Privacy Policy

Last updated: April 07, 2026

This Privacy Policy explains how CSK CRM ("we", "us", "our") collects, uses, and protects information about you when you use our service.

1. Information We Collect

Account information: Name, email address, mobile number, company name, and password when you register.

Business data: Any data you enter into the CRM — leads, clients, invoices, tasks, notes, files. This data belongs entirely to you.

Usage data: We collect anonymous usage analytics (pages visited, features used) to improve the product. No personally identifiable information is included.

Payment data: Payments are processed by Razorpay or Cashfree. We do not store your card details — they are handled entirely by these PCI-DSS compliant processors.

Cookies: We use session cookies for authentication and preference cookies (e.g., currency selection). No third-party advertising cookies are used.

2. How We Use Your Information

• To provide and operate the CRM service
• To send transactional emails (OTP verification, invoices, password reset)
• To communicate important updates about the service
• To process payments and manage subscriptions
• To improve the product through usage analytics
• To comply with legal obligations

3. Data Isolation and Multi-Tenancy

CSK CRM is a multi-tenant application. Every account's data is strictly isolated from all other accounts using tenant-level access controls. No organisation can access another organisation's data. Our staff can only access data when explicitly required for support purposes and with your consent.

4. Data Sharing

We do not sell your personal information to third parties. We share data only with:

• Payment processors (Razorpay, Cashfree) for billing purposes
• Email providers for transactional email delivery
• Infrastructure providers (hosting, CDN) who process data on our behalf under data processing agreements
• Law enforcement if required by a valid legal process

5. Data Retention

We retain your account data for as long as your account is active. If you cancel your subscription, we retain data for 30 days to allow recovery, after which it is permanently deleted. You may request deletion at any time by contacting support@cskcrm.com.

6. Security

We implement industry-standard security measures including HTTPS encryption, hashed passwords (bcrypt), database-level isolation, and regular security updates. While we take all reasonable precautions, no system is 100% secure. We will notify you promptly in the event of a data breach affecting your information.

7. Your Rights

You have the right to:

• Access all personal data we hold about you
• Correct inaccurate information
• Request deletion of your account and data
• Export your data in a machine-readable format
• Opt out of non-essential communications

To exercise any of these rights, contact us at privacy@cskcrm.com.

8. Children's Privacy

CSK CRM is not intended for use by children under 18. We do not knowingly collect personal information from minors.

9. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. The "Last updated" date at the top of this page reflects the most recent revision.

10. Contact Us

For privacy-related questions or requests, contact us at privacy@cskcrm.com or write to us at our registered address.