1. Who we are
Vtiger makes cloud CRM software that helps businesses to build stronger and more profitable customer relationships.
2. What information we collect about you
We collect the following information directly from you, or through the Service.
As you navigate our websites, Vtiger may collect information through the use of commonly-used information-gathering tools such as cookies and Web beacons. With it, we collect:
- Browser information (type and language)
- IP address
- Open / Click-through tracking URL: In some of our email communications, we use a “click-through tracking URL” that, when clicked, sends you to a different web address, which logs your click, before redirecting you to your expected destination.
- The actions you take on our websites (such as the web pages viewed and the links clicked, and time spent).
- Referrer information
- Event registrations
When you use our website to request information about us or our Services, register for a Vtiger CRM cloud account, register to attend an event, register for our blogs, register for the marketplace, or join in our community discussions, and apply to join our partner program, we may collect the following personal information. We may gather some of this information from third party sources, as described in the section below titled “Information from Other Sources."
- First Name & Last Name
- Email Address
- Phone number
- Job Title
- IP Address: When you use the Vtiger CRM Cloud application, we automatically collect Internet Protocol (“IP”) address, the date and time of your login and logout sessions. This data is stored in your CRM account under user Login History.
When you purchase our Services or add-ons published by third parties, Vtiger will require you to provide us with the following:
- Business Name
- Billing details such as Credit Card Number & Paypal
- Mailing Address
- Quantity of users
If we communicate with you to offer support through any medium (Phone, Chat, Email, & Messaging apps such as Whatsapp) we will collect and store the following information.
- Chat Transcripts
- Phone call logs
- Phone call recordings
You can log in to our Service using sign-in services such as Google, Facebook Connect, LinkedIn, Office 365, etc. These services will authenticate your identity and provide you the option to share certain personal information with us such as your name and email address.
Information from other sources
We may obtain information, including Personal Data, from third parties and sources other than the Service. These include publicly available sources of information like LinkedIn, Facebook, and Twitter. They also include our partners, mutual connections, advertisers, credit rating agencies, and Integrated Services. This information may be collected to facilitate our understanding of who you are and your needs, as well as to help us improve our products and services. If we combine or associate information from other sources with Personal Data that we collect through the Service, we will treat the combined information as Personal Data in accordance with this Policy.
3. Special Limits on Our Use of Your Google User Data:
4. How we use the information that we collect
We will never disclose, share or sell your data without your consent unless required to do so by law. We use your information for the following purposes:
To provide you with information about our products and services
We use the information – other than Client Data - to operate, maintain, enhance and provide all features of the Service, to provide the services and information that you request, to respond to comments and questions and to provide support to users of the Service. We process Client Data solely in accordance with the directions provided by the applicable Client or User.
To improve the usefulness of our messaging to you
We use your click-through tracking data for various purposes, including to help us determine interest in particular topics and measure the effectiveness of our customer communications. You may grant or decline consent for this tracking from your Preferences page, accessible from the “Unsubscribe” or “Manage Preferences” link in the footer of any newsletter that we send to you.
To plan our events
We also use event registration information to plan and host corporate events, host online forums and social networks in which event Attendees may participate, and to populate online profiles for Attendees on our websites.
To respond to your requests
We use your contact information and other information shared with us via email and over other channels like chat and phone to respond to your requests.
To process your payments
Applibase DBA Vtiger is a billing partner that bills you on behalf of Vtiger. The same Billing Partner name exhibited in all USD invoices. We use credit card and PayPal information solely to process payment for the Services and events. We pass your billing information on to Stripe, Instamojo, and PayPal, our billing partners, who store your information securely for future billing as authorized by you.
To improve our website
We use website navigational information, IP address, browser type, browser language, referring URL, files accessed, errors generated, time zone, operating system and other visitor details collected in our log files to analyze trends, administer our website, track visitors’ movements and to improve our website. We link this automatically-collected data to other information we collect about you.
To improve our products and services
Your usage details such as time, frequency, duration, pattern of use, features used and the amount of storage used might be recorded by us and used to improve the Vtiger CRM Cloud service. We also use your information with your consent, including:
- To administer promotions you have entered.
- Fulfill any other purpose disclosed to you and with your consent.
- We post user testimonials on our website. These testimonials may include names, and other Personal Information and we acquire permission from our users prior to posting these on our website. We obtain the consent of each customer prior to posting any information on such a list or posting testimonials.
- Collection and Use of Non-Personal Information. When you register for Vtiger CRM Cloud, or download and install our software, we may collect non-personal information data that does not permit direct association with any specific individual, such as your country and operating system. This information is used to help us improve our products and services.
We may use a Visitor’s or User’s email address or other information – other than Client Data – to contact that Visitor or User (i) for administrative purposes such as customer service, to address intellectual property infringement, right of privacy violations or defamation issues related to the Client Data or Personal Data posted on the Service or (ii) with updates on promotions and events, relating to products and services offered by us and by third parties we work with. You may unsubscribe from email notifications by clicking on the unsubscribe link that provided in all email notifications or by sending an email to firstname.lastname@example.org. You cannot opt out of receiving transactional emails related to your account or use of the Services. You have the ability to opt-out of receiving any promotional communications as described below under “Your Rights and Choices.”
