This Privacy Policy explains how ITWAYS CRM ("Application", "we", "our", "us") collects, uses, and protects information when users connect their Google account to the Application.
ITWAYS CRM is a web-based customer relationship management (CRM) system.
2. Information We Collect
2.1 Google User Data
When a user connects their Google account using Google OAuth, the Application may access the following data only after explicit user consent:
Google Contacts (to create, update, or delete client contacts)
Google Calendar (to create, update, or delete meetings and follow-ups)
Google Drive (to upload, download, or share files explicitly selected by the user)
The Application may also store:
OAuth access tokens and refresh tokens (securely encrypted)
The user's Google account email address
Authorized scope information
2.2 Technical Information
For security and operational purposes, the Application may collect:
Authentication timestamps
Connection logs
Internal user or account identifiers
3. How We Use Information
We use the collected information only to:
Provide CRM features requested by the user
Synchronize contacts and calendar events with Google services
Upload or retrieve files selected by the user
Maintain secure authentication and session continuity
Diagnose and resolve technical issues
4. Data Storage and Security
All authentication tokens are securely stored using encryption
Access is restricted to authorized application components
All data transmission occurs over HTTPS
We do not sell, rent, or share Google user data with third parties
5. Data Retention
We retain Google authentication data until:
The user disconnects their Google account from the Application
Access is revoked from the user's Google Account settings
A deletion request is submitted by the user
6. User Rights and Control
Users may:
Disconnect Google access at any time
Revoke permissions from their Google Account settings
Request deletion of stored authentication data
7. Google API Limited Use Disclosure
ITWAYS CRM's use and transfer of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.
Google user data is:
Used only to provide user-requested CRM functionality
Not used for advertising, analytics, or profiling
Not shared with third parties
8. Cookies and Session Data
We use minimal session cookies only to:
Maintain secure login sessions
Protect against CSRF attacks
We do not use tracking or advertising cookies.
9. Children's Privacy
The Application is not intended for users under the age of 13, and we do not knowingly collect data from children.
10. Changes to This Policy
We may update this Privacy Policy from time to time. Updates will be posted on this page with a revised "Last Updated" date.