GDPR Compliance Policy

Last Updated: 24/12/2025

This GDPR Compliance Policy explains how TheGreatCRM (“we,” “our,” or “us”) collects, processes, stores, and protects personal data in compliance with the General Data Protection Regulation (GDPR) for users located in the European Union (EU).

Your privacy matters. By using our website, you agree to the practices described in this policy.

1. Data We Collect

TheGreatCRM collects only the data necessary to operate, improve, and secure the website.

a) Information You Provide Voluntarily This includes personal information submitted through:

  • Contact forms
  • Email inquiries
  • Feedback submissions
  • Newsletter signup (if applicable)

We may collect:

  • Name (if provided)
  • Email address
  • Message content

b) Automatically Collected Data When using our website, we may collect:

  • IP address (may be anonymized)
  • Browser type and version
  • Device type and operating system
  • Pages viewed and session duration
  • Referrer information
  • Cookies and tracking data

c) No Sensitive Data We do not intentionally collect sensitive categories such as:

  • Financial data
  • Health information
  • Biometric identifiers
  • Political or religious details

2. Legal Basis for Processing Personal Data

We process your data based on one or more lawful grounds:

  • Consent: When you contact us or accept cookies.
  • Legitimate Interest: To analyze traffic, improve content, and ensure security.
  • Contractual Necessity: To respond to questions or support requests.
  • Legal Obligation: When required by law.

3. How We Use Your Data

We use your personal data for purposes such as:

  • Responding to messages, inquiries, or requests.
  • Maintaining and improving website performance.
  • Analyzing traffic and user behavior.
  • Enhancing our reviews, comparisons, and content.
  • Preventing spam and ensuring website security.
  • Meeting legal and regulatory obligations.

We never sell or lease personal data.

4. Cookies & Tracking Technologies

Cookies help us understand:

  • How users navigate the website
  • Which content is useful
  • How the website performs on different devices

You can manage or disable cookies in your browser settings. See our Cookie Policy for more details (can generate upon request).

5. Data Sharing With Third Parties

Your data may be shared with trusted third parties, including:

  • Website hosting providers
  • Analytics tools (e.g., Google Analytics)
  • Spam detection or firewall services
  • Email delivery systems

These partners are required to follow GDPR requirements and may access only the data necessary to perform their function. We do not sell personal data to third parties.

6. Data Retention

We retain personal data only for as long as necessary:

  • To respond to inquiries
  • For analytical purposes
  • To fulfill legal obligations

Email messages may be retained to maintain communication history unless you request deletion. When data is no longer required, it is securely removed.

7. Your GDPR Rights

If you are located in the EU, you have the right to:

Access Request a copy of the personal data we hold about you.

Rectification Request corrections to inaccurate or incomplete data.

Erasure (“Right to Be Forgotten”) Request deletion of your data.

Restrict Processing Limit how we use your data.

Object to Processing Object to data use based on legitimate interest.

Data Portability Receive your data in a machine-readable format.

Withdraw Consent You may withdraw consent at any time.

To exercise any rights, email: rakib@thegreatcrm.com

8. How We Protect Your Data

We use industry-standard security measures, including:

  • SSL encryption
  • Secure hosting infrastructure
  • Firewalls and anti-abuse systems
  • Limited access to personal data
  • Regular website monitoring

No online system can guarantee 100% security, but we take all reasonable precautions.

9. International Data Transfers

Data may be processed outside the EU. When this occurs, we ensure that:

  • The receiving country offers adequate protection, or
  • Standard Contractual Clauses (SCCs) or approved safeguards are in place.

10. Children’s Privacy

TheGreatCRM is not intended for users under age 16. We do not knowingly collect personal data from children. If a child’s data has been submitted, contact us for immediate removal.

11. Updates to This Policy

We may update this GDPR Policy periodically. The latest version will always be available on this page with a revised “Last Updated” date.

Continued use of the website means you accept the updated terms.

12. Contact Us

For GDPR questions or data requests, contact:

Email: rakib@thegreatcrm.com