5. How we share the information that we collect
Except as described in this Policy, we will not intentionally disclose the Personal Data or Client Data that we collect or store on the Service to third parties without the consent of the applicable Visitor, User or Client. We may disclose information to third parties if you consent to us doing so, as well as in the following circumstances:
Any information that you voluntarily choose to include in a Public Area of the Service, such as a public profile page, will be available to any Visitor or User who has access to that content.
We work with third party service providers who provide a website, application development, hosting, maintenance, and other services for us. These third parties may have access to, or process Personal Data or Client Data as part of providing those services for us. We limit the information provided to these service providers to that which is reasonably necessary for them to perform their functions, and our contracts with them require them to maintain the confidentiality of such information.
Non-Personally Identifiable Information
We may make certain automatically-collected, aggregated, or otherwise non-personally-identifiable information available to third parties for various purposes, including (i) compliance with various reporting obligations; (ii) for business or marketing purposes; or (iii) to assist such parties in understanding our Clients’, Users’ and Visitors’ interests, habits, and usage patterns for certain programs, content, services, and/or functionality available through the Service.
Marketplace application developers
When you install or purchase, any application developed using Vtiger's APIs that is posted on Vtiger’s online marketplace, your name and email address will be shared with the developer of the application, so they may engage with you directly as the provider of that application or service. Vtiger does not control the use of your personal information by the developers, which will be based on their own privacy policies.
Law Enforcement, Legal Process, and Compliance
Please be aware that laws in various jurisdictions in which we operate may obligate us to disclose user information and the contents of your user account to the local law enforcement authorities under a legal process or an enforceable government request. In addition, we may also disclose Personal Information and contents of your user account to law enforcement authorities if such disclosure is determined to be necessary to protect Vtiger’s rights, or for protecting the safety of our users, employees, or the general public.
Change of Ownership
Legal bases for processing (for EEA users):
If you are an individual in the European Economic Area (EEA), we collect and process information about you only where we have a legal basis for doing so under applicable EU laws. The legal bases depend on the Services you use and how you use them. This means we collect and use your information only where:
- We need it to provide you the Services, including to operate the Services, provide customer support and personalized features and to protect the safety and security of the Services.
- It satisfies a legitimate interest (which is not overridden by your data protection interests), such as for research and development, to market and promote the Services and to protect our legal rights and interests.
- You give us consent to do so for a specific purpose. Or
- We need to process your data to comply with a legal obligation.
If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place. Where we are using your information because a third party (e.g. your employer) or we have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the Services.
6. How we handle Your Customer Data
You may electronically submit data or information to the Services for hosting and processing purposes (“Customer Data”). Vtiger will not review, share, distribute, or reference any such Customer Data except as provided in Vtiger's Terms of Service, or as may be required by law. In accordance with Vtiger’s Terms of Service, Vtiger may access Customer Data only for the purpose of providing Services or preventing or addressing service or technical problems or as may be required by law. Use and protection of Customer data is governed by the Data Processing Addendum.
7. How we store and secure the information we collect
Vtiger maintains strict administrative, technical, and physical procedures to protect information stored in our servers. We use industry-standard Secure Socket Layer (SSL) encryption technology to safeguard the account registration process and sign-up information. Other security safeguards include but are not limited to data encryption, firewalls, and physical access controls to building and files. We implement a variety of security measures to maintain the safety of your personal information and data you store in your account. Access to your name and email address is restricted to the employees of Vtiger. Data stored in your account is only accessed by the Vtiger team when performing the migration, or support services. All supplied sensitive/credit information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Payment gateway providers database only to be accessible by those authorized with special access rights to such systems, and are required to keep the information confidential. After a transaction, your private information (credit cards, social security numbers, financials, etc.) will not be stored on our servers. While we implement safeguards designed to protect your information, no security system is impenetrable and due to the inherent nature of the Internet, we cannot guarantee that data, during transmission through the Internet or while stored on our systems or otherwise in our care, is absolutely safe from intrusion by others. If you use our services or websites, responsibility for securing storage and access to the information you submit rests with you and not Vtiger. We strongly recommend that server or data center users configure SSL to prevent interception of data transmitted over networks and to restrict access to the databases and other storage points used. At Vtiger, your data privacy and security are of prime importance to us. To that end, we are ISO 27001:2013 certified. If you have any concerns regarding the security of your data, please write to us at email@example.com with any questions.
We only retain the Personal Data collected from a User for as long as the User’s account is active or otherwise for a limited period of time as long as we need it to fulfill the purposes for which we have initially collected it unless otherwise required by law. We will retain and use information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements as follows:
- the contents of closed accounts are deleted within 3 months of the date of closure
- backups are kept for 3 months
- billing information is retained for a period of 5 years
- information on legal transactions between Client and Vtiger is retained for a period of 5 years.
8. How we transfer your personal information internationally
Data that we collect about you during your sign-up, and during your use of Vtiger, are stored on servers under our control in multiple regions around the world. To facilitate our operations, we may transfer and access such information from around the world, including from other countries in which we have operations. Irrespective of which country you reside in or supply information from, by using our services you authorize us to use your information in any country where we operate. We agree to abide by the standard contractual clauses for the transfer of personal data as approved by the European Commission (Art. 46 GDPR).
