CRMish

Privacy Policy

Last updated: 2026-05-20 · DRAFT — pending final review

> Notice. Placeholder document. Final Privacy Policy is being drafted by the reviewer agent and will be reviewed by counsel before public launch.

1. What we collect

  • Account info: email, display name, password (hashed).
  • Workspace data: prospects, conversations, follow-ups, sales, daily plans, reflections, journal text, mood, productivity scores — everything you put into the app to track your work.
  • Usage signals: timestamps of activity, basic device + timezone for display purposes.
  • Billing: Stripe handles your card directly. We store a Stripe customer ID, not card details.

2. How we use it

  • Run the Service for you (showing your data back to you, computing scores, sending AI coaching where applicable).
  • Send transactional email (account confirmations, password resets, billing receipts).
  • Improve the product based on aggregated, anonymized usage patterns.

3. What we don't do

  • We don't sell your data.
  • We don't share your data with advertisers.
  • We don't read your journal entries except when our AI coaching feature processes them on your explicit interaction (Premium tier).

4. AI coaching + third-party AI processing

Premium-tier coaching sends a structured summary of your day (productivity score, streak, mood, reflection text excerpt) to Anthropic's API for personalized coaching messages. Anthropic's terms cover their handling of that data; see Anthropic's privacy policy.

5. Security

Passwords are hashed with bcrypt. Sessions are iron-session encrypted cookies. We run on Vercel (US) with the database on Turso. We don't promise perfect security — see the Terms of Service for liability terms — but we follow established practices.

6. Your rights

You can: - Export your data anytime from Settings (coming soon). - Delete your account, which removes your data within 30 days from backups. - Correct account info from Settings.

GDPR / CCPA users have additional rights under those frameworks. Email privacy@accountable.crm to invoke them.

7. Cookies

We use a session cookie. See Cookie Policy for details.

8. Children

The Service isn't intended for users under 13. If we learn someone under 13 has signed up, we delete the account.

9. Changes

Material changes posted here at least 30 days in advance.

10. Contact

Questions: privacy@accountable.crm.

This placeholder will be replaced with the final document once counsel review completes.