Privacy Policy
Your data is securely protected
Sole Proprietor Yunyk Oleh Pavlovych (hereinafter — "We", "Company" or "SAM CRM") pays special attention to protecting the privacy of our users' personal data. This Privacy Policy describes what data we collect, how we use it, store it, and protect it.
By using our SAM CRM service, you accept the terms of this Privacy Policy.
1. What Personal Data We Collect
1.1. Registration Data:
- •Name and surname — for personalization
- •Email address — for login, password recovery, notifications
- •Phone — additional contact method (optional)
- •Password — stored in encrypted form (bcrypt hash)
- •Company name — for account settings
- •Country — for localization and analytics
1.2. Usage Data:
- •IP address — for security and abuse prevention
- •Browser data — User-Agent, OS version for compatibility
- •Cookies — for session storage and settings
- •Activity logs — actions in the system, login/logout time
1.3. Payment Data:
We DO NOT store bank card data. All payments are processed through:
- •PayPal — international payment system (PCI DSS certified)
- •Stripe — payment platform (PCI DSS Level 1)
2. How We Use Your Data
Providing access to SAM CRM, processing requests, technical support
Identity verification, account protection, unauthorized access prevention
Customizing the interface to your needs, feature recommendations
Managing subscriptions, invoicing, refunds
Usage analytics, bug fixes, new feature development
3. Who Has Access to Your Data
Access is limited
Your personal data is accessible only to:
- →You — full control through your account
- →Your team — if you added employees to your account
- →SAM CRM administrators — only for technical support (upon your request)
3.1. Third Parties (limited access):
- •Vercel — platform hosting (USA, GDPR compliant)
- •Neon Database — database (AWS, encryption at-rest)
- •OpenAI (GPT-5) — AI content analysis
- •PayPal / Stripe — payment processing
We NEVER share your data with:
- ✗Advertising companies or marketers
- ✗Data brokers
- ✗Social networks for targeting
- ✗Third parties without your explicit consent
4. Your Rights Regarding Personal Data
In accordance with the Law of Ukraine "On Protection of Personal Data" (№ 2297-VI dated 01.06.2010) and GDPR, you have the following rights:
→ Right to Access
You can request what personal data we store about you. Response provided within 30 days.
→ Right to Rectification
You can update or correct your data through your account or by contacting us at sam@sam-crm.ai
→ Right to Erasure ("right to be forgotten")
You can request complete deletion of all your data from our systems. To do this:
- 1. Email sam@sam-crm.ai with subject "Delete Personal Data"
- 2. Specify your email registered in SAM CRM
- 3. Confirm the request (we will send a confirmation code)
- 4. Within 30 days all your data will be permanently deleted
→ Right to Data Portability
You can export all your data in CSV format through your account at any time.
5. How We Protect Your Data
🔐 Encryption
SSL/TLS (HTTPS) for data transmission, bcrypt for passwords, database encryption at-rest
🔒 OAuth 2.0
Secure Gmail access without storing passwords, only tokens with limited rights
💾 Backups
Automatic daily backups with encryption and geographic distribution
👁️ Monitoring
Access attempt logging, suspicious activity detection, DDoS protection
6. Applicable Legislation
This Privacy Policy is governed by the laws of Ukraine, in particular:
📜 Law of Ukraine "On Protection of Personal Data"
№ 2297-VI dated 01.06.2010 (as amended)
Read on the Verkhovna Rada website →🇪🇺 General Data Protection Regulation (GDPR)
EU Regulation 2016/679 (compliance for international users)
Learn more about GDPR →7. Contact Information
If you have questions about this Privacy Policy or want to exercise your rights, contact us:
Data Controller: Sole Proprietor Yunyk Oleh Pavlovych
Email: sam@sam-crm.ai
Phone: +380 73 000 77 08
Website: https://sam-crm.ai
We respond to requests within 3-5 business days.
Last updated: November 17, 2025
Document version: 1.0
This Privacy Policy is an integral part of the Terms of Service.