Haletale CRM (“Haletale,” “we,” “our,” or “us”) values your privacy. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use crm.haletale.com (the “Platform”).
By accessing or using the Platform, you agree to the practices described in this Privacy Policy.
We may collect the following categories of information:
A. Information You Provide Directly
We collect personal information that you voluntarily provide to us when you register for an account, use the Platform, or communicate with us. This may include:
Account and Contact Information: Full name, company name, email address, phone number, billing address, and other identifiers used to register and manage your account.
Authentication Information: Login credentials, passwords, or security tokens required to access your account.
Payment and Billing Information: Credit card details, bank account information, billing address, and transaction records. Payments are securely processed by third-party payment processors (e.g., Stripe), and we do not store full payment card details on our systems.
Business Information: Content you upload to the Platform, including CRM entries, notes, files, communication logs, and business workflows.
Communications: Any correspondence with us via email, chat, phone, or within the Platform (including support tickets and feedback).
B. Information About End-Customers
Because Haletale CRM is a platform for businesses such as property managers, insurance agents, and other professionals, our clients may input or upload personal information about their own customers into the Platform. Such information may include:
Identifiers and Contact Information: Names, email addresses, phone numbers, physical addresses, tenant or policyholder details.
Transactional Information: Records of interactions, appointments, insurance policy details, or tenant lease information.
Payment Data: Billing details processed through integrated third-party payment gateways.
Sensitive Information: Depending on the client’s business model, some clients may collect and store sensitive data (for example, insurance-related information, rental history, or other regulatory data). While Haletale CRM does not specifically require sensitive information, we provide the infrastructure for clients to store data they choose to collect. Clients are solely responsible for ensuring their data collection complies with applicable privacy laws.
C. Information Collected Automatically
When you use the Platform, certain information is automatically collected about your device and interactions. This may include:
Device and Usage Data: IP address, browser type, operating system, time zone, language settings, and unique device identifiers.
Log Data: Information about your activity within the Platform, including the pages you visit, features you use, links you click, and time spent on the Platform.
Cookies and Tracking Technologies: We and our third-party partners use cookies, pixels, beacons, and similar technologies to recognize your browser, analyze usage patterns, improve services, deliver targeted advertising, and measure the effectiveness of campaigns.
Location Data: Approximate geographic location derived from IP addresses, unless you disable location tracking.
D. Information from Third Parties
We may receive additional information about you from third-party sources, including:
Service Providers and Integrations: Information from payment processors (e.g., Stripe), communication providers (e.g., Twilio, Mailgun), analytics providers (e.g., Google Analytics), or other partners integrated into the Platform.
Business Partners and Resellers: Data provided through joint marketing campaigns, referral partners, or sales collaborations.
Publicly Available Data: Information available from government databases, professional networks, or publicly accessible websites.
E. Anonymized and Aggregated Data
We may de-identify or aggregate personal information to create statistical or analytical insights that do not identify any individual. Such information may be used to improve the Platform, monitor trends, or for other lawful business purposes.
We use personal information for various business and commercial purposes. The exact use may depend on whether you are a direct client (sub-account holder) or an end-customer whose information is processed by a client.
A. Primary Purposes
Service Delivery: To operate, maintain, and provide you with the Platform and related services.
Account Management: To create, authenticate, and maintain accounts.
Transactions & Billing: To process payments, issue invoices, and manage billing.
Communications: To send service updates, respond to inquiries, and provide customer support.
Analytics & Improvements: To analyze usage patterns, identify trends, and enhance features.
Security & Fraud Prevention: To detect and prevent unauthorized access, abuse, or fraudulent activities.
Compliance: To comply with legal and regulatory requirements.
B. Marketing & Personalization
To send promotional content, newsletters, and updates about Haletale CRM (where legally permitted).
To deliver personalized ads and recommendations using cookies, pixels, and analytics.
To measure the effectiveness of marketing campaigns.
C. Legal Bases for Processing (GDPR)
If you are located in the EEA/UK, we rely on the following lawful bases:
Consent (e.g., for marketing emails, cookies).
Contract (e.g., providing services you requested).
Legal obligation (e.g., tax or financial record keeping).
Legitimate interests (e.g., improving services, preventing fraud).
We disclose personal information to third parties in limited circumstances:
A. Service Providers (Processors)
We share information with trusted providers who assist in delivering our services, including:
Payments: Stripe, PayPal, or equivalent processors.
Communications: Twilio (SMS/voice), Mailgun (email).
Hosting & Infrastructure: Cloud providers with industry certifications (SOC 2, ISO 27001).
Analytics: Google Analytics, Meta Pixel.
These providers process data on our behalf under contractual obligations.
B. Business Partners & Resellers
We may share limited data with authorized resellers, integration partners, or affiliates in connection with joint offerings.
C. Legal Obligations
We may disclose information to regulators, courts, or government authorities when legally required or to enforce our legal rights.
D. Business Transfers
If Haletale CRM is involved in a merger, acquisition, or sale, your data may be transferred to the successor entity, subject to this Privacy Policy.
E. Aggregated or De-Identified Data
We may share anonymized insights with third parties for research, analytics, or business development.
A. What We Use
Essential Cookies: For authentication, security, and session management.
Performance Cookies: For analytics (Google Analytics, Mixpanel, etc.).
Advertising Cookies: For retargeting and behavioral ads (Meta Pixel, Google Ads).
Functional Cookies: To remember preferences and improve experience.
B. How We Use Them
Recognize repeat visitors.
Track navigation and improve site usability.
Serve targeted ads across devices.
C. Your Choices
Adjust browser settings to disable cookies.
Opt out of Google Analytics via Google’s Opt-out Tool.
Opt out of targeted ads via Network Advertising Initiative.
We retain personal data while accounts remain active.
When an account is closed, we delete or anonymize associated data, unless retention is legally required.
Certain transaction data may be retained to comply with financial, tax, or regulatory obligations.
We implement safeguards including:
Encryption at rest and in transit (TLS, AES-256).
Role-based access control for staff.
Multi-factor authentication for admin accounts.
Regular penetration testing and monitoring.
Secure hosting providers with data center certifications.
Disclaimer: While we take reasonable steps to secure data, no system can guarantee 100% security.
Data may be processed in Canada, the United States, or other countries where our service providers operate.
When transferring data internationally, we rely on appropriate safeguards such as:
Standard Contractual Clauses (SCCs) approved by the European Commission.
Participation of our service providers in the EU-U.S. Data Privacy Framework or equivalent mechanisms.
Depending on your location, you may have rights under privacy laws (including GDPR, CCPA/CPRA, and Canada’s PIPEDA), such as:
Right to access, correct, or delete your data.
Right to restrict or object to processing.
Right to data portability.
Right to withdraw consent at any time.
Right to opt-out of sale or sharing of personal information (California/CCPA).
Right to file a complaint with your local data protection authority.
To exercise your rights, contact us at [email protected].
We use administrative, technical, and physical safeguards to protect data, including:
Encryption in transit and at rest.
Role-based access controls.
Regular monitoring of systems for vulnerabilities.
No system is 100% secure; we cannot guarantee absolute security.
Some browsers offer “Do Not Track” features. Our Platform does not currently respond to these signals.
The Platform is not directed at children under 18. We do not knowingly collect information from minors.
We may update this Privacy Policy from time to time. Updates will be posted at crm.haletale.com with the revised “Effective Date.”
For questions about this Privacy Policy or your data rights, please contact us:
Haletale CRM
Email: [email protected]
Website: crm.haletale.com