Privacy Policy
Last updated: June 19, 2026
1. Who we are
RNSoft Solutions ("RNSoft", "we", "our") operates RNSoft CRM, a cloud-based customer relationship management platform. Our principal place of business is in Ontario, Canada. For privacy questions, contact us at info@rnsoftsolutions.com.
2. What data we collect
We collect two categories of data:
Account data — your name, email address, and password (hashed, never stored in plaintext) when you create an account.
CRM data — data you enter into the platform: contact names, email addresses, phone numbers, companies, job titles, deal values, activity notes, orders, and any other information you choose to store. This data belongs entirely to you.
Usage data — an audit log of actions taken within your workspace (who created, updated, or deleted records and when). This is stored in your tenant and is included in your data export.
3. How we use your data
We use your data only to provide and improve the RNSoft CRM service:
- To authenticate you and maintain your session
- To store and retrieve your CRM records
- To send transactional emails (e.g., password resets)
- To generate reports and analytics within your workspace
- To power AI-assisted features (business card scanning) — images are processed and immediately discarded
We do not sell your data. We do not use your CRM data for advertising.
4. Third-party processors
We use the following sub-processors to deliver the service. Each is bound by a Data Processing Agreement:
| Processor | Purpose | Location |
|---|---|---|
| Supabase | Database, authentication, file storage | Canada (ca-central-1) |
| Resend | Transactional email delivery | United States |
| Anthropic | AI features (business card scanning) | United States |
| Vercel | Application hosting and CDN | Canada / United States |
5. Data isolation & security
Each customer workspace is isolated using row-level security policies enforced at the database level. No workspace can access another workspace's data. All data is encrypted at rest and in transit (TLS 1.2+). Access to production systems is restricted to authorized personnel only.
6. Data retention
Your data is retained for as long as your account is active. If you cancel or request deletion, we retain your data for 30 days to allow you to export it or reverse the decision. After 30 days, all data associated with your workspace is permanently deleted. See our Data Retention Policy for full details.
7. Your rights
Under PIPEDA (Canada) and applicable privacy laws, you have the right to:
- Access — request a copy of all personal data we hold about you
- Correction — update inaccurate or incomplete information
- Portability — export all your CRM data at any time via Settings → Export
- Deletion — request permanent deletion of your account and all associated data
- Withdrawal of consent — stop using the service at any time
To exercise any right, email info@rnsoftsolutions.com. We will respond within 30 days.
8. Cookies
We use a single session cookie to keep you logged in. We do not use advertising cookies or third-party tracking scripts. No cookie consent banner is required because we only use strictly necessary cookies.
9. Changes to this policy
We may update this policy to reflect changes to our practices or legal requirements. We will notify active users by email at least 14 days before material changes take effect.
10. Contact
Privacy Officer, RNSoft Solutions
Ontario, Canada
info@rnsoftsolutions.com