Privacy & Data Protection

How DiversifiedCRM protects your data

This Privacy & Data Protection Policy explains how DiversifiedCRM ("DiversifiedCRM", "we", "us", or "our") collects, uses, stores, and protects information when you visit our website, purchase a membership, or use our CRM implementations, marketing automations, and AI agents (the "Services").

By accessing or using our Services, you agree to this Policy. If you do not agree, please do not access or use the Services. This Policy is intended to be transparent and practical for small-business owners relying on us for subscription-based marketing support and automation.

Last updated: 14 January 2026

1. Who we are & scope of this Policy

DiversifiedCRM is a marketing and CRM implementation agency that provides system automations, subscription memberships, and AI-powered agents to small businesses. We act as:

  • A data controller for information we collect about you as a prospect, site visitor, or member (e.g., billing details, account information).
  • A data processor when we manage or process data on behalf of your business inside CRMs, automation workflows, and AI agents (e.g., your customers’ contact and interaction data).

This Policy applies to information collected through our website, landing pages, online forms, email communications, and all subscription-based memberships and automation/AI solutions we configure or host for you.

2. Information we collect

The types of information we collect depend on how you interact with DiversifiedCRM and the Services you use.

2.1. Account & contact information

When you inquire about our services, schedule a consultation, or purchase a membership, we may collect:

  • Name, business name, and job title
  • Email address and phone number
  • Billing address and subscription details
  • Login credentials for your DiversifiedCRM member account
  • Details about your business, marketing goals, and preferred communication channels

2.2. Payment & subscription data

For memberships and recurring subscriptions, payments are processed through trusted third-party payment processors. We do not store full credit card numbers on our servers. We may retain limited billing information, subscription status, invoices, and transaction identifiers for accounting, fraud prevention, and customer support.

2.3. Client CRM & campaign data

When we configure CRM systems, automations, or AI agents for your business, we may access and process:

  • Your customer and lead records (names, contact details, communication history)
  • Pipeline, deal, and appointment information
  • Marketing campaign performance data (opens, clicks, conversions)
  • Conversation logs between your customers and AI agents or automation flows

2.4. Usage, cookies & analytics

We automatically collect certain technical and usage information when you visit our website or member portals, such as:

  • IP address, browser type, device identifiers, and operating system
  • Pages visited, links clicked, and time spent on our site
  • Referring/exit pages and marketing campaign identifiers
  • Cookie identifiers and similar tracking technologies

3. How we use your information

We use the information we collect for purposes that are relevant to running and improving DiversifiedCRM and delivering results for your business, including:

  • Service delivery: Providing, configuring, and maintaining your membership, CRM builds, automation workflows, and AI agents.
  • Account management: Managing subscriptions, payments, renewals, trials, and support requests.
  • Optimization & performance: Monitoring usage and performance of campaigns, funnels, and AI conversations to improve outcomes.
  • Safety & abuse prevention: Detecting, preventing, and responding to fraud, abuse, or security incidents.
  • Communication: Sending service-related emails (e.g., onboarding, billing, product updates) and with your consent, marketing communications.
  • Compliance: Meeting legal, regulatory, tax, and contractual obligations.

3.1. Use of data in automation & AI agents

Our automation tools and AI agents may use customer and lead data you provide to:

  • Trigger workflows such as follow-up emails, SMS reminders, and pipeline updates.
  • Generate personalized messages or responses based on your playbooks and instructions.
  • Route conversations, book appointments, and qualify leads.
  • Improve accuracy and performance of AI models using anonymized or aggregated data where possible.

We do not knowingly sell or rent your personal information or your customers’ data to third parties. Where we rely on external AI providers or infrastructure providers, they act as sub-processors and are bound by contractual data protection obligations.

3.2. Legal bases (where applicable)

If data protection laws such as the GDPR apply, we process personal data on one or more of the following legal bases:

  • Contractual necessity – to provide the Services you request.
  • Legitimate interests – to improve our Services, prevent abuse, and grow our business in a way that respects your rights.
  • Consent – for certain marketing communications, cookies, or where required by law.
  • Legal obligations – to comply with regulatory or tax requirements.

4. How we share information

We limit sharing of personal information to what is necessary to operate our business, deliver our Services, and meet legal obligations. We may share information with:

  • Service providers & sub-processors: Including hosting providers, payment processors, analytics tools, email and SMS providers, CRM platforms, and AI infrastructure providers who help us deliver and support the Services.
  • Professional advisors: Such as lawyers, accountants, and auditors, under appropriate confidentiality obligations.
  • Business transfers: In connection with a merger, acquisition, financing, or sale of all or a portion of our business, subject to appropriate safeguards.
  • Legal & safety: Where we are required to do so by law, subpoena, or legal process, or to protect the rights, property, or safety of DiversifiedCRM, our clients, or others.

Where we act as a processor of your customer data, we only share such data with sub-processors as necessary to perform the Services, and we require them to implement appropriate security and privacy protections through written agreements.

5. Cookies & tracking technologies

We use cookies and similar technologies to improve your browsing experience, measure performance, and support our marketing efforts. Depending on your location, you may see a cookie banner that allows you to manage your preferences.

  • Essential cookies: Required for site functionality, security, and login sessions.
  • Analytics cookies: Help us understand how visitors use our website and which campaigns are effective.
  • Marketing cookies: Used to deliver and measure ads and retargeting across platforms.

Managing your cookie preferences

You can manage or disable cookies through your browser settings. Note that blocking certain cookies may impact the functionality of our site or member areas. Where required by law, we will only set non-essential cookies after you have provided consent through our cookie banner or preferences center (if available).

6. Data retention

We retain personal data only for as long as necessary to fulfill the purposes outlined in this Policy, including providing our Services, complying with legal obligations, resolving disputes, and enforcing agreements.

  • Client account and billing records are typically retained for the duration of your membership and a reasonable period thereafter for accounting and compliance.
  • Customer and lead data processed within CRM systems and automations are retained according to your settings and instructions as the data controller.
  • We may anonymize data for analytics or benchmarking, in which case it is no longer considered personal data.

7. Data security

We implement technical and organizational measures designed to protect personal data from unauthorized access, disclosure, alteration, or destruction. Examples include:

  • Use of reputable cloud infrastructure and CRM platforms.
  • Encryption in transit (HTTPS) and, where applicable, at rest.
  • Access controls, authentication, and role-based permissions.
  • Internal policies and training for staff handling client data.

No method of transmission or storage is completely secure. If we become aware of a data incident that affects your information, we will notify you and the relevant authorities where required by law and cooperate to mitigate any impact.

8. International transfers

Our team, infrastructure, or service providers may be located in different countries. This means your information may be transferred to and processed in jurisdictions that may not have the same data protection laws as your home country.

Where required, we implement appropriate safeguards for international transfers, such as standard contractual clauses or equivalent mechanisms, and we rely on reputable vendors with strong security and privacy practices.

9. Your rights & choices

Depending on your location and applicable law, you may have certain rights regarding your personal data, including the right to:

  • Access and receive a copy of the personal data we hold about you.
  • Request correction of inaccurate or incomplete data.
  • Request deletion of your data, subject to legal and contractual obligations.
  • Object to or request restriction of certain processing activities.
  • Withdraw consent where we rely on consent (e.g., marketing communications).
  • Lodge a complaint with a supervisory authority, where applicable.

If we process your customer or lead data on your behalf as a processor, individuals should direct their requests to your business as the data controller. We will support you in fulfilling those requests in line with our agreement.

10. Children’s privacy

Our Services are intended for businesses and are not directed at children under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us so we can take appropriate action.

11. Third-party links & tools

Our website and automation setups may include links to, or integrations with, third-party tools (e.g., CRMs, calendars, ad platforms, AI providers). We are not responsible for the privacy practices of those third parties, and we encourage you to review their policies before sharing data or connecting accounts.

12. Changes to this Policy

We may update this Privacy & Data Protection Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, provide additional notice (such as email or in-app notification).

Your continued use of the Services after an updated Policy becomes effective signifies your acceptance of the changes.

13. How to contact us

If you have questions about this Policy, our data practices, or would like to exercise your rights, you can contact DiversifiedCRM at:

Email: [email protected]
Subject line: "Privacy Request – DiversifiedCRM"

For security and verification, we may need to confirm your identity before responding to certain requests. We aim to respond within a reasonable timeframe and in accordance with applicable privacy laws.