9. Your Rights and Choices
Vtiger acknowledges that you have the right to access your personal information. If personal information pertaining to you as an individual has been submitted to us by a Vtiger customer and you wish to exercise any rights you may have to access, correct, amend, or delete such data, please inquire with our customer directly. Because Vtiger personnel have limited ability to access data our Customers submit to our Services, if you wish to make your request directly to Vtiger, please provide the name of the Vtiger customer who submitted your data to our Services. We will refer your request to that customer and will support them as needed in responding to your request within a reasonable timeframe.
Review, Update, and Erasure of your Information
You may access information that you have voluntarily provided to Vtiger through your account on the Service, and to review, correct, or delete it by following the instructions on the Service, or contacting Vtiger in writing as set forth in the section entitled “Contact Us” below. We may require additional information from you to allow us to confirm your identity. Please note we will retain and use your data, including server/backup copies, to comply with our legal obligations, resolve disputes, and enforce our agreements, and we may decline to process change or deletion requests that require disproportionate technical effort or jeopardize the privacy of others. Data subjects in Europe have additional rights as set forth in the section entitled and “Your European Privacy Rights” below.
Individuals in European Economic Area
If you are a data subject in Europe, you have the right to access, rectify, or erase any personal data we have collected about you through the Service. You also have the right to data portability and the right to restrict or object to our processing of personal data we have collected about you through the Service. In addition, you have the right to ask us not to process your personal data (or provide it to third parties to process) for marketing purposes or purposes materially different than for which it was originally collected or subsequently authorized by you. You may withdraw your consent at any time for any data processing we do based on consent you have provided to us. To exercise any of these rights, contact us as set forth in the section entitled “Contact Us” below and specify which right you intend to exercise. We will respond to your request within 30 days. We may require additional information from you to allow us to confirm your identity. Please note that we store information as necessary to fulfill the purposes for which it was collected, and may continue to retain and use the information even after a data subject request for purposes of our legitimate interests, including as necessary to comply with our legal obligations, resolve disputes, prevent fraud, and enforce our agreements
10. Other Important Privacy Information
Blogs, Social Media, and Public Forums
Third Party Analytics
Third Party Products and Services Links from our website
Clear Gifs and Log Files
We and our third party partners use technologies such as web beacons in analyzing trends, administering the website, tracking users’ movements around the site, and gathering demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual and aggregated basis. As is true of most websites, we gather certain information automatically and store it in log files. This information may include internet protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data. We link this automatically-collected data to other information we collect about you.
Do Not Track
Do Not Track (“DNT”) is an optional browser setting that allows you to express your preferences regarding tracking by advertisers and other third parties. We do not use technology that recognizes DNT signals from your web browser.
11. Mobile application
When you use our mobile apps, we may collect certain information in addition to the information described elsewhere in this Policy. Our mobile applications may access the geographic location of a User’s Device and OS identification, login credentials, language and time zone. Mobile Applications may also collect information regarding Users’ interaction with Mobile Applications, which Vtiger may use to provide and improve the Mobile Application services. Additionally, the application may contact the device storage location for storing attachments or access camera and photos to capture additional information for better service management for the Customer.
We may ask you if you want to receive push notifications about activity in your account. If you have opted into these notifications and no longer want to receive them, you may turn them off under the settings of Vtiger applications for mobiles.
12. Our Policy Toward Children
We are in compliance with the requirements of COPPA (Children’s Online Privacy Protection Act), we do not collect any information from anyone under 13 years of age. Our website, products, and services are all directed to people who are at least 13 years old or older. If you become aware that your child has provided Vtiger with personal information without your consent, please contact us at firstname.lastname@example.org.
14. Terms and Conditions
Please refer to our latest terms of service to learn about the disclaimers and limitations of liability governing the use of Vtiger.
15. Contact Us
If you have questions regarding this Privacy Statement or Vtiger's data handling practices, please feel free to contact us directly: By email at email@example.com. By mail at: Vtiger Systems India Private Limited, No. 18, 20th Main, 2nd Block, Rajaji Nagar, Bangalore - 560010, Karnataka, India (Attention: “Legal”). If you have any questions about this agreement or your information stored with us, please contact us at firstname.lastname@example.org. Last Updated on: June 10, 2019.
“Client” means a customer of Vtiger
“Client Data“ means personal data, reports, addresses, and other files, folders or documents in electronic form that a User of the Service stores within the Service.
"Google User Data" means Your data synced from Google such as Contacts, Emails, Calendar, Documents, and Attachments.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Public Area” means the area of the Site that can be accessed both by Users and Visitors, without needing to log in.
“Restricted Area” means the area of the Site that can be accessed only by Users, and where access requires logging in.
“User” means an employee, agent, or representative of a Client, who primarily uses the restricted areas of the Site for the purpose of accessing the Service in such capacity.
“Visitor” means an individual other than a User, who uses the public area but has no access to the restricted areas of the Site or Service.