Last updated: February 16, 2025

1. Introduction

FyloCRM ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service. Please read this privacy policy carefully.

2. Information We Collect

2.1 Personal Information

We may collect personal information that you provide directly to us, including:

Name and contact information (email, phone number)
Company information and job title
Account credentials and authentication data
Payment and billing information
Communication preferences

2.2 CRM Data

To provide our Service, we access and process data from your CRM systems, including:

Lead and contact information
Sales pipeline data and stage information
Activity logs and interaction history
Deal values and conversion metrics
Custom fields and metadata

2.3 Usage Data

We automatically collect information about how you use our Service:

Log data (IP address, browser type, pages visited)
Device information and operating system
Usage patterns and feature interactions
Performance metrics and error reports
Cookies and similar tracking technologies

3. How We Use Your Information

We use the collected information for the following purposes:

Provide, maintain, and improve our Service
Analyze your CRM data to identify optimization opportunities
Generate AI-powered insights and recommendations
Process payments and manage subscriptions
Communicate with you about the Service
Provide customer support and technical assistance
Comply with legal obligations and enforce our terms
Protect against fraud and security threats

4. Data Sharing and Disclosure

4.1 We Do Not Sell Your Data

We do not sell, trade, or rent your personal information or CRM data to third parties.

4.2 Limited Sharing

We may share your information only in the following circumstances:

Payment Processing: We share payment and billing information with Paddle , our authorized payment processor and Merchant of Record. Paddle processes all subscription payments and handles payment-related data in accordance with their privacy policy and PCI DSS compliance standards.
Service Providers: Trusted third parties who assist in operating our Service, including cloud hosting providers, email services, and analytics platforms
Legal Requirements: When required by law or to protect our rights
Business Transfers: In connection with mergers, acquisitions, or asset sales
Consent: When you explicitly consent to sharing

Payment Processing with Paddle

When you make a purchase, your payment information (credit card details, billing address) is securely transmitted to and processed by Paddle, which acts as our Merchant of Record. We do not store your full credit card information on our servers. Paddle handles all payment processing in compliance with PCI DSS standards. For more information about how Paddle handles your data, please review their privacy policy at www.paddle.com/legal/privacy.

5. Data Security

We implement comprehensive security measures to protect your information:

Encryption in transit and at rest using industry-standard protocols
Regular security audits and vulnerability assessments
Access controls and authentication mechanisms
Employee training on data protection practices
Incident response procedures and monitoring systems

Security Certifications

Our infrastructure is hosted on SOC 2 Type II compliant providers and follows industry-best practices for GDPR and CCPA guidelines to ensure data protection and privacy.

6. Data Retention

We retain your information for as long as necessary to provide our Service:

Account Data: Retained while your account is active
CRM Data: Processed and deleted according to your preferences
Usage Data: Retained for up to 2 years for analytics purposes
Legal Requirements: Retained as required by applicable laws

7. Your Rights and Choices

You have the following rights regarding your personal information:

Access: Request a copy of your personal information
Correction: Update or correct inaccurate information
Deletion: Request deletion of your personal information
Portability: Receive your data in a machine-readable format
Opt-out: Unsubscribe from marketing communications
Restriction: Limit how we process your information

8. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

Essential Cookies: Required for basic functionality
Analytics Cookies: Help us understand usage patterns
Preference Cookies: Remember your settings and preferences
Marketing Cookies: Deliver relevant advertisements (with consent)

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions where applicable.

10. Children's Privacy

Our Service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If we become aware that we have collected such information, we will take steps to delete it promptly.

11. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Data Protection Officer
Email: support@fylocrm.com
Address: Block 45, Dera Ghazi Khan, Punjab, Pakistan
Response Time: We aim to respond within 24-48 hours

Privacy Policy