out in device settings)
  • To respond to your support requests
  • To improve and troubleshoot the Service using aggregated, anonymised analytics
  • To comply with legal obligations

We do not use your data for advertising, profiling for third parties, or any purpose beyond operating the Service.

3. Data Sharing

We do not sell, rent, or trade your personal data. We may share information only in these limited circumstances:

  • Within your organisation: Team members added to the same CPCRM workspace may see shared leads and pipeline data as configured by your admin.
  • Service providers: We use AWS for secure cloud hosting and infrastructure. These providers process data solely to operate the Service and are bound by confidentiality obligations.
  • Legal requirements: We may disclose data if required by law, court order, or to protect the rights and safety of our users.

4. Data Security

All data is stored on AWS infrastructure with encryption at rest and in transit (TLS/HTTPS). We apply industry-standard security practices including access controls, regular security reviews, and secure authentication. While we take every precaution, no system is 100% secure; we will notify you promptly in the event of a data breach that affects your information.

5. Data Retention

We retain your data for as long as your account is active. If you delete your account, all associated personal data is permanently removed from our systems within 30 days, except where retention is required by law.

6. Your Rights & Choices

You have the right to:

  • Access – Request a copy of the personal data we hold about you.
  • Correction – Ask us to correct inaccurate or incomplete data.
  • Deletion – Request deletion of your account and all associated data.
  • Portability – Request an export of your data in a machine-readable format.
  • Opt-out of notifications – Disable push notifications at any time through your device settings.

To exercise any of these rights, email us at infobiz@cpcrm.biz. We will respond within 30 days.

Account deletion request: Send an email to infobiz@cpcrm.biz with subject line "Delete My Account" and we will permanently delete your account and data within 30 days.

7. Third-Party Services

The Service integrates with the following third-party platforms:

  • Facebook / Meta Lead Ads – Used to import leads from your Facebook ad campaigns. This integration is optional and requires your explicit OAuth authorisation. See Facebook Privacy Policy for details.
  • Google Analytics – Used to collect anonymised website usage statistics. No personally identifiable information is shared.
  • Firebase (Google) – Used for push notification delivery (FCM). Only device tokens are shared, not personal data.

8. Children's Privacy

CPCRM is a business application intended for users aged 18 and older. We do not knowingly collect personal data from children under 13. If you believe a child has provided us with personal information, please contact us immediately and we will delete it.

9. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for significant changes, notify you via email or an in-app notice. Continued use of the Service after changes take effect constitutes your acceptance of the revised policy.

10. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy, please reach out:

CPCRM

Email: infobiz@cpcrm.biz

Website: cpcrm.biz

Thank you for trusting CPCRM with your business.