PRIVACY POLICY
Effective Date: January 1, 2025
Last Updated: January 1, 2025
KEY POINTS:
- We collect and process data necessary to provide our CRM services
- We collect mobile phone numbers and SMS consent for service communications
- We retain broad rights to use aggregated and anonymized data
- We may share data with third parties for business purposes
- We retain data for 30 days after account termination
- We use cookies and tracking technologies extensively
1. INTRODUCTION
Juicy Goosey IT Ltd., doing business as Juicy Goosey CRM ("Company," "we," "us," or "our"), operates a comprehensive customer relationship management platform for service businesses. This Privacy Policy explains how we collect, use, disclose, and safeguard your information.
This Policy applies to all users of our Service, including:
- Customers (businesses using our CRM)
- End users (employees of our customers)
- Contacts (individuals whose information is stored in our CRM by our customers)
- Website visitors
- SMS/text message recipients
2. INFORMATION WE COLLECT
2.1 Information You Provide Directly
- Account Information: Business name, contact name, email, phone, address, payment information, tax ID
- Profile Information: Username, password, profile picture, preferences, timezone
- Business Data: Customer records, service records, invoices, quotes, work orders, employee data, vendor information
- Communications: Support requests, feedback, email correspondence, SMS/text message conversations
- Payment Information: Credit card details (processed by third-party payment processors)
- Integration Data: QuickBooks data, SMS records, email campaign data
- Mobile Communications Data: Mobile phone numbers, SMS consent records, message preferences, opt-in/opt-out status
2.2 Information Collected Automatically
- Usage Data: Features used, pages viewed, actions taken, time spent, frequency of use
- Device Information: IP address, browser type, operating system, device ID, screen resolution, mobile device information
- Location Data: GPS coordinates (for mobile job tracking), IP-based location
- Log Data: Access times, error logs, performance metrics
- Cookies and Tracking: Session cookies, persistent cookies, web beacons, pixel tags
- SMS Interaction Data: Message delivery status, timestamps, response rates, opt-out requests
2.3 Information from Third Parties
- Payment processors (Stripe, PayPal)
- Integration partners (QuickBooks, Google, Twilio)
- SMS/Communications providers (Twilio, carrier networks)
- Analytics providers
- Marketing partners
- Public databases
3. SMS/TEXT MESSAGING DATA COLLECTION
SMS PRIVACY NOTICE: When you provide your mobile phone number and consent to receive SMS/text messages, we collect and process specific data related to these communications.
3.1 SMS Data We Collect
- Contact Information: Mobile phone number, carrier information, device type
- Consent Records: Date/time of consent, method of consent, IP address at consent, consent language displayed
- Message Data: Message content, delivery receipts, read receipts (where available), timestamps
- Interaction Data: Replies, opt-out requests, keyword responses (STOP, HELP, etc.)
- 2FA Data: Authentication codes sent, verification attempts, success/failure logs
3.2 How We Use SMS Data
- Sending account notifications and alerts
- Providing two-factor authentication (2FA) codes
- Delivering transactional messages
- Customer support communications
- Service updates and maintenance notifications
- Compliance with messaging regulations
- Fraud prevention and security
3.3 SMS Data Sharing
We share SMS data with:
- Twilio Inc.: Our primary SMS service provider
- Mobile Carriers: To deliver messages to your device
- Compliance Partners: For regulatory compliance and audit purposes
- Law Enforcement: When required by law or legal process
4. HOW WE USE YOUR INFORMATION
We use collected information for any purpose, including but not limited to:
4.1 Service Provision
- Providing and maintaining the CRM platform
- Processing transactions and billing
- Managing your account and preferences
- Providing customer support
- Sending service-related SMS notifications
- Enabling two-factor authentication
4.2 Business Purposes
- Improving and developing new features
- Analyzing usage patterns and trends
- Marketing and promotional activities (with consent)
- Creating aggregated and anonymized datasets
- Training AI and machine learning models
- Business planning and forecasting
- Optimizing SMS delivery rates and timing
4.3 Legal and Security
- Complying with legal obligations
- Enforcing our Terms of Service
- Preventing fraud and abuse
- Protecting our rights and property
- Maintaining SMS compliance records
- Responding to regulatory inquiries
IMPORTANT: We retain perpetual, irrevocable rights to use aggregated and anonymized data derived from your use of the Service for any purpose, including commercial purposes, without compensation to you.
