Privacy Policy

Last Updated: February 16, 2026

This Privacy Policy describes how Workganic (“we,” “us,” or “our”) collects, uses, discloses, and protects your personal information when you use our Customer Relationship Management (CRM) Software as a Service (SaaS) platform and related services (collectively, the “Service”). We are committed to protecting your privacy and ensuring compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA/CPRA), and other relevant regulations.

By using the Service, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with our policies and practices, please do not use the Service.

1. Information We Collect

We collect information that you provide directly to us, information we automatically gather, and information from third-party sources. This helps us provide, improve, and secure the Service.

Personal Information

  • Account and Profile Data: When you create an account or use the Service, we collect information such as your name, email address, company name, job title, phone number, billing information (e.g., credit card details for subscriptions), and any other data you provide in your profile or during sign-up.
  • User-Submitted Content: Data you upload or enter into the CRM, such as client names, contact details, notes, and custom fields. This may include sensitive information (e.g., financial or health-related data about your clients) if you choose to store it.

Usage and Device Data (Automatically Collected)

  • Log Data: IP address, browser type, device information, pages visited, time spent on pages, referral sources, and error logs.
  • Cookies and Tracking Technologies: We use cookies, pixels, and similar technologies to collect data on user behavior, preferences, and interactions. This includes session cookies for authentication, analytics cookies (e.g., Google Analytics), and marketing cookies. For more details, see our Cookie Policy section below.
  • Transaction Data: Subscription details, payment history, usage metrics (e.g., logins, feature access), and analytics on how you interact with the CRM.

Sensitive Information

We do not intentionally collect sensitive personal information (e.g., racial or ethnic origin, health data, or political opinions) unless you explicitly provide it through the Service (e.g., in custom client fields). If such data is collected, we will process it only with your explicit consent or as required by law.

We collect this information through forms, account registration, automatic logging, third-party integrations (e.g., payment processors like Stripe), and analytics tools.

2. How We Use Your Information

We use your information for legitimate business purposes, including:

  • Providing and Improving the Service: To manage accounts, process subscriptions, customize the CRM, provide support, and enhance features based on usage data.
  • Communication: Sending service updates, newsletters, marketing materials (with your consent), and transactional emails (e.g., billing receipts, password resets).
  • Analytics and Research: To understand user behavior, improve performance, and develop new features.
  • Security and Compliance: To detect fraud, prevent abuse, comply with legal obligations, and ensure data integrity.
  • Billing and Payments: To process recurring subscriptions and manage invoicing.

We only process sensitive information with your explicit consent and for the purposes you provide it (e.g., client management in the CRM).

3. How We Share Your Information

We do not sell your personal information. We may share it in limited circumstances:

  • Service Providers: With trusted third parties that help us operate the Service, such as payment processors (e.g., Stripe for subscriptions), cloud hosting (e.g., DigitalOcean), analytics (e.g., Google Analytics), and email services (e.g., SendGrid).
  • Legal Requirements: If required by law, such as in response to subpoenas, court orders, or government requests.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the transaction.
  • With Your Consent: If you explicitly agree to share data (e.g., integrations with other tools).

All third parties are required to protect your data and use it only for the purposes we specify.

4. Data Retention

We retain your personal information for as long as your account is active or as needed to provide the Service. For example:

  • Account data is kept until you delete your account.
  • Usage logs may be retained for up to 2 years for analytics and security.
  • Billing information is kept for 7 years to comply with tax laws.

Upon account deletion, we will delete or anonymize your data within 30 days, unless required to retain it for legal reasons.

5. Data Security

We implement industry-standard measures to protect your information, including:

  • Encryption in transit (HTTPS) and at rest.
  • Access controls and regular security audits.
  • Firewalls and intrusion detection systems.
  • Secure payment processing.

In the event of a data breach, we will notify you and relevant authorities as required by law (e.g., within 72 hours under GDPR).

6. Cookies and Tracking Technologies

We use cookies to enhance your experience:

  • Essential Cookies: For authentication and session management.
  • Analytics Cookies: To track usage (e.g., Google Analytics).
  • Marketing Cookies: For personalized ads (if applicable).

You can manage cookies via your browser settings or our cookie consent banner. See our [Cookie Policy] for details.

7. Your Rights

Depending on your location, you have rights under data protection laws, including:

  • Access: Request a copy of your data.
  • Correction: Update inaccurate information.
  • Deletion: Erase your data (subject to legal obligations).
  • Objection: Opt out of marketing or certain processing.
  • Portability: Receive your data in a transferable format.
  • Withdrawal of Consent: Revoke consent at any time.

To exercise these rights, contact us at [support@workganic.cloud]. We respond within 30 days (or less if required by law). For California residents (CCPA/CPRA), you can opt out of data sales (we don’t sell data, but you can request anyway).

8. International Data Transfers

If we transfer data outside your region (e.g., to U.S. servers), we use mechanisms like Standard Contractual Clauses to ensure adequate protection.

9. Children’s Privacy

Our Service is not intended for children under 13. We do not knowingly collect data from minors. If we learn we have, we will delete it immediately.

10. Changes to This Privacy Policy

We may update this policy to reflect changes in our practices or laws. We will notify you via email or a site notice for significant changes. Continued use of the Service constitutes acceptance.

11. Contact Us

For questions about this Privacy Policy or your data, contact:

Workganic, Ltd, P.O. Box 242, Newark, Ohio, 43058 or support@workganic.cloud