Dysruptive Technologies Ltd (“we”, “us”, “our”) operates Relon CRM. This policy explains how we collect, use, and protect your personal data when you use our service.
1. What We Collect
We collect the following categories of personal data:
- Account data: Name, email address, organisation name, country.
- Usage data: Pages visited, features used, timestamps, IP address, browser type.
- CRM data: Any lead, client, project, or contact data you enter into the platform.
- Payment data: Billing address and last-4 card digits (full card details are held by Stripe or Paystack, not us).
- Communication data: Support emails and messages you send to us.
2. How We Use Your Data
We use your data to:
- Provide, operate, and improve Relon CRM
- Process subscription payments and manage billing
- Send transactional emails (account verification, password resets, invoices)
- Respond to support requests
- Monitor platform security and prevent abuse
- Comply with legal obligations
We do not sell your personal data to third parties. We do not use your CRM data for our own marketing or analytics purposes.
3. Data Sharing
We share data only with the following sub-processors necessary to deliver the service:
- Neon (PostgreSQL hosting) — database storage
- Resend — transactional email delivery
- Stripe — payment processing (USD customers)
- Paystack — payment processing (GHS, NGN, KES, ZAR customers)
- Google Cloud Platform — file storage
- Anthropic / OpenAI / Google — AI features (Growth & Scale plans only; only the specific data you submit to AI features is sent)
We may also share data if required by law or to protect our legal rights.
4. Data Retention
We retain your account and CRM data for as long as your subscription is active. Upon termination, we retain data for 30 days to allow export, after which it is permanently deleted.
Anonymised usage analytics may be retained for up to 24 months for product improvement purposes.
5. Your Rights
Depending on your jurisdiction, you may have the right to: access your personal data, correct inaccurate data, request deletion, restrict or object to processing, and request data portability.
EU and UK users have additional rights under GDPR and UK GDPR. To exercise your rights, contact us at privacy@relon.com. We will respond within 30 days.
6. Cookies & Tracking
Relon CRM uses strictly necessary cookies for authentication (httpOnly JWT cookies) and session management. We do not use third-party advertising cookies or cross-site tracking.
7. Security
We implement industry-standard security measures including TLS encryption in transit, bcrypt password hashing, AES-256 encryption for sensitive API keys, and access controls. We conduct regular security reviews.
No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any incidents.
8. International Transfers
Relon CRM is hosted on infrastructure in the United States. If you are located in the EU or UK, your data is transferred to the US under appropriate safeguards (Standard Contractual Clauses where required). See our DPA for details.
9. Contact
Privacy enquiries: privacy@relon.com · Dysruptive Technologies Ltd, Ghana.