Skip to content

Legal

PageCRM Privacy Policy

Effective date: 27 March 2026

Virtux ("we", "us", or "our") operates PageCRM available at pagecrm.com. This Privacy Policy explains how we collect, use, disclose, and protect information when you use our platform. By using PageCRM, you agree to the practices described here.

1. Information We Collect

a. Account information

Name, email address, password (hashed), company name, and profile photo when you register.

b. Contact data

Information you import or create about your contacts — names, phone numbers, email addresses, company details, pipeline stage, notes, and any custom fields.

c. NFC form submissions

When a visitor taps your NFC card and submits an enquiry form, we collect their name, phone, email, message, and the source profile they interacted with.

d. Facebook & Instagram data

When you connect a Facebook Page or Instagram account, we receive and store:
  • Page name, ID, category, and access token (encrypted at rest with AES-256-GCM)
  • Sender profile names, usernames, and avatars from Messenger and Instagram DMs
  • Message content from inbound and outbound conversations
  • Instagram account ID and username linked to your Page
We use this data solely to display conversations inside PageCRM and to send replies on your behalf. We do not sell or share this data with third parties.

e. WhatsApp data

When you connect a WhatsApp instance via Evolution API, we store the instance credentials (encrypted) and conversation history to power your CRM inbox.

f. Usage data

Log data including IP address, browser type, pages visited, timestamps, and error reports, used for security and platform improvement.

g. Cookies & local storage

We use httpOnly cookies to store your authentication session. No third-party advertising cookies are used.

2. How We Use Your Information

  • Provide, operate, and improve the PageCRM platform
  • Send and receive messages on your connected Facebook Pages and Instagram accounts
  • Auto-create CRM contacts from inbound Messenger, Instagram DM, WhatsApp, and NFC enquiries
  • Deliver transactional emails and WhatsApp notifications triggered by your workflows
  • Generate AI-assisted summaries, notes, and responses using your CRM data
  • Ensure security, prevent fraud, and comply with legal obligations

3. Facebook & Meta Platform Data

PageCRM uses the Meta Graph API to enable Messenger and Instagram DM functionality. By connecting your Facebook Page, you authorise PageCRM to:

  • Read and send messages on your Page's behalf
  • Subscribe your Page to Meta webhooks to receive inbound messages in real time
  • Access basic profile information of people who message your Page

Data received from Meta is used exclusively within your PageCRM account. We do not use Meta user data to train AI models, serve ads, or share with any third party. You can disconnect your Facebook Pages at any time from Integrations — this also unsubscribes your Page from our webhooks and removes stored conversations.

Our use of data obtained from Meta APIs complies with the Meta Platform Terms and Meta Developer Policies.

4. Data Sharing & Disclosure

We do not sell your data. We may share data only in the following circumstances:

  • Service providers: Hosting (VPS