Privacy Policy
Last updated: June 7, 2026
Back Office Solutions LLC (“BOS,” “we,” “us”) operates Vortex OS (the “Service”). This Privacy Policy describes how we collect, use, share, and protect personal information when you use the Service or the websites at vortexcrm.ai and app.vortexcrm.ai.
1. Information We Collect
- Account info: name, email, phone, company, role.
- Billing info: processed by Stripe; we store the customer ID, subscription status, amounts, and last 4 digits — never full card numbers.
- Customer Data: records you upload (CRM leads, financials, marketing assets, documents) and AI conversation history within your workspace.
- Integration data: when you connect QuickBooks, Google, Facebook, or other providers, we receive the data permitted by your authorization scope.
- Usage data: log data, IP address, device/browser type, pages viewed, referring URL, UTM parameters, and feature usage telemetry.
- Cookies: strictly necessary cookies for authentication; analytics and marketing cookies only where consent is granted.
2. How We Use Information
- Provide, secure, and improve the Service.
- Process payments and manage subscriptions.
- Send transactional emails (account, billing, security, product notifications).
- Provide customer support and respond to inquiries.
- Detect, prevent, and respond to fraud, abuse, and security incidents.
- Comply with legal obligations.
3. AI Processing
AI features process prompts and relevant Customer Data through trusted model providers under contractual confidentiality and no-training commitments. We do not sell Customer Data, and we do not allow AI providers to train foundation models on your Customer Data.
4. Sharing
We share information only with: (a) service providers under written agreement (hosting, email, analytics, payments); (b) integration providers you authorize; (c) law enforcement when legally required; and (d) successors in connection with a merger, acquisition, or asset sale (you will be notified).
5. Retention
Active account data is retained for the life of your subscription plus 30 days for export. Billing records are retained for 7 years for tax/audit compliance. Backup snapshots roll off within 90 days.
6. Your Rights
Depending on your jurisdiction (e.g., GDPR, CCPA, CPRA), you may have rights to access, correct, delete, port, or restrict processing of your personal information. Submit requests to privacy@vortexcrm.ai. You can also request account deletion at vortexcrm.ai/data-deletion.
7. Security
Data is encrypted in transit (TLS 1.2+) and at rest. Access is role-based and audited. MFA is required for administrative accounts. Report vulnerabilities to security@vortexcrm.ai.
8. Children
The Service is not directed to children under 16, and we do not knowingly collect their data.
9. International Transfers
Data may be processed in the United States. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.
10. Changes
We will post material changes here and notify you by email at least 30 days before they take effect.
11. Contact
Back Office Solutions LLC · privacy@vortexcrm.ai

