SystemicSystemic

Politique de confidentialité — Systemic CRM

Date d'entrée en vigueur : 18 mars 2026

1. General Provisions

1.1. This Privacy Policy (hereinafter — "Policy") describes how LIMITED LIABILITY COMPANY "SYSTEMIK" (hereinafter — "Provider," "we") collects, uses, stores, and protects the personal data of users of the Systemic CRM service (hereinafter — "Service").

1.2. By using the Service, you agree to the terms of this Policy.

1.3. We comply with the requirements of the Law of Ukraine "On the Protection of Personal Data" and, when processing data of EU residents, the General Data Protection Regulation (GDPR).

2. Data We Collect

2.1. Data you provide during registration:

  • Email address
  • Password (stored in encrypted form in Firebase Authentication)
  • Business name
  • Contact person's name

2.2. Data you enter while using the Service:

  • Customer information (names, phone numbers, notes)
  • Appointments, orders, financial transactions
  • Staff data (names, contacts, schedules)
  • Integration settings (API keys are stored in encrypted form)

2.3. Data collected automatically:

  • IP address (for security and audit purposes)
  • Browser and device type
  • Error data (via Sentry — without personal data)

3. How We Use Your Data

3.1. Your data is used exclusively for:

  • Providing and improving the Service
  • Authentication and account security
  • Sending service notifications (payments, Service changes)
  • Technical support

3.2. We do NOT use your data for:

  • Selling or sharing with third parties
  • Marketing communications without your consent
  • Training artificial intelligence models
  • Profiling or targeted advertising

4. Data Storage and Security

4.1. Data is stored on Google Cloud Platform servers (Firebase/Firestore) in European data centers.

4.2. We apply the following security measures:

  • Data encryption in transit (TLS/HTTPS)
  • Encryption of sensitive fields (API keys, integration passwords)
  • Authentication via Firebase Authentication
  • Data isolation between different businesses (tenants)
  • Regular backups
  • Audit logs of all changes

4.3. Access to the database is restricted to authorized technical personnel of the Provider.

5. Data Sharing with Third Parties

5.1. We use the following third-party services for the operation of the Service:

ServicePurposeData Received
Google FirebaseDatabase hosting, authenticationAll Service data
VercelWeb application and API hostingRequest logs (IP, URL)
LiqPayPayment processingEmail, payment amount
SentryError monitoringTechnical data (no PII)
ResendEmail notificationsRecipient email addresses

5.2. Each of these services has its own privacy policy and meets security standards.

5.3. We do not sell or share your data with any other third parties, except as required by law.

6. Third-Party Integrations

6.1. The Service supports integrations with Telegram, Nova Poshta, Checkbox, Rozetka, Prom.ua, and other services.

6.2. Data is shared with these services only at the User's initiative and only to the extent necessary for the integration to function.

6.3. API keys and passwords for integrations are stored in encrypted form and are never transmitted to the client device.

7. Your Rights

7.1. You have the right to:

  • Access — obtain a copy of all your data (via the "Export Data" feature in the Service)
  • Rectification — modify or update your data at any time
  • Erasure — delete your account and all associated data (via the "Delete Account" option in settings)
  • Restriction of processing — request suspension of your data processing
  • Portability — receive your data in a machine-readable format (JSON)

7.2. To exercise these rights, contact support@systemic-crm.com. We will respond within 30 days.

8. Cookies

8.1. The Service uses only technical cookies necessary for:

  • Maintaining an authenticated session (Firebase Auth)
  • Saving interface preferences (language, theme)

8.2. We do not use marketing, analytics, or advertising cookies.

9. Data Retention and Deletion

9.1. Data of active accounts is retained for the entire duration of Service usage.

9.2. After account deletion:

  • Database records are deleted within 30 days
  • Backups containing your data are deleted within 90 days
  • Error logs in Sentry are retained for 90 days
  • Server logs in Vercel are retained for 30 days

9.3. Data of inactive free accounts is deleted 90 days after the trial period ends.

10. Changes to This Policy

10.1. We may update this Policy. We will notify you of material changes via email or an in-app notification at least 14 days in advance.

10.2. Continued use of the Service after changes take effect constitutes acceptance of the updated Policy.

11. Contact Information

For privacy and data protection inquiries:

Provider: LIMITED LIABILITY COMPANY "SYSTEMIK"

Email: support@systemic-crm.com

Address: Ukraine, 02002, Kyiv, 8 Okipnoi Raisy St., office 397