CRMove

Privacy Policy

Last updated: June 3, 2026

This Privacy Policy explains how CRMove (“we”, “us”, “our”) collects, uses, and protects your personal data when you use our service at crmove.app. By creating an account, you agree to the practices described below.

1. Who we are

CRMove is a SaaS service that allows users to export their CRM data (contacts and engagement history) to CSV files. We act as a data processor on your behalf when handling data retrieved from your CRM account.

2. Data we collect

Account data

When you register, we collect your username, email address, and password (stored as a secure hash). We never store your password in plain text.

CRM credentials

To connect your CRM account, we store your API Key and Tenant Company name. These credentials are stored in your user profile and used solely to authenticate requests to your CRM on your behalf. We do not share them with any third party.

Export files

CSV files generated by your exports are stored temporarily on our server in a private, access-controlled directory. Files are automatically deleted after 24 hours. Download links are secured with a one-time nonce and are private to your account.

Usage data

We may collect basic technical logs (IP address, timestamps, export status) for security and debugging purposes. We do not use third-party analytics or advertising trackers.

3. How we use your data

  • To operate your account and authenticate you
  • To connect to your CRM and perform exports on your request
  • To send you a notification email when an export completes
  • To enforce access levels (freemium quotas, full access)
  • To comply with legal obligations

We do not sell your data, use it for advertising, or share it with third parties except as required by law.

4. Data retention

  • CSV export files — deleted automatically after 24 hours
  • CRM credentials — retained as long as your account is active; deleted on account closure
  • Account data — retained as long as your account is active
  • Technical logs — retained for up to 30 days

5. Your rights (GDPR)

If you are located in the European Economic Area, you have the following rights regarding your personal data:

  • Access — request a copy of the personal data we hold about you
  • Rectification — ask us to correct inaccurate data
  • Erasure — request deletion of your account and all associated data
  • Restriction — ask us to limit processing of your data
  • Portability — receive your data in a structured, machine-readable format
  • Objection — object to processing based on legitimate interests

To exercise any of these rights, email us at privacy@crmove.app. We will respond within 30 days.

6. Account deletion

When your account is deleted, we permanently erase all associated data: account information, CRM credentials, export files, and export history. No backup copies are retained after deletion.

7. Security

We implement appropriate technical and organisational measures to protect your data: HTTPS for all communications, hashed passwords, private file storage with direct access blocked, and access-controlled download links.

8. Cookies

We use only essential cookies required for authentication (WordPress session cookie). We do not use tracking or advertising cookies.

9. Changes to this policy

We may update this Privacy Policy from time to time. We will notify registered users by email of any material changes. Continued use of the service after the update constitutes acceptance of the revised policy.

10. Contact

For any privacy-related questions or requests:
privacy@crmove.app