Privacy Policy
Last updated: May 26, 2026
Who we are
ROIthink (the "Service", "we", "us") is a multi-tenant CRM platform operated by Abad & Alban Group. The Service is accessible at https://crm.roithink.com and at tenant-specific custom domains.
What this policy covers
This policy describes the personal data we collect when you (a) sign up for a ROIthink account, (b) use the Service as a tenant operator, or (c) interact with a ROIthink tenant as a contact, lead, customer, or visitor. It also covers data we access via Google OAuth (Gmail, Calendar, and related Google APIs) when a tenant connects a Google account.
Information we collect
Account data
- Name, email address, and authentication credentials.
- Tenant/workspace details (workspace name, branding, billing address).
- Payment data, processed and stored by Stripe; we keep only references (customer ID, subscription ID, last-4 digits).
Contact & CRM data you provide
- Contacts, leads, deals, tasks, notes, files, and any custom fields you store about people you do business with.
- Email, SMS, and call content you send or receive through the Service via integrated providers (SendGrid, Postmark, Gmail, Microsoft 365, Twilio).
- Calendar events when you connect a Google or Microsoft calendar for booking and conflict detection.
Automatically collected
- IP address, user-agent, referrer, and timestamps for security logging and abuse prevention.
- Product telemetry (feature usage, errors, latency) used to operate the Service and publish public SLO metrics on /trust.
- Cookies strictly necessary for session management; optional cookies for analytics (Google Analytics) only when enabled.
Google user data (Gmail, Calendar, Drive)
When a tenant connects a Google account, ROIthink requests OAuth scopes only for the integrations the tenant explicitly enables. We use Google data only to provide the features you opted into:
- Gmail (send / read): sending email on behalf of the connected account, threading inbound replies into the CRM conversation view, attaching the message body and attachments to the related contact record.
- Google Calendar: reading busy/free blocks to detect booking conflicts, and creating events when a booking is confirmed.
We comply with the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
- We do NOT use Google user data to train generalized AI/ML models.
- We do NOT sell, rent, or transfer Google user data to third parties for advertising or other purposes.
- We do NOT allow humans to read Google user data, except (a) with your explicit consent, (b) for security or abuse investigations, (c) to comply with applicable law, or (d) for aggregated, anonymized internal operations.
- OAuth tokens are stored encrypted at rest. You can revoke ROIthink's access at any time from your Google account's third-party app permissions page.
How we use the data
- To provide, operate, maintain and improve the Service.
- To deliver messages, calls, bookings, invoices, and workflows you trigger.
- To authenticate users, prevent abuse, and protect the security of the Service.
- To send service-related notices (billing, security, product updates).
- To comply with legal obligations.
Sharing with sub-processors
We share data with the following sub-processors strictly to operate the Service. We do not sell personal data.
- Supabase / AWS — database, storage, edge compute (US regions).
- Vercel — hosting and CDN.
- Cloudflare — DNS and edge security.
- Stripe — payments and billing.
- Twilio — SMS and voice telephony.
- SendGrid, Postmark, Google (Gmail), Microsoft (Outlook) — email delivery for tenants who connect those providers.
- Anthropic, OpenAI — AI model inference for features you explicitly use (AI agents, summarization). Prompts/responses are not used by these providers to train their models per the API terms.
Data retention & deletion
Tenant data is retained for as long as the tenant has an active account, plus a grace period of 30 days after cancellation during which the workspace can be reactivated. After that, data is permanently deleted from primary stores within 90 days and from backups within 180 days.
You can request deletion of your account or specific contact records at any time via [email protected]. Contacts whose data is stored by a tenant can request access, correction, or deletion of their personal data; we will forward such requests to the responsible tenant and assist as the data processor.
Your rights
Depending on your jurisdiction, you may have the right to access, correct, port, delete, or restrict processing of your personal data, and to object to processing. To exercise any of these rights, contact [email protected].
Security
We use HTTPS everywhere, encrypted storage at rest, row-level security in the database to enforce tenant isolation, signed HMAC receipts on contact-record access, and least-privilege service tokens. No system is 100% secure; if you believe you have discovered a vulnerability, please report it to [email protected].
International transfers
Our primary infrastructure is hosted in the United States. If you access the Service from outside the US, your data will be transferred to and processed in the US, where data protection laws may differ from your jurisdiction.
Children
The Service is not intended for individuals under 16. We do not knowingly collect personal data from children. If we learn we have collected data from a child, we will delete it.
Changes to this policy
We may update this policy from time to time. Material changes will be communicated via the Service or by email. The "Last updated" date at the top reflects the latest revision.
Contact
Questions about this policy or our data practices? [email protected].