Privacy Policy

Privacy Policy

Last updated: February 2026

1. Introduction

Vedain CRM ("Vedain", "we", "us", or "our") operates the website at vedain.com and the Vedain CRM software-as-a-service platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you visit our website or use our services.

By accessing or using Vedain CRM, you agree to the collection and use of information in accordance with this policy. If you do not agree with the terms of this Privacy Policy, please do not access the service.

This policy applies to all users of the Vedain platform, including administrators, team members, and any individuals whose personal data is processed by a Vedain customer organization.

2. Data We Collect

We collect several categories of information depending on how you interact with Vedain:

Account & Profile Data

When you register, we collect your name, email address, company name, and password (stored as a salted hash). Administrators may also provide billing details, phone numbers, and profile photos.

CRM Data (Customer-Uploaded)

You may upload or enter personal information about third parties (leads, contacts, accounts) into the platform. You are the data controller for that data; we act as the data processor. This may include names, email addresses, phone numbers, company details, and any custom fields you create.

Usage & Log Data

We automatically collect browser type, IP address, pages viewed, features used, timestamps, and error logs when you use the service. This helps us diagnose issues and improve the product.

Email Content

If you connect a Gmail or Microsoft 365 account, we access and store email messages, contact names, and timestamps necessary to provide two-way inbox sync and email tracking features. We do not read, sell, or use your email content for advertising.

Payment Data

Billing is handled by Stripe (USD/AED) and Razorpay (INR). We do not store your full credit card numbers. We receive anonymized payment confirmation tokens and billing status from these providers.

Device & Analytics Data

We may collect browser fingerprint, device type, operating system, and referrer URL to understand how users discover and interact with our marketing website.

3. How We Use Your Data

We use the information we collect for the following purposes:

  • To provide, operate, and maintain the Vedain CRM service
  • To authenticate your identity and manage your account
  • To process subscription payments and send billing receipts
  • To send transactional emails (password resets, invitations, account alerts)
  • To send product updates, feature announcements, and newsletters (you may opt out at any time)
  • To monitor platform uptime, detect abuse, and respond to security incidents
  • To improve the platform through aggregate usage analytics and product research
  • To provide customer support and respond to inquiries
  • To comply with legal obligations and enforce our Terms of Service

We do not sell, rent, or trade your personal information to any third party for their marketing purposes.

4. Data Storage & Security

Vedain stores data on cloud infrastructure hosted in secure data centers. All data is encrypted in transit using TLS 1.2 or higher. Sensitive data at rest (API tokens, OAuth credentials) is encrypted using AES-256.

We implement access controls so that only authorized personnel can access production data, and only when necessary for support or maintenance. All internal access is logged and audited.

Despite our best efforts, no method of transmission over the internet or electronic storage is 100% secure. If you believe your account has been compromised, please contact us immediately at support@vedain.com.

In the event of a data breach that affects your personal information, we will notify you as required by applicable law, and no later than 72 hours after becoming aware of the breach where required by GDPR.

5. Cookies

Vedain uses cookies and similar tracking technologies to maintain your session, remember preferences, and understand how you use our website.

CookiePurposeDuration
access_tokenAuthentication — keeps you signed inSession
_vedain_sessionSession management and CSRF protectionSession
_vedain_prefsSaves UI preferences (theme, language)1 year
_ga, _gidGoogle Analytics — aggregate traffic stats (optional)2 years

You can control cookie settings through your browser. Disabling certain cookies may affect the functionality of the platform (for example, you may be signed out on every visit).

6. Third-Party Services

We work with a limited number of trusted third-party providers to deliver our service. Each provider operates under their own privacy policy and data protection agreements:

  • MongoDB Atlas — Cloud database hosting (cloud.mongodb.com)
  • Stripe — Payment processing for USD and AED transactions (stripe.com)
  • Razorpay — Payment processing for INR transactions (razorpay.com)
  • Google (Gmail API) — Optional OAuth-based email integration (google.com)
  • Microsoft (Graph API) — Optional OAuth-based email integration (microsoft.com)
  • Amazon SES / SendGrid — Transactional email delivery

We do not share your personal information with any third party beyond what is necessary to provide these services. We have Data Processing Agreements in place with all sub-processors as required by GDPR.

7. Your Rights (GDPR / CCPA)

Depending on your location, you may have the following rights regarding your personal information:

Right to Access

You can request a copy of all personal data we hold about you.

Right to Rectification

You can correct inaccurate or incomplete personal data at any time from your account settings.

Right to Erasure

You can request deletion of your personal data and CRM account. We will process this within 30 days.

Right to Portability

You can export your CRM data (leads, contacts, accounts) as CSV files at any time.

Right to Object

You can opt out of marketing communications at any time via the unsubscribe link in any email.

Right to Restrict Processing

In certain circumstances, you can request that we limit how we process your data.

Right to Non-Discrimination (CCPA)

California residents will not be discriminated against for exercising their privacy rights.

Right to Know (CCPA)

California residents can request details about the categories and specific pieces of data we collect.

To exercise any of these rights, please email us at support@vedain.com with the subject line "Privacy Request". We will respond within 30 days. You also have the right to lodge a complaint with your local data protection authority.

8. Data Retention

We retain your personal data for as long as your account is active or as needed to provide services. Upon account deletion:

  • Your profile and CRM data are deleted within 30 days of the deletion request.
  • Billing records are retained for 7 years as required by financial regulations.
  • Aggregate anonymized analytics data may be retained indefinitely.
  • Backup copies may persist for up to 90 days before being purged from backup systems.

If a subscription lapses without renewal, account data is retained for 60 days before being permanently deleted, giving you time to reactivate or export your data.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by posting a notice on our website and/or sending an email to the address associated with your account at least 30 days before the changes take effect.

Your continued use of Vedain after the effective date of any changes constitutes your acceptance of the revised Privacy Policy. We encourage you to review this page periodically.

10. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please reach out to us:

Vedain CRM — Privacy Team

Email: support@vedain.com

Website: vedain.com

We aim to respond to all privacy inquiries within 5 business days.

This Privacy Policy was last updated in February 2026. For questions about our Terms of Service, please visit that page.