This Privacy Policy ("Policy") applies to users of HelloGrowthCRM and related services operated by Soor LLC ("HelloGrowthCRM," "we," "us," "our"), including:
By accessing or using HelloGrowthCRM, you agree to this Policy. If you do not agree, please discontinue use of the Service.
We collect information in three ways: (A) information you provide, (B) information collected automatically, and (C) permission-based data.
We use cookies and similar technologies to keep sessions active, remember preferences, improve security, analyze usage, and enhance product performance. You can control cookies in browser settings and consent tools. Disabling certain cookies may affect functionality.
Depending on the features you use, we may request access to camera, microphone, files/photos, or notifications for workflows such as document upload, QR scanning, voice-assisted input, and alerts. You can revoke these permissions in your device settings, but related features may not work.
HelloGrowthCRM includes AI capabilities for CRM assistance, content generation, summarization, and workflow recommendations. To fulfill AI requests, relevant prompts and selected CRM context may be processed by AI infrastructure providers (including OpenAI and other configured providers).
We do not sell personal information.
Where applicable, we rely on legal bases such as performance of contract, legitimate interests, consent, and legal obligations. You may withdraw consent for consent-based processing where available.
We share information only as needed for service delivery and legal compliance.
Providers we use may include infrastructure, AI, analytics, communications, and billing partners, such as:
Payments are processed by third-party payment processors. We do not store full payment card numbers on our servers.
We retain information only for as long as needed for business, contractual, security, legal, and compliance reasons. Retention varies by data type and your account status. When no longer needed, data is deleted or anonymized.
You may request account deletion on our account deletion page, or by contacting us at sales@hellogrowthcrm.com. Upon deletion request, we remove or anonymize data according to operational and legal retention requirements.
We maintain technical and organizational safeguards, including:
No system is 100% secure. Please use strong credentials and good security practices.
If we identify unauthorized access to personal data, we investigate, contain, and remediate the incident, and provide required notifications under applicable law and contractual commitments.
HelloGrowthCRM is a B2B CRM intended for business use and is not directed to children. We do not knowingly collect personal data from anyone under the age of 18.
India — DPDPA Section 9 (verifiable parental consent for minors):Under the Digital Personal Data Protection Act, processing of personal data of a child (under 18) requires verifiable consent of the parent or lawful guardian, and we may not undertake tracking, behavioural monitoring, or targeted advertising directed at children. Because our Service is offered to businesses for adult workforce use, we do not seek such consent. If we discover that personal data of a child has been collected without verifiable parental consent, we will delete it promptly. To request deletion of a minor's data, contact privacy@hellogrowthcrm.com.
Persons with disability: Where a Data Principal is a person with disability who has a lawful guardian, we will process such personal data only with the verifiable consent of that lawful guardian, in line with Section 9(1) of the DPDPA.
Data may be processed in the United States and other jurisdictions where our providers operate. Where applicable, we use contractual and legal safeguards for cross-border transfers.
Depending on your location, your rights may include:
We support applicable rights frameworks including GDPR/UK GDPR, California privacy laws, and other local laws where relevant. For a concise rights guide, see Privacy rights (GDPR & CCPA).
Our Services may include links to third-party websites or products. Their privacy practices are governed by their own policies, not this one.
We may update this Policy from time to time. We will update the "Last updated" date and provide additional notice for material changes when appropriate.
If you have privacy questions or requests, contact:
If you are located in India, the following additional rights and obligations apply under the Digital Personal Data Protection Act, 2023 ("DPDPA") and its implementing rules.
Meru Technosoft Pvt. Ltd. (operating HelloGrowthCRM in India) is the Data Fiduciary as defined under Section 2(i) of the DPDPA. It determines the purpose and means of processing your personal data.
We process your personal data only for the purposes for which you have given free, specific, informed, unconditional, and unambiguous consent, or as otherwise permitted under the DPDPA (e.g., legitimate uses under Section 7). Consent is obtained via our in-app consent notice before data collection begins. You may withdraw consent at any time by emailing privacy@hellogrowthcrm.com.
Before or at the time of collecting personal data, we will provide a clear notice in English (and on request in any language listed in the Eighth Schedule to the Constitution of India) explaining:
Your personal data may be transferred to and processed in countries outside India (including the United States) by our sub-processors (see /subprocessors). We ensure that such transfers are made only to countries or entities that provide adequate protection as notified by the Central Government under Section 16 of the DPDPA, or under Standard Contractual Clauses or equivalent safeguards.
We implement reasonable security measures as required under Section 8(5) of the DPDPA, including AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, and periodic security audits.
As required under Section 13 of the DPDPA, we have appointed a Grievance Officer for India:
If your grievance is not resolved to your satisfaction, you may approach the Data Protection Board of India through the official government grievance and DPDPA complaint channels when they are publicly available.