Vertex CRM ("we," "our," or "the Service") is committed to protecting your privacy and the privacy of your organization's data. This Privacy Policy describes how we collect, use, disclose, store, and protect information when you or your organization use our customer relationship management platform and related services, including our web application, APIs, and any associated software or integrations.
This policy applies to all users of Vertex CRM, including administrators, end users, and any person whose data is entered into the system (e.g., contacts, leads). If you use the Service on behalf of an organization, that organization is the data controller for the business data you input, and we process such data as a processor in accordance with our agreements and applicable law. We encourage you to read this policy carefully and to contact your organization's administrator or our support team if you have questions.
We collect and process several categories of information to provide, secure, and improve the Service.
When you or your administrator create an account, we collect username, email address, password (stored in hashed form), full name, and optionally a default organization. We use this information to authenticate you, manage your access, enforce role-based permissions, and communicate with you about the Service. We do not store plain-text passwords.
Data that you or your organization enters into the Service includes, but is not limited to: accounts (companies), contacts (names, emails, phone numbers, job titles), leads (prospects, status, source, rating), opportunities (deals, stages, amounts, close dates), activities and tasks, products and price books, cases, campaigns, and reports. This data is stored within your organization's tenant and is used solely to operate the CRM features you use, such as pipeline management, reporting, and collaboration within your org.
We may collect technical and usage information such as IP address, browser type, device information, log-in times, pages or features accessed, and actions taken within the Service. This helps us operate the Service, troubleshoot issues, detect and prevent abuse, and improve performance and usability. Where applicable, we may use cookies or similar technologies for session management and security.
If you contact support, participate in surveys, or otherwise communicate with us, we retain the content of those communications and any contact details you provide to respond and improve our support and product.
We use the information we collect for the following purposes:
We do not sell your personal information or your organization's CRM data to third parties for marketing or advertising purposes.
We implement appropriate technical and organizational measures to protect your data against unauthorized access, alteration, disclosure, or destruction. These measures include encryption in transit (e.g., TLS), secure authentication, access controls, and regular security practices. Data is stored in secure environments; the exact location depends on your deployment (e.g., on-premises or hosted) and may be specified in your agreement.
We retain your information for as long as your account is active or as needed to provide the Service and fulfill the purposes described in this policy. After account closure or at the end of a retention period, we may retain certain data as required by law, for dispute resolution, or for legitimate business purposes (e.g., backups), after which it is securely deleted or anonymized. Your organization may have its own retention policies for data stored in the CRM.
Depending on your jurisdiction (e.g., GDPR, CCPA, or other applicable laws), you may have rights such as: access to your personal data; correction of inaccurate data; deletion or restriction of processing; data portability; objection to certain processing; and withdrawal of consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority.
To exercise these rights, please contact your organization's Vertex CRM administrator in the first instance, as much of the data is controlled by your organization. For data that we control directly (e.g., your account and authentication data), you may contact us using the details in the "Contact Us" section. We will respond in accordance with applicable law.
We use cookies and similar technologies for essential functions such as session management and security (e.g., keeping you logged in and protecting against cross-site request forgery). These are typically necessary for the Service to function. Where we use non-essential cookies (e.g., for analytics or preferences), we will provide clear information and, where required by law, obtain your consent. You can manage cookie preferences through your browser settings, though disabling certain cookies may affect the functionality of the Service.
We may use third-party service providers to host, operate, or support the Service (e.g., infrastructure, monitoring, support tools). Such providers are bound by contractual obligations to protect your data and use it only for the purposes we specify. We do not share your CRM data or personal information with third parties for their own marketing purposes.
If your organization integrates Vertex CRM with external services (e.g., email, advertising platforms, or other APIs), data may be shared in accordance with the integration and your organization's configuration and policies. We encourage you to review the privacy policies of those third-party services.
Your data may be processed and stored in countries other than your own. Where we transfer data across borders, we take steps to ensure that appropriate safeguards are in place (e.g., standard contractual clauses, adequacy decisions, or other mechanisms recognized by applicable law) so that your data receives an adequate level of protection.
Vertex CRM is not directed at individuals under the age of 16 (or the applicable age of consent in your jurisdiction). We do not knowingly collect personal information from children. If you believe we have collected such information, please contact us and we will take steps to delete it.
We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or legal requirements. We will post the updated policy on this page and, for material changes, we will provide additional notice (e.g., by email or a prominent notice in the Service) and, where required by law, obtain your consent. The "Last updated" date at the bottom of this policy indicates when it was last revised. Your continued use of the Service after the effective date of changes constitutes acceptance of the updated policy, except where further consent is required by law.
If you have questions about this Privacy Policy or our privacy practices, or wish to exercise your rights, please contact your organization's Vertex CRM administrator or the data protection contact for your deployment. For the service operator or data processor contact details, refer to your agreement or the Support page. We will respond to legitimate requests in accordance with applicable law.
Last updated: 2025. This policy is designed to align with industry standards and common regulatory expectations (e.g., GDPR, CCPA). It is not legal advice; organizations should consult their own legal counsel for compliance.