Privacy Policy
Last updated: 7/14/2026
This Privacy Notice describes how Crewistry ("Crewistry", "we", "us", or "our"), the legal entity operating the Crewistry service, collects and processes your personal data. Crewistry acts as the data controller for personal data collected through the service.
1. Information We Collect
We collect information you provide directly (name, email, login credentials, business info, client and job data you enter), support correspondence, usage and telemetry (device, browser, IP address, interaction logs), and limited payment metadata. Payment card details are collected and processed by Paddle, not by us.
2. How We Use Information
To create and operate your account, deliver the service, process subscriptions and payments via Paddle, send transactional emails and SMS you trigger, provide customer support, prevent fraud and abuse, improve features, and comply with legal obligations.
3. Legal Basis for Processing (GDPR)
Where GDPR or UK GDPR applies, we rely on the following legal bases under Article 6: (a) performance of a contract — to provide the service you signed up for; (b) legitimate interests — to secure the service, prevent fraud, and improve the product; (c) consent — where required for non-essential cookies or marketing; and (d) legal obligation — for tax, accounting, and compliance.
4. Sharing
We share personal data with categories of recipients including:
- Paddle.com Market Limited ("Paddle") — our Merchant of Record. Paddle handles checkout, payments, subscription billing, tax compliance, invoicing, refunds, and related customer service for all orders.
- Service providers and subprocessors (hosting, email/SMS delivery, analytics, customer support tooling).
- Professional advisers (legal, accounting) under confidentiality.
- Authorities or third parties where required by law or to protect our rights.
We do not sell personal information.
5. Data Retention
We retain your account data while your account is active and for a reasonable period afterward to meet legal, tax, and accounting requirements. Data is deleted or anonymised when no longer needed. You may request deletion at any time.
6. Security
We apply appropriate technical and organisational measures, including TLS encryption in transit, encryption at rest, role-based access controls, and audit logging.
7. Your Rights
Subject to applicable law (including GDPR/UK GDPR where applicable), you have the right to access, rectify, erase, restrict, port, or object to processing of your personal data, to withdraw consent, and to lodge a complaint with your supervisory authority. We will respond to verified requests within one month.
8. International Transfers
Where personal data is transferred outside the UK/EEA, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.
9. Cookies
We use essential cookies for authentication and limited analytics cookies to improve the product. You can manage cookie preferences via your browser settings.
10. Children
Crewistry is not intended for users under 16.
11. Changes
We may update this policy and will post the new date above. Continued use means acceptance.
12. Contact
Questions or rights requests? Email support@crewistry.app.