5. DATA SHARING AND DISCLOSURE
We may share your information with:
5.1 Service Providers
- Cloud hosting providers (AWS, Google Cloud)
- Payment processors
- Email and SMS service providers (Twilio)
- Mobile network carriers
- Analytics and monitoring services
- Customer support tools
5.2 Business Transfers
If we undergo a merger, acquisition, bankruptcy, or sale of assets, your information will be transferred as part of that transaction. You acknowledge that such transfers may occur without notice to you.
5.3 Legal Requirements
We may disclose information if required by law, court order, or government request, or if we believe disclosure is necessary to:
- Comply with legal obligations
- Protect our rights or property
- Prevent fraud or cybersecurity incidents
- Protect against legal liability
- Comply with telecommunications regulations
5.4 Consent
We may share information with your consent or at your direction.
5.5 Aggregated Data
We freely share aggregated and anonymized data that cannot identify you personally.
6. DATA RETENTION
| Data Type |
Retention Period |
Justification |
| Active Account Data |
Duration of service + 30 days |
Service provision |
| Billing Records |
7 years |
Legal compliance |
| SMS Consent Records |
6 years from consent date |
TCPA compliance |
| SMS Message Logs |
3 years |
Regulatory compliance |
| 2FA Logs |
1 year |
Security auditing |
| Usage Analytics |
Indefinitely (anonymized) |
Business improvement |
| Security Logs |
2 years |
Security and compliance |
| Marketing Data |
Until opt-out + 2 years |
Marketing compliance |
After account termination, we will delete or anonymize your data within 30 days, except where retention is required by law or for legitimate business purposes. SMS consent records may be retained longer for compliance purposes.
7. COOKIES AND TRACKING TECHNOLOGIES
7.1 Technologies We Use
- Essential Cookies: Required for Service functionality
- Analytics Cookies: Google Analytics, internal analytics
- Marketing Cookies: Retargeting, conversion tracking
- Session Recording: We may record user sessions for quality and training purposes
7.2 Your Choices
You can control cookies through your browser settings, but disabling cookies may limit Service functionality. By using our Service, you consent to our use of cookies and tracking technologies.
8. DATA SECURITY
We implement commercially reasonable security measures, including:
- SSL/TLS encryption for data in transit
- Encryption at rest for sensitive data
- Access controls and authentication
- Regular security assessments
- Employee training
- Secure SMS gateway connections
- 2FA for sensitive account actions
DISCLAIMER: No security system is impenetrable. We cannot guarantee absolute security. You transmit data at your own risk, and we are not responsible for unauthorized access to your information. SMS messages are not end-to-end encrypted and may be intercepted.
9. INTERNATIONAL DATA TRANSFERS
Your data may be transferred to and processed in countries other than your own, including Canada, United States, and other countries where data protection laws may differ. By using our Service, you consent to these transfers.
For EU/EEA users, we rely on:
- Standard Contractual Clauses
- Adequacy decisions where applicable
- Your explicit consent
SMS messages may be routed through international carriers and networks as part of standard telecommunications infrastructure.
10. YOUR RIGHTS AND CHOICES
10.1 General Rights
Subject to applicable law and certain exemptions, you may have rights to:
- Access your personal information
- Correct inaccurate information
- Delete your information (subject to retention requirements)
- Object to or restrict processing
- Data portability
- Withdraw consent
- Opt-out of SMS communications
10.2 SMS-Specific Rights
- Opt-Out: Reply STOP to any SMS to opt-out of messages
- Help: Reply HELP to any SMS for assistance
- Consent Withdrawal: You may withdraw SMS consent at any time
- Number Updates: Update your mobile number in account settings
- Message Preferences: Choose which types of SMS to receive
10.3 Regional Rights
GDPR Rights (EU/EEA/UK Users)
- Right to be informed about processing
- Right to rectification
- Right to erasure ("right to be forgotten")
- Right to restrict processing
- Right to data portability
- Right to object
- Rights related to automated decision-making
- Right to lodge a complaint with supervisory authority
CCPA Rights (California Users)
- Right to know what information is collected
- Right to delete personal information
- Right to opt-out of sale (we do not sell personal information)
- Right to non-discrimination
PIPEDA Rights (Canadian Users)
- Right to access personal information
- Right to challenge accuracy and completeness
- Right to withdraw consent (may affect service provision)
Australian Privacy Act Rights
- Right to access personal information
- Right to correct personal information
- Right to complain to the Office of the Australian Information Commissioner
10.4 Exercising Your Rights
To exercise your rights, contact us at privacy@juicygoosey.com. We may require verification of your identity. We will respond within the timeframe required by applicable law (generally 30-45 days).
