Skip to main content
What you’ll get out of this. Complete transparency about how DeelRx CRM collects, uses, and protects your data. Understand your privacy rights and how we comply with GDPR, CCPA, and other privacy regulations.

Our Privacy Commitment

DeelRx CRM is built on a privacy-first foundation. We believe your data belongs to you, and we’re committed to protecting it with bank-grade security while being completely transparent about our practices.
Privacy by Design: We implement privacy protections at every level of our service, from data collection to storage and processing.

Information We Collect

Data You Provide Directly

  • Email address (for authentication and communication)
  • Name and business information
  • Payment information (processed securely by Stripe)
  • Profile preferences and settings
  • Customer information and contact details
  • Inventory records and product information
  • Financial transactions and payment history
  • Notes, tags, and business communications
  • Support requests and chat interactions
  • Feedback and survey responses
  • Marketing preferences and opt-in status

Data We Collect Automatically

  • Feature usage and interaction patterns
  • Performance metrics and error logs
  • Device information and browser type
  • IP address and general location data
  • Session information and authentication tokens
  • API usage and system performance data
  • Security logs and access patterns
  • Cookie and tracking data (as described in our Cookie Policy)

How We Use Your Information

Primary Purposes

Service Delivery

  • Provide CRM functionality and features
  • Process transactions and manage subscriptions
  • Maintain account security and authentication
  • Deliver customer support and assistance

Service Improvement

  • Analyze usage patterns to improve features
  • Monitor system performance and reliability
  • Develop new functionality and integrations
  • Optimize user experience and interface
Processing necessary to provide the services you’ve requested and paid for.
Processing for our legitimate business interests, such as service improvement and security, balanced against your privacy rights.

Third-Party Services and Data Sharing

Our Trusted Partners

We work with carefully selected third-party services to provide secure functionality:
  • Purpose: Secure user authentication and account management
  • Data Shared: Email, name, authentication tokens
  • Privacy Policy: Clerk Privacy Policy
  • Data Processing Agreement: Yes, in place
  • Purpose: Secure payment processing and subscription management
  • Data Shared: Payment information, billing details, transaction history
  • Privacy Policy: Stripe Privacy Policy
  • Data Processing Agreement: Yes, in place
  • Purpose: Reliable hosting and content delivery
  • Data Shared: Website usage data, performance metrics
  • Privacy Policy: Netlify Privacy Policy
  • Data Processing Agreement: Yes, in place
  • Purpose: Content management and CMS functionality
  • Data Shared: Content data, user preferences
  • Privacy Policy: BaseHub Privacy Policy
  • Data Processing Agreement: Yes, in place
  • Purpose: Privacy-focused analytics and product insights
  • Data Shared: Anonymized usage patterns, feature adoption
  • Privacy Policy: PostHog Privacy Policy
  • Data Processing Agreement: Yes, in place

Data Sharing Limitations

No Data Selling: We never sell, rent, or trade your personal information to third parties for marketing purposes.
We only share data when:
  • Required to provide the Service (as described above)
  • Legally required by law enforcement or regulatory authorities
  • Necessary to protect our rights or prevent fraud
  • You have given explicit consent

Your Privacy Rights

GDPR Rights (EU Residents)

Access & Portability

  • Request a copy of your personal data
  • Receive data in a machine-readable format
  • Transfer data to another service

Correction & Erasure

  • Correct inaccurate personal data
  • Request deletion of your data
  • Withdraw consent for processing

Restriction & Objection

  • Restrict processing of your data
  • Object to processing based on legitimate interests
  • Opt out of automated decision-making

Complaint Rights

  • File complaints with supervisory authorities
  • Seek judicial remedies for violations
  • Contact our Data Protection Officer

CCPA Rights (California Residents)

  • What personal information we collect
  • How we use and share your information
  • Categories of third parties we share with
  • Request deletion of your personal information
  • Exceptions for legal compliance and service delivery
  • Verification process for deletion requests
  • Opt out of sale of personal information (we don’t sell)
  • Opt out of sharing for business purposes
  • Non-discrimination for exercising rights

Exercising Your Rights

To exercise your privacy rights:
  1. Contact Us: Email [email protected] or use our support chat
  2. Verification: We may request identity verification for security
  3. Response Time: We respond within 30 days (GDPR) or 45 days (CCPA)
  4. No Cost: Exercising your rights is free of charge

Data Security and Protection

Security Measures

Bank-Grade Security: We implement the same security standards used by financial institutions.
  • Encryption: AES-256 encryption for data at rest and in transit
  • Access Controls: Role-based access with multi-factor authentication
  • Network Security: Firewalls, intrusion detection, and monitoring
  • Regular Audits: Security assessments and penetration testing
  • Employee Training: Privacy and security training for all staff

Data Breach Response

In the unlikely event of a data breach:
  1. Immediate Response: Contain and assess the breach within 24 hours
  2. Notification: Notify affected users within 72 hours (GDPR requirement)
  3. Regulatory Reporting: Report to authorities as required by law
  4. Remediation: Implement additional security measures to prevent recurrence

Data Retention

Retention Periods

  • Retained while your account is active
  • Deleted within 30 days of account closure
  • Some data may be retained longer for legal compliance
  • Retained according to your business needs
  • Deleted upon your request or account closure
  • Backup data deleted within 90 days

Data Deletion

When you request data deletion:
  • Immediate: Remove from active systems
  • Backups: Delete from backups within 90 days
  • Anonymization: Some data may be anonymized for analytics
  • Legal Holds: Some data may be retained for legal proceedings

Children’s Privacy

Age Restriction: DeelRx CRM is not intended for users under 18 years of age.
  • We do not knowingly collect personal information from children under 18
  • If we discover such collection, we will delete the information immediately
  • Parents can contact us to review or delete their child’s information

International Data Transfers

Cross-Border Transfers

  • Your data may be transferred to and processed in the United States
  • We use Standard Contractual Clauses (SCCs) for EU data transfers
  • All transfers comply with applicable privacy laws
  • Data processing agreements ensure adequate protection

Data Localization

  • Primary data storage in the United States
  • EU data may be processed in EU-approved facilities
  • Backup data may be stored in multiple geographic locations
  • All locations meet our security and privacy standards

Cookies and Tracking

For detailed information about our use of cookies and tracking technologies, please see our Cookie Policy.

Changes to This Privacy Policy

Notification of Changes

  • Material changes will be communicated via email or in-app notification
  • Minor changes will be posted on this page with updated “Last Modified” date
  • Continued use after changes constitutes acceptance

Effective Date

This Privacy Policy is effective as of October 2025 and was last updated on October 2025.

Contact Information

Privacy Questions

Regulatory Authorities

EU Residents: You can contact your local data protection authority or the Irish Data Protection Commission (lead supervisory authority). California Residents: You can contact the California Attorney General’s Office.
For questions or assistance, please reach our team through the chat at https://deelrxcrm.com/support.