🚀 Launch Pricing — Sign up today and keep this price foreverLock in now Prices will increase as we grow — early adopters stay at today's rate for life $4.99/user/month — pay only for the seats you need. No surprises. 🔒 Your launch price is locked in the moment you sign up 🚀 Launch Pricing — Sign up today and keep this price foreverLock in now Prices will increase as we grow — early adopters stay at today's rate for life $4.99/user/month — pay only for the seats you need. No surprises. 🔒 Your launch price is locked in the moment you sign up
Back to Kordic CRM
Legal

Privacy Policy

Last updated: April 23, 2026

Kordic CRM, a product of Diggit Software Solutions Co. LLC ("Diggit", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, view our advertisements, or use our customer relationship management software and related services (collectively, the "Service").

This policy applies to:

  • Visitors to https://kordic.io and any sub-pages
  • Users who interact with our advertisements on third-party platforms (including Meta, Google, LinkedIn, and others)
  • Users who sign up for the Service (trial or paid)
  • Anyone who contacts us or submits a form on our website

01 Information We Collect

1.1 Information you provide directly
  • Account registration information (name, email address, company name, password)
  • Workspace and team member information
  • Lead and customer data you enter into the CRM
  • Payment information processed through Stripe (we do not store card details)
  • Communications and notes you create within the platform
  • Files and documents you upload
  • Information you submit via contact forms, demo requests, or lead forms on our website or landing pages
1.2 Information collected automatically

When you visit our website, view our ads, or use the Service, we and our third-party partners automatically collect:

  • Log data — IP address, browser type and version, pages visited, referring URL, timestamps, time spent on pages
  • Device information — device type, operating system, screen resolution, unique device identifiers
  • Usage data — features used, actions taken within the platform, click patterns
  • Location data — approximate geographic location derived from IP address (country and city level)
  • Cookies and similar tracking technologies — see Section 4 below for full details
1.3 Information collected through advertising

When you interact with our advertisements on platforms such as Meta (Facebook, Instagram), Google Ads, LinkedIn, or similar services, we and these platforms may collect:

  • Your interaction with the ad (impressions, clicks, video views)
  • Conversion events (form submissions, sign-ups, purchases)
  • Website activity after clicking an ad (pages visited, actions taken)
  • Audience information used by the platform to optimise ad delivery
1.4 Information from third-party integrations
  • Gmail integration — email metadata, subject lines, sender/recipient information, and email body content when you connect your Gmail account
  • Google OAuth — your Google account email address and basic profile information

02 How We Use Your Information

Service delivery
  • To provide, maintain, and improve the Service
  • To process transactions and send related information including purchase confirmations and invoices
  • To send administrative information such as changes to our terms and policies
  • To respond to comments, questions, and requests
  • To detect and prevent fraudulent transactions and other illegal activities
AI features
  • To generate AI-powered insights and briefings using Anthropic's Claude API (see Section 5)
Marketing and advertising
  • To serve you relevant advertisements on third-party platforms including Meta, Google, LinkedIn, and TikTok
  • To measure the effectiveness of our advertising campaigns
  • To retarget visitors who have interacted with our website or ads
  • To build lookalike audiences based on our existing users (no personal data is shared with platforms for this — only hashed identifiers where permitted)
  • To send marketing communications where you have opted in or where permitted by law
  • To analyse visitor behaviour to improve our website, landing pages, and ad creative
Analytics
  • To monitor and analyse usage patterns to improve user experience
  • To produce aggregated statistics about our website and Service usage
Legal and compliance
  • To comply with applicable laws, regulations, and legal processes
  • To enforce our Terms of Service
  • To protect the rights, property, or safety of Diggit, our users, or others

03 Legal Bases for Processing

Where applicable data protection law requires us to identify a lawful basis (EU / UK / UAE / Pakistan), we rely on:

Basis When we use it
Contract Processing necessary to provide the Service you have signed up for
Legitimate interests Security, fraud prevention, basic analytics, and limited direct marketing to existing customers about similar services, balanced against your rights and interests
Consent Advertising cookies, marketing communications to non-customers, and any optional features where consent is specifically requested
Legal obligation Where we must process data to comply with law (e.g., tax records, responding to lawful requests from authorities)
Withdrawal of consent: You may withdraw consent at any time where processing is based on consent. Withdrawal does not affect the lawfulness of processing carried out before withdrawal.

04 Cookies and Tracking Technologies

4.1 What are cookies?

Cookies are small text files stored on your device when you visit a website. We and our partners use cookies and similar technologies (pixels, web beacons, local storage, SDKs) to recognise you, remember your preferences, analyse site usage, and deliver advertising.

4.2 Categories of cookies we use
4.3 Managing your cookie preferences

When you first visit kordic.io you will see a cookie banner allowing you to accept all cookies, reject non-essential cookies, or customise your preferences. You can change your preferences at any time by clicking the "Cookie Preferences" link in our website footer.

4.4 Opting out of interest-based advertising

Mobile users can limit ad tracking through device settings (iOS: Settings › Privacy › Tracking; Android: Settings › Google › Ads).

05 AI Features and Data Processing

Kordic CRM uses Anthropic's Claude API to power AI features including pre-call briefings and deal health scores. When you use these features, relevant lead data (including notes, deal information, and contact details) is sent to Anthropic's API for processing.

No training on your data: Anthropic processes this data in accordance with their privacy policy and does not retain it for model training under their commercial API terms. We do not use your data to train AI models.

06 Gmail Integration

When you connect your Gmail account, Kordic CRM accesses your Gmail data solely to display email history related to your leads and to send emails on your behalf. We store OAuth tokens securely to maintain your connection.

  • We do not read, store, or analyse emails unrelated to your leads
  • You can disconnect Gmail at any time from within the application, which will revoke our access to your Gmail data
Kordic CRM's use of Gmail data complies with the Google API Services User Data Policy, including the Limited Use requirements.

07 How We Share Your Information

We do not sell your personal information as defined by most privacy laws. We share your information with:

Service providers (processors)
Supabase
Database & authentication infrastructure
Stripe
Payment processing
Anthropic
AI features (lead data sent for processing)
Google
Gmail integration & OAuth authentication
Railway / Vercel
Cloud hosting infrastructure
Advertising and analytics partners
Meta
Advertising, conversion tracking, retargeting
Google Ads & Analytics
Advertising, conversion tracking, analytics
LinkedIn
Advertising and conversion tracking
TikTok
Advertising and conversion tracking
All third-party service providers who process data on our behalf are contractually obligated to keep your information confidential and use it only for the purposes for which we disclose it.

08 Data Retention

Data typeRetention period
Account dataRetained while account is active; deleted within 30 days of account closure
Payment records7 years for tax and legal compliance
Marketing listsUntil you unsubscribe or request deletion
Website analyticsTypically 14 months (Google Analytics default)
Advertising cookiesVaries by platform, typically 30–180 days
Support communications3 years

If you wish to delete your account, contact us at sales@kordic.io. We will delete your data within 30 days, except where we are required to retain it for legal or regulatory purposes.

09 Security

We implement industry-standard security measures including:

  • Encryption in transit (TLS)
  • Encrypted storage
  • Row-level security on our database
  • Access controls and least-privilege principles
  • Regular security audits
No method of transmission over the Internet or electronic storage is 100% secure. You are responsible for keeping your account credentials confidential.

10 Your Rights

10.1 Rights available to all users
Request access to personal information we hold
Request correction of inaccurate information
Request deletion of your personal information
Object to our processing of your information
Request your data in a portable format
Withdraw consent at any time
Lodge a complaint with a data protection authority
10.2 EEA, UK, and Switzerland (GDPR / UK GDPR)

If you are located in the EEA, UK, or Switzerland, you have additional rights under GDPR or UK GDPR, including the right not to be subject to solely automated decision-making and the right to restriction of processing. Our representative for GDPR inquiries: sales@kordic.io

10.3 California Residents (CCPA / CPRA)

California residents have the right to know, delete, correct, and opt out of sale or sharing of personal information. Our use of advertising cookies and pixels (Meta, Google, LinkedIn, TikTok) may constitute "sharing" for cross-context behavioural advertising under CPRA. To opt out, click "Do Not Sell or Share My Personal Information" in our website footer, or adjust your cookie preferences to reject advertising cookies.

10.4 Other jurisdictions (UAE, Pakistan, other US states)

Residents of states with comprehensive privacy laws and residents of the UAE (UAE PDPL) and Pakistan (Personal Data Protection Act 2023) have rights to access, correction, deletion, and objection to processing. Contact sales@kordic.io to exercise these rights.

10.5 How to exercise your rights
Email sales@kordic.io with subject line "Data Protection Request". We will respond within the timeframes required by applicable law (typically 30–45 days). We may need to verify your identity before fulfilling requests.

11 International Data Transfers

Diggit Software Solutions Co. LLC is based in the United Arab Emirates. Our service providers are located in various countries including the United States and European Union. For transfers from the EEA, UK, or Switzerland, we rely on Standard Contractual Clauses approved by the European Commission or other lawful transfer mechanisms as permitted by GDPR.

12 Children's Privacy

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us at sales@kordic.io and we will delete the information.

13 Do Not Track Signals

Some browsers include a "Do Not Track" (DNT) feature. Because no common industry standard for DNT has been adopted, we do not currently respond to DNT signals. You can manage tracking through our cookie banner and the opt-out mechanisms described in Section 4.

14 Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last updated" date. For material changes that affect your rights, we will provide prominent notice (such as by email or a notice on our website) at least 30 days before the changes take effect.

15 Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

Kordic CRM

Operated by: Diggit Software Solutions Co. LLC
For data protection inquiries, use subject line: "Data Protection Request"