LIMITATIONS: We may deny requests that are unreasonably repetitive, require disproportionate technical effort, jeopardize others' privacy, or are otherwise impractical or prohibited by law.
11. CHILDREN'S PRIVACY
Our Service is not intended for children under 16. We do not knowingly collect information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.
12. THIRD-PARTY LINKS AND SERVICES
Our Service may contain links to third-party websites and services. We are not responsible for their privacy practices. We encourage you to review their privacy policies.
Our SMS services are provided through Twilio Inc. Your use of SMS features is also subject to Twilio's privacy practices regarding message transmission and delivery.
13. MARKETING COMMUNICATIONS
We may use your information for marketing purposes. You can opt-out of marketing communications:
- Email: Click the unsubscribe link in our emails
- SMS: Reply STOP to marketing SMS messages
- Account Settings: Update your communication preferences
Note that you cannot opt-out of certain service-related communications necessary for account security and functionality.
14. DO NOT TRACK SIGNALS
We do not respond to Do Not Track (DNT) signals. We track user activity as described in this Policy regardless of DNT settings.
15. DATA CONTROLLER AND PROCESSOR
15.1 For Customer Data
For data you input into our CRM about your customers (including their mobile numbers for SMS), you are the data controller and we are the data processor. You are responsible for:
- Obtaining necessary consents for SMS communications to your customers
- Providing privacy notices to your customers
- Handling data subject requests
- Ensuring lawful basis for processing
- Complying with SMS regulations (TCPA, CASL, etc.)
15.2 For Account Data
For your account information, usage data, and SMS communications we send directly to you, we are the data controller.
16. LEGAL BASIS FOR PROCESSING (GDPR)
For EU/EEA/UK users, our legal bases for processing include:
- Contract: Necessary to provide our Services, including SMS notifications
- Legitimate Interests: Business operations, fraud prevention, security
- Legal Obligation: Compliance with laws and SMS regulations
- Consent: Where explicitly provided, especially for SMS marketing
17. AUTOMATED DECISION-MAKING
We may use automated systems to:
- Detect and prevent fraud
- Assess account risk
- Provide service recommendations
- Optimize routing and scheduling
- Determine SMS delivery timing
- Filter spam or abusive messages
You have the right to request human review of automated decisions that significantly affect you.
18. SMS COMPLIANCE AND REGULATIONS
REGULATORY COMPLIANCE: We comply with applicable SMS and telecommunications regulations in all jurisdictions where we operate.
18.1 TCPA Compliance (United States)
- We obtain express written consent before sending automated SMS
- We maintain consent records for at least 6 years
- We honor opt-out requests immediately
- We do not send messages outside permitted hours (8 AM - 9 PM local time)
18.2 CASL Compliance (Canada)
- We obtain express or implied consent as required
- We include identification and unsubscribe mechanisms
- We maintain consent records as required by law
18.3 GDPR Compliance (EU/EEA/UK)
- We obtain clear, affirmative consent for SMS marketing
- We provide easy withdrawal of consent
- We maintain lawful basis for all SMS processing
19. CHANGES TO THIS POLICY
We may update this Policy at any time. We will notify you of material changes by email or through the Service (including via SMS if you've opted in). Continued use after changes constitutes acceptance.
20. JURISDICTION-SPECIFIC PROVISIONS
20.1 California Privacy Rights
Shine the Light: California residents may request information about disclosure of personal information to third parties for marketing purposes.
CCPA Metrics (Updated Annually):
- Requests received: 0
- Requests completed: 0
- Average response time: N/A
20.2 Nevada Privacy Rights
Nevada residents may opt-out of the sale of covered information. We do not currently sell covered information.
20.3 EU/EEA/UK Specific
Data Protection Officer: Not required under Article 37 of GDPR
EU Representative: Not currently appointed
Supervisory Authority: You may lodge complaints with your local data protection authority
21. CONTACT INFORMATION
22. DISPUTE RESOLUTION
Any disputes regarding this Privacy Policy are subject to our Terms of Service, including limitations on liability and the requirement for arbitration in British Columbia, Canada.
23. SEVERABILITY
If any provision of this Policy is held invalid or unenforceable, the remainder continues in full force and effect.
By using Juicy Goosey CRM, you acknowledge that you have read and understood this Privacy Policy and agree to the collection, use, and disclosure of your information as described herein, including SMS/text messaging data.