How long do you keep my data?

We retain your data as long as your account is active. After you close your account, we delete your data within 30 days (backups within 90 days).

Can I export my data?

Yes. You can export all your data anytime in standard formats like CSV and JSON. We don't lock you in.

How do I delete my account?

You can request account deletion through your account settings or by contacting support@atoncrm.com. We'll complete the deletion within 30 days.

Do you use my data to train AI models?

No. Your CRM data is never used to train AI models for other customers. Your data is processed only to provide services to you.

What happens to my data if atonCRM is acquired?

We'll notify you of any ownership change. Your data would be transferred subject to the same privacy protections.

atonCRM

Q: Does atonCRM sell my data?

No. We never sell your personal information or CRM data to third parties. Your data is yours.

atonCRM, Inc. ("atonCRM," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our website, products, and services.

Please read this policy carefully. By using atonCRM, you consent to the practices described herein.

Information We Collect

Information You Provide

Account Information

When you create an account, we collect:

Name and email address
Company name and size
Phone number (optional)
Billing information and address
Password (stored encrypted)

CRM Data

When you use atonCRM, you may input:

Contact and account information
Deal and opportunity data
Activities and communications
Documents and files
Custom field data

Communications

When you contact us, we collect:

Email correspondence
Support chat transcripts
Survey responses
Feedback you provide

Information Collected Automatically

Usage Data

We automatically collect:

Pages and features you access
Time spent on the platform
Actions taken (e.g., deals created, emails sent)
Error logs and crash reports

Device and Technical Data

We collect:

IP address
Browser type and version
Operating system
Device identifiers
Referring URLs

How We Use Your Information

To Provide Our Services

Creating and managing your account
Processing transactions and billing
Providing customer support
Delivering features and functionality
Sending service-related communications

To Improve Our Platform

Analyzing usage patterns
Identifying and fixing bugs
Developing new features
Personalizing your experience
Conducting research and analytics

To Communicate With You

Responding to your inquiries
Sending product updates and announcements
Providing security alerts
Marketing communications (with your consent)

To Ensure Security

Detecting and preventing fraud
Protecting against unauthorized access
Monitoring for security threats
Enforcing our terms of service

How We Share Your Information

We Do NOT Sell Your Data

We never sell your personal information or CRM data to third parties.

Service Providers

We share information with trusted service providers who help us operate our business:

Cloud hosting providers (AWS)
Payment processors (Stripe)
Email service providers
Analytics services
Customer support tools

All service providers are contractually required to protect your data.

Legal Requirements

We may disclose information when required by law or to:

Comply with legal process
Protect our rights and property
Protect user safety
Investigate fraud or security issues

Business Transfers

If atonCRM is acquired or merged, your information may be transferred. We will notify you of any such change.

Your Data Rights

Access and Portability

Access your data anytime. Export in standard formats (CSV, JSON).

Correction

Update or correct your information through account settings.

Deletion

Request deletion of your account and data within 30 days.

Restriction

Request limits on how we use your data.

Objection

Object to certain processing, including marketing.

Withdrawal

Withdraw consent for processing at any time.

How to Exercise Your Rights: Contact us at privacy@atoncrm.com or through your account settings.

Data Security

Technical Measures

All data encrypted in transit (TLS 1.3)
Data encrypted at rest (AES-256)
Regular security audits and penetration testing
SOC 2 Type II compliance
Secure data centers with physical access controls

Organizational Measures

Employee security training
Access controls and least-privilege principles
Incident response procedures
Regular security reviews

Breach Notification

In the event of a data breach, we will notify affected users and relevant authorities as required by law.

Data Retention

Active Accounts

We retain your data for as long as your account is active.

Closed Accounts

After account closure:

Personal data deleted within 30 days
Anonymized analytics data may be retained
Backup data purged within 90 days
Data required for legal compliance retained as necessary

International Data Transfers

atonCRM is based in the United States. If you access our services from outside the US, your data may be transferred to and processed in the US.

For users in the European Economic Area (EEA), UK, or other jurisdictions with data transfer restrictions, we use appropriate safeguards including:

Standard Contractual Clauses
Data processing agreements
Adequacy decisions where applicable

Cookies and Tracking

Essential Cookies

Required for the platform to function. Cannot be disabled.

Authentication cookies
Session management
Security tokens

Analytics Cookies

Help us understand how you use the platform.

Usage patterns
Feature adoption
Performance metrics

Preference Cookies

Remember your settings and preferences.

Language preferences
Display settings
Dashboard layouts

Managing Cookies

You can manage cookies through your browser settings. Note that disabling certain cookies may affect functionality.

Children's Privacy

atonCRM is not intended for children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, contact us immediately.

California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act:

Right to Know: Request what personal information we collect
Right to Delete: Request deletion of personal information
Right to Opt-Out: Opt out of sale of personal information (we don't sell data)
Non-Discrimination: We won't discriminate for exercising your rights

To exercise these rights, contact privacy@atoncrm.com.

GDPR Rights (EEA Users)

For users in the European Economic Area, we process data under the following legal bases:

Contract: Necessary to provide our services
Legitimate Interest: Platform improvement and security
Consent: Marketing communications
Legal Obligation: Compliance with laws

You have the right to lodge a complaint with your local data protection authority.

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of material changes via email or platform notification. Continued use after changes constitutes acceptance.

Contact Us

Privacy Questions:

privacy@atoncrm.com

Data Protection Officer:

dpo@atoncrm.com

Mailing Address:

atonCRM, Inc.
Attn: Privacy Team

Related Policies

Effective Date: January 8, 2026

Privacy Policy