Back to Home

Privacy Policy

Last updated: December 7, 2025

1. Introduction

This Privacy Policy explains how Founders Kit ("Service"), operated by Transfactor Technologies SRL, collects, uses, and protects your personal information when you use our customer relationship management platform. We are committed to protecting your privacy and ensuring transparency about our data practices.

Data Controller

Transfactor Technologies SRL

Splaiul Unirii 10

Bucharest, Romania

Email: info@transfactor.dev

2. Information We Collect

We collect and process the following categories of personal information:

Account Information

  • Name and email address when you create an account
  • Authentication credentials (securely hashed)
  • Profile preferences and settings

Usage Data

  • Log data including IP address, browser type, and access times
  • Feature usage patterns to improve our service
  • Device information for security purposes

Business Data

  • Contact and company information you enter into the CRM
  • Notes, activities, and deal information
  • Files and documents you upload

3. Google User Data

When you choose to connect your Google account to Founders Kit, we access and use Google user data as described below. This connection is entirely optional and can be disconnected at any time.

What Google Data We Access

  • Google Account Email: Your Google account email address for identification and account linking
  • Gmail Messages: Subject lines, message bodies, sender and recipient information, dates, and labels to enable email search and viewing within the CRM
  • Gmail Signature: Your default Gmail signature settings to include in emails composed through our service
  • Google Calendar Events: Event titles, descriptions, locations, dates/times, and attendee information for calendar integration

How We Use Google Data

  • Email Integration: To search, read, compose, and send emails directly from the CRM for customer communication
  • Calendar Integration: To view, create, update, and manage calendar events for scheduling meetings and appointments
  • Signature Inclusion: To automatically include your Gmail signature when composing emails through our platform

Google Data Storage

We store the following Google-related data in our secure, encrypted database:

  • Your connected Google account email address
  • OAuth access and refresh tokens (encrypted at rest)
  • Token expiration timestamps
  • The list of permissions (scopes) you have granted

Important: We do NOT permanently store or cache the content of your emails, calendar events, or any other Gmail/Calendar data. This information is accessed on-demand when you use the integration features and is not retained after your session.

Google Data Retention

OAuth tokens and connection data are retained until you explicitly disconnect your Google account from your profile settings. Upon disconnection:

  • We revoke access tokens with Google
  • All stored tokens and connection data are permanently deleted from our database
  • No Gmail or Calendar data remains in our systems

4. Data Sharing and Disclosure

We take your privacy seriously and are committed to protecting your data:

Google User Data Protection

Google user data (including your Gmail messages, calendar events, and any other data accessed through Google APIs) is never shared, sold, transferred, or disclosed to any third parties. All access to your Google data is conducted exclusively through official Google APIs and is used solely to provide you with the requested CRM functionality.

We may share other personal information only in the following limited circumstances:

  • Service Providers: With trusted third-party service providers who assist in operating our service (e.g., hosting, analytics), bound by confidentiality agreements
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate data protection measures
  • With Your Consent: When you explicitly authorize us to share your information

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • All data transmitted to and from our service is encrypted using TLS/SSL
  • OAuth tokens are encrypted at rest in our database
  • Access to personal data is restricted to authorized personnel only
  • Regular security assessments and updates are performed
  • Secure authentication mechanisms protect your account

6. Your Rights (GDPR)

Under the General Data Protection Regulation (GDPR) and other applicable data protection laws, you have the following rights regarding your personal data:

Right to Access

You have the right to request a copy of the personal data we hold about you and information about how we process it.

Right to Rectification

You have the right to request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure ("Right to be Forgotten")

You have the right to request deletion of your personal data when it is no longer necessary for the purposes for which it was collected, or when you withdraw consent.

Right to Restrict Processing

You have the right to request restriction of processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.

Right to Data Portability

You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.

Right to Object

You have the right to object to processing of your personal data based on legitimate interests or for direct marketing purposes.

Right to Withdraw Consent

Where processing is based on consent, you have the right to withdraw that consent at any time. For Google integrations, you can disconnect your Google account from your profile settings at any time.

To exercise any of these rights, please contact us at info@transfactor.dev. We will respond to your request within 30 days. You also have the right to lodge a complaint with a supervisory authority if you believe your rights have been violated.

7. Cookies and Tracking

We use cookies and similar technologies to enhance your experience:

  • Necessary Cookies: Required for the website to function properly (authentication, security)
  • Analytics Cookies: Help us understand how visitors interact with our website (with your consent)
  • Marketing Cookies: Used to track visitors for advertising purposes (with your consent)

You can manage your cookie preferences through our cookie banner or your browser settings. Please note that disabling certain cookies may affect the functionality of our service.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside of your country of residence. We ensure that such transfers are conducted in compliance with applicable data protection laws and that appropriate safeguards are in place to protect your data.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this Privacy Policy periodically for any changes.

10. Contact Information

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

Email: info@transfactor.dev

Address: Transfactor Technologies SRL, Splaiul Unirii 10, Bucharest, Romania

Back to Home