Public policy

Privacy Policy

This policy explains how CRM The Conversion handles personal, business, and Google user data.

Effective and last updated: July 6, 2026

1. Scope and operator

This Privacy Policy applies to CRM The Conversion, a private business operations platform operated by The Conversion. The platform supports customer relationship management, project and task collaboration, account servicing, and accounting workflows for authorized users.

By using the application, you acknowledge the practices described in this policy. If you do not agree, do not connect a Google account or use the application.

2. Information we collect

Depending on your role and activity, we may process:

  • Account information such as your name, work email address, role, and permissions.
  • Business records such as leads, projects, tasks, comments, invoices, expenses, and activity history.
  • Files, links, and other information that authorized users deliberately submit to CRM records.
  • Technical and security data such as timestamps, session information, logs, and error records.
  • Google user data described in the next section when you authorize a Google integration.

3. Google user data

Google access is optional and requested in context when an authorized user starts a Google-powered feature. CRM The Conversion currently uses Google data in these ways.

Google Sheets

The application requests the spreadsheets.readonly scope. It reads rows from a spreadsheet selected or submitted by the user and imports relevant data into a CRM content plan. The application may store the spreadsheet URL and the imported content-plan records.

To maintain the connection, CRM The Conversion stores per-user Google access and refresh tokens, token scope, token type, and expiration information on the application server. These credentials are used only to provide the requested Google Sheets import functionality.

Google Drive Picker

The Expense feature requests the per-file drive.file scope. Google Picker lets a user browse and deliberately select or upload a Drive file. The application receives selected-file metadata, including the file ID and name, to construct a Google Drive URL for a billing-document or payment-receipt field.

The Picker access token remains temporarily in browser memory for the active page session and is not persisted on the CRM server. The CRM stores only the selected Drive URL in the related Expense record. It does not download, copy, or store the file contents, and it does not change the file's Google Drive sharing permissions. Access to the URL remains subject to the file owner's Drive permissions.

Google API Services Limited Use disclosure. CRM The Conversion's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

4. How we use information

We use information only as necessary to:

  • Provide and maintain CRM, task, account-servicing, and accounting features.
  • Import user-selected Google Sheets data into content plans.
  • Attach a user-selected Google Drive URL to an Expense record.
  • Authenticate users, enforce permissions, prevent misuse, and protect the service.
  • Diagnose errors, provide support, and meet legal or regulatory obligations.

We do not sell Google user data. We do not use Google user data for advertising, retargeting, credit decisions, or building advertising profiles.

5. When information is shared

We do not disclose Google user data except:

  • To authorized personnel who need it to provide the user-facing business workflow.
  • To service providers acting on our instructions under confidentiality and security obligations.
  • When required to comply with law, valid legal process, or protect users and the service.
  • As part of a business transfer where legally permitted and subject to appropriate notice or consent.

Google processes information under its own terms when you use Google authentication, Google Sheets, Google Drive, or Google Picker.

6. Data security

We apply reasonable administrative and technical safeguards designed to protect information against unauthorized access, alteration, disclosure, or destruction. These measures include authenticated access, role-based permissions, transport security, database controls, and operational logging. No method of storage or transmission is completely secure, so absolute security cannot be guaranteed.

7. Data retention

Business records and imported content-plan data are retained while needed for the relevant operational, accounting, contractual, or legal purpose. Google Sheets access and refresh tokens are retained while the connection is active and needed to provide the import feature. Expense Drive URLs are retained with the related Expense record.

Data is deleted or anonymized when it is no longer needed, when an authorized deletion request is completed, or when applicable retention requirements expire. Security backups may retain limited copies until their normal replacement cycle completes.

8. Data deletion and your choices

You can revoke CRM The Conversion's Google access at any time from your Google Account permissions. Revocation prevents future Google API access but does not automatically remove business records already imported or Drive URLs attached to Expense records.

To request access, correction, deletion of imported Google data, removal of stored Google tokens, or deletion of an attached Drive URL, email [email protected] from your registered work email. Include enough information to identify your account and the records concerned. We may verify your identity and authorization before acting. Verified requests will normally be completed within 30 days unless a longer period is required by law or the data must be retained for legitimate accounting, security, contractual, or legal purposes.

9. Changes to this policy

We may update this policy when application features, Google data use, or legal requirements change. The updated date will be shown at the top of this page. Where a change materially affects Google user data use, we will provide appropriate notice and request consent when required before using data for a new purpose.

10. Contact

For privacy questions, Google data inquiries, or deletion requests, contact The Conversion at [email protected].