Privacy Policy

1. Introduction

MyRolodex ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our concierge management platform. Please read this policy carefully to understand our practices regarding your personal data.

2. Information We Collect

2.1 Information You Provide

• Account Information: Name, email address, password, organization name
• Member Data: Contact details, membership tiers, preferences, and service history
• Communication Data: Messages, emails, and SMS sent through the platform
• Vendor Information: Vendor contacts, service details, and notes
• Payment Information: Billing address and payment method details (processed by Stripe)

2.2 Information Collected Automatically

• Usage Data: Pages visited, features used, and actions taken within the platform
• Device Information: Browser type, operating system, and device identifiers
• Log Data: IP addresses, access times, and referring URLs
• Cookies: Session cookies for authentication and preferences

3. How We Use Your Information

We use the information we collect to:

• Provide, maintain, and improve the Service
• Process transactions and send related information
• Send administrative messages, updates, and security alerts
• Respond to your comments, questions, and support requests
• Monitor and analyze usage patterns and trends
• Detect, prevent, and address technical issues and fraud
• Comply with legal obligations

4. Data Sharing and Disclosure

We may share your information in the following circumstances:

• Service Providers: Third parties that help us operate the Service (hosting, analytics, payment processing)
• Integration Partners: When you connect third-party services (Twilio, Stripe, etc.)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize sharing

We do not sell your personal information to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your data, including:

• Encryption of data in transit (TLS) and at rest
• Field-level encryption for sensitive personal information
• Regular security assessments and penetration testing
• Access controls and authentication mechanisms
• Employee training on data protection

While we strive to protect your data, no method of transmission over the Internet is 100% secure.

6. Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. We may retain certain information as required by law or for legitimate business purposes. When you delete your account, we will delete or anonymize your personal data within 90 days, except where retention is required for legal or compliance purposes.

7. Your Rights and Choices

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data
• Portability: Request your data in a portable format
• Objection: Object to certain processing activities
• Restriction: Request restriction of processing

To exercise these rights, please contact us at privacy@myrolodex.com.

8. Cookies and Tracking

We use cookies and similar technologies to:

• Authenticate users and maintain sessions
• Remember your preferences
• Analyze usage patterns
• Improve our Service

You can control cookies through your browser settings, but disabling cookies may affect functionality.

9. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place for such transfers, including standard contractual clauses and compliance with applicable data protection frameworks.

10. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete that information.

11. Third-Party Services

The Service integrates with third-party services that have their own privacy policies:

• Stripe: Payment processing - stripe.com/privacy
• Twilio: SMS/messaging - twilio.com/legal/privacy
• SendGrid: Email delivery - sendgrid.com/policies/privacy

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. For significant changes, we may also notify you via email or through the Service.

13. Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: privacy@myrolodex.com
Data Protection Officer: dpo@myrolodex.com
Address: MyRolodex, Inc.

14. California Residents

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA), including the right to know what personal information we collect, the right to delete your information, and the right to opt-out of the sale of your information. As noted above, we do not sell personal information.

15. European Residents

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have rights under the General Data Protection Regulation (GDPR). Our legal basis for processing your data includes contract performance, legitimate interests, consent, and legal obligations. You may lodge a complaint with your local data protection authority if you believe we have violated your rights.