Privacy Policy

Last updated: March 28, 2026

1. Introduction

Smarfle CRM ("we," "us," or "our") operates the website www.smarfle.com and the Smarfle CRM platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

We collect information that you provide directly to us, including:

  • Account information (name, email address, password)
  • Business information (company name, address, phone number)
  • Client data you enter into the CRM (names, contact details, service history)
  • Payment information (processed securely via Stripe)
  • Communications (SMS messages, emails sent through the platform)
  • Usage data (features used, pages visited, actions taken)

3. How We Use Your Information

  • Provide, maintain, and improve our services
  • Process transactions and send related information
  • Send transactional notifications (appointment reminders, invoice updates)
  • Respond to your comments, questions, and support requests
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address fraud and security issues

4. SMS Communications

When businesses use Smarfle CRM to send SMS messages to their clients, we process these messages through Twilio. Recipients can opt out of SMS communications at any time by replying STOP. We do not send marketing SMS — all messages are transactional (appointment reminders, service updates, invoice notifications).

5. Data Sharing

We do not sell your personal information. We share data only with:

  • Service providers — Stripe (payments), Twilio (SMS), Resend (email), Supabase (database), Vercel (hosting), Anthropic (AI features)
  • Business accounts — Client data is accessible only to the business that created it
  • Legal requirements — When required by law or to protect our rights

6. Data Security

We implement appropriate security measures including encryption in transit (TLS), row-level security on all database tables, encrypted storage of sensitive credentials, and role-based access controls. However, no method of transmission over the Internet is 100% secure.

7. Data Retention

We retain your data for as long as your account is active or as needed to provide services. Business data (clients, work orders, invoices) is retained until the business account is deleted. You may request deletion of your account and data by contacting us.

8. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data (CSV export available for all entities)
  • Opt out of SMS communications

9. Cookies

We use essential cookies for authentication and session management. We use Vercel Analytics for anonymous usage tracking. We do not use third-party advertising cookies.

10. Contact Us

If you have questions about this Privacy Policy, contact us at info@webstudiya.com.