1. Introduction

This Privacy Policy describes how ThinkCRM Beauty ("we", "us", or "our") collects, uses, and shares your personal information when you use our service. We are committed to protecting your privacy and ensuring GDPR compliance.

2. Information We Collect

We collect the following types of information:

2.1 Account Information

• Name, email address, and phone number
• Business name and address
• Payment information (processed securely through third-party processors)
• Account preferences and settings

2.2 Customer Data

• Customer names, contact details, and appointment history
• Service preferences and notes
• Purchase history and payment records
• Any other information you choose to store in the system

2.3 Usage Data

• Log data (IP address, browser type, pages visited)
• Device information and operating system
• Cookies and similar tracking technologies
• System usage statistics and performance data

3. How We Use Your Information

We use collected information for:

• Service Provision: To provide, maintain, and improve our CRM service
• Communications: To send service notifications, updates, and marketing (with consent)
• Payment Processing: To process subscription payments and add-on purchases
• Customer Support: To respond to inquiries and provide technical assistance
• Analytics: To understand usage patterns and improve user experience
• Security: To detect and prevent fraud, abuse, and security incidents
• Legal Compliance: To comply with legal obligations and enforce our terms

4. Legal Basis for Processing (GDPR)

We process your data based on:

• Contract Performance: To provide the service you subscribed to
• Consent: For marketing communications and optional features
• Legitimate Interests: For analytics, security, and service improvements
• Legal Obligations: To comply with applicable laws and regulations

5. Data Sharing and Disclosure

We may share your information with:

• Service Providers: Third parties who assist in service delivery (hosting, payment processing, email delivery)
• Business Transfers: In connection with mergers, acquisitions, or asset sales
• Legal Requirements: When required by law or to protect rights and safety
• With Your Consent: When you explicitly authorize sharing

We never sell your personal data to third parties.

6. Data Storage and Security

We implement appropriate security measures:

• Data is encrypted in transit using SSL/TLS
• Databases are encrypted at rest
• Access controls and authentication mechanisms
• Regular security audits and monitoring
• Data backups for disaster recovery
• Servers located in secure, GDPR-compliant data centers

7. Data Retention

We retain your data:

• For active accounts: As long as your subscription is active
• After cancellation: 30 days for account recovery purposes
• Legal requirements: Longer if required by law (e.g., tax records)
• You may request earlier deletion subject to legal obligations

8. Your Rights (GDPR)

You have the right to:

• Access: Request a copy of your personal data
• Rectification: Correct inaccurate or incomplete data
• Erasure: Request deletion of your data ("right to be forgotten")
• Restriction: Limit how we process your data
• Portability: Receive your data in a structured format
• Object: Object to processing based on legitimate interests
• Withdraw Consent: Withdraw consent for processing at any time
• Lodge a Complaint: File a complaint with a supervisory authority

To exercise these rights, contact us at: info@thinkcrm.net

9. Cookies and Tracking

We use cookies for:

• Essential Cookies: Required for service functionality
• Analytics Cookies: To understand usage patterns
• Preference Cookies: To remember your settings

You can control cookies through your browser settings. Disabling certain cookies may affect functionality.

10. Children's Privacy

Our service is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information promptly.

11. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence. We ensure adequate protection through:

• EU Standard Contractual Clauses
• Adequacy decisions by the European Commission
• Other lawful transfer mechanisms under GDPR

12. Third-Party Services

Our service may integrate with third-party services (payment processors, SMS providers, email services). These third parties have their own privacy policies, and we recommend reviewing them.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes via email or through the service. Continued use after changes constitutes acceptance of the new policy.

14. Contact Us

For privacy-related questions or to exercise your rights, contact us at:

ThinkCRM Beauty
Παναγίας Ευαγγελίστριας 49
Κάτω Πολεμίδια 4156, Λεμεσός - Κύπρος

Email: info@thinkcrm.net
Phone: +357 25 251948 | +30 210 300 1948