Privacy Policy

This Privacy Policy describes how LEVITATION INFOTECH LLP ("Company," "we," "our," or "us") collects, uses, stores, discloses, and otherwise processes your personal information through our cloud-based SaaS CRM platform, BeigeCRM, accessible at https://beigecrm.com (the "Platform"). This Policy applies to all users of the Platform, including administrators, team members, and any individual whose information is processed through the Platform. By accessing or using BeigeCRM, you expressly consent to the collection, use, and processing of your information as described in this Privacy Policy. This Privacy Policy is governed by the laws of India, including but not limited to the Information Technology Act, 2000, the Information Technology (Reasonable Security Practices and Procedures and Sensitive Personal Data or Information) Rules, 2011, and any other applicable data protection legislation. If you do not agree with the terms of this Privacy Policy, please do not access or use the Platform.

We use the information we collect for the following purposes: • Provide, operate, and maintain the Platform and its features • Process payments and manage your subscription • Send transactional communications, including login alerts, email verification, password resets, booking confirmations, and account notifications • Improve, personalize, and optimize the Platform and user experience • Perform analytics and usage analysis to enhance our services • Provide customer support and respond to your inquiries • Detect, prevent, and address fraud, abuse, security issues, and technical problems • Comply with legal obligations and enforce our Terms of Service Where AI-powered features are available (such as email suggestions or smart recommendations), email content and CRM data may be processed to generate suggestions. We do not use your data to train machine learning models. AI processing is performed solely to provide features within your account.

We integrate with and share information with the following third-party services to provide the Platform’s functionality: • Razorpay — Payment processing. Razorpay processes your payment information in accordance with their privacy policy. • Twilio — Telephony and calling features. When you use calling features, call metadata and recordings (if enabled) are processed through Twilio. • Email Providers (Gmail, Outlook via IMAP/SMTP) — User-connected email integrations. We access email data only as authorized by you through OAuth or IMAP/SMTP credentials you provide. • Google Meet — Meeting scheduling and calendar integration. • PostHog — Product analytics and usage tracking. • Google Analytics — Website and platform analytics. Each third-party service operates under its own privacy policy. We encourage you to review their policies. We are not responsible for the privacy practices of these third-party services.

Your data is stored on secure cloud infrastructure. We implement reasonable security measures to protect your personal information, including: • Encryption of data at rest and in transit (TLS/SSL) • JWT-based authentication with secure token handling • Role-Based Access Control (RBAC) to restrict data access within organizations • Audit logging of access and modifications to sensitive data • Regular security assessments and monitoring However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. By using the Platform, you acknowledge and accept the inherent security risks associated with transmitting data over the Internet.

We retain your personal information and CRM data for as long as your account is active or as needed to provide you the Services. Upon receiving an account deletion request, we will delete your personal data and CRM data within 30 days, except where retention is required by applicable law, regulation, or legitimate legal purposes (such as resolving disputes, enforcing agreements, or compliance with tax and accounting requirements). Backup copies of data may be retained for a reasonable period for disaster recovery purposes, after which they are permanently deleted in accordance with our backup rotation schedule. Aggregated or anonymized data that cannot be used to identify you may be retained indefinitely for analytical, statistical, and research purposes.

You have the following rights with respect to your personal information: • Access — You may request access to the personal data we hold about you. • Correction — You may update or correct inaccurate personal data directly through the Platform settings. • Deletion — You may request deletion of your account and associated data through your account settings or by emailing us at help@beigecrm.com. • Data Export — You may export your CRM data (contacts, deals, companies, etc.) via CSV export functionality available within the Platform. • Withdraw Consent — You may withdraw your consent to data processing at any time by writing to us. Withdrawal of consent may limit your ability to access certain features. • Complaint — You have the right to lodge a complaint with the appropriate data protection authority if you believe your data rights have been violated. To exercise any of these rights, please contact us at help@beigecrm.com.

BeigeCRM uses the following types of cookies: • Essential Cookies — Required for the Platform to function properly, including session management and authentication tokens. These cannot be disabled without affecting Platform functionality. • Analytics Cookies — Used by PostHog and Google Analytics to collect usage data and help us understand how the Platform is used. • Preference Cookies — Store your preferences such as language, timezone, and display settings. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Platform.

BeigeCRM is a business software platform and is not directed at children under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal data from a child under 18, we will take steps to delete that information promptly. If you believe we have collected information from a minor, please contact us immediately at help@beigecrm.com.

BeigeCRM is operated by LEVITATION INFOTECH LLP from India. Your data is primarily stored and processed on servers located in India. By using the Platform, you consent to the transfer, storage, and processing of your information in India. If you are accessing the Platform from outside India, please be aware that your information may be transferred to, stored, and processed in India, where data protection laws may differ from those in your jurisdiction.

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The updated policy will be posted on this page with a revised "Last Updated" date. Your continued use of the Platform after any changes constitutes your acceptance of the revised Privacy Policy. For significant changes that materially affect your rights, we will make reasonable efforts to notify you via email or through a prominent notice on the Platform.

For any grievances, concerns, or questions regarding this Privacy Policy or our data practices, please contact our Grievance Officer at: Email: help@beigecrm.com LEVITATION INFOTECH LLP 82 A, E4-038A, Noida Sector 82 Gautam Buddha Nagar, India Available: Monday – Friday, 9:00 AM – 6:00 PM IST We will acknowledge your grievance within 24 hours and endeavor to resolve it within 30 days of receipt.