Privacy Policy

Last updated: 2026-05-04

Alloza CRM (“we”, “our”, “us”) is operated by ALLOZA LLC, a US limited liability company. This Privacy Policy explains what data we collect, why, and your rights over it.

1. What we collect

Account data: your email address, full name, and hashed password (when using email login) or public OAuth profile fields (when using Google Sign-In: name, email, profile picture URL).
Workspace data: leads, clients, projects, invoices, contracts, calendar shoots, and messages that you create inside the app.
Operational data: server request logs (IP address, timestamp, HTTP method/path), error reports sent to Sentry, and webhook event payloads received from Stripe, Resend, Twilio, and Meta.
Cookies: a single httpOnly, Secure, SameSite=Lax session cookie issued by Auth.js. No advertising or tracking cookies are set by us. Stripe may set its own fraud-prevention cookie when payment UI is loaded; see the Stripe Privacy Policy.

2. What we do not collect

We do not sell, rent, or share your data with third parties for advertising purposes.
We never see your clients' payment card numbers — Stripe handles all payment data end-to-end.
We do not collect Social Security Numbers or EINs of your clients or contractors. Tax addresses for 1099 reporting are stored only if you manually enter them.
We do not track you across other websites or apps.
We do not use your data to train AI or machine-learning models.

3. How we use your data

To provide and operate the CRM features you use.
To send transactional emails (booking confirmations, invoices) on your behalf.
To detect and prevent fraud, abuse, and security incidents.
To generate AI-powered summaries of client conversations — only when you explicitly trigger this feature.
To comply with applicable laws and respond to lawful requests.

4. Data security

We apply industry-standard measures to protect your data:

All data is transmitted over TLS (HTTPS). Unencrypted HTTP requests are redirected.
OAuth integration tokens (Instagram, Google) are encrypted at rest with AES-256-GCM before being stored in the database.
Database access is restricted to server-side code; no direct client access.
Production secrets (API keys, signing secrets) are stored as environment variables in Vercel and never committed to source code.
Sentry captures server-side errors; personally identifiable request data is scrubbed.

5. Instagram data (when you connect)

If you connect your Instagram Business account in Settings → Integrations, we receive webhook events from Meta whenever someone sends a direct message to your account. We use the Instagram Messaging API in compliance with the Meta Platform Terms and the Meta Developer Policies.

Data stored per message event:the sender's Instagram-Scoped User ID (IGSID), message text and any attachment metadata (type, URL), message ID, timestamp, and your Instagram Business Account ID. We do not request or store profile photos, follower counts, following lists, or any other profile data beyond what is strictly needed to render the conversation thread in your CRM inbox.

Retention: Messages are stored until you disconnect Instagram (Settings → Integrations) or delete your workspace. On disconnect, we immediately stop receiving new webhook events and permanently delete all stored Instagram threads and messages within 30 days. On workspace deletion, all Instagram data is hard-deleted within 30 days.

Use: Instagram data is used solely to display and reply to direct messages inside your CRM inbox. We do not use Instagram data for advertising, cross-workspace analytics, AI model training, or transfer to any third party other than the subprocessors listed in Section 7.

End-user deletion requests: People who have messaged you on Instagram may request deletion of their messages by emailing hello@allozacrm.com. We will remove their messages from our database within 30 days and confirm deletion by reply.

6. Your rights (GDPR / CCPA)

Access & portability: Workspace owners can download a full JSON export of all workspace data via Settings → Workspace → Export.
Erasure:Delete your workspace in Settings → Workspace → Delete. After a 30-day grace period the data is permanently deleted from our database. Database backup retention follows our provider's schedule (Neon: approximately 7 days).
Correction: You can edit any record directly in the app. For account data corrections, email hello@allozacrm.com.
Opt-out of sale / sharing (CCPA): We do not sell or share personal data for cross-context behavioral advertising. No opt-out mechanism is required, but you may contact us to confirm.

7. Subprocessors

We share data with the following service providers solely to operate the platform:

Vercel — hosting and edge infrastructure (USA)
Neon — PostgreSQL database (USA)
Stripe — payment processing (USA)
Resend — transactional email delivery (USA)
Twilio — SMS messaging (USA; only if SMS feature is used)
Anthropic — AI-generated conversation summaries (USA; only when you trigger the feature)
Sentry — error monitoring (USA)
Google — OAuth sign-in and Calendar sync (USA; only if you connect)
Meta — Instagram DM webhook and Messaging API (USA; only if you connect)

8. Data retention

Active workspace data is retained until you delete your workspace.
Server access logs are retained for up to 90 days.
Stripe webhook events are retained for 12 months for dispute and tax purposes.
After account or workspace deletion, all data is hard-deleted within 30 days.

9. Children's privacy

Alloza CRM is a business tool intended for adults. We do not knowingly collect data from anyone under 13. If you believe a minor has provided us data, contact us and we will delete it promptly.

10. Changes to this policy

We may update this policy to reflect product or legal changes. Material changes will be announced via email to workspace owners at least 14 days before taking effect. The “Last updated” date at the top of this page always reflects the most recent revision.

11. Contact

Privacy questions, access requests, or deletion requests: hello@allozacrm.com
ALLOZA LLC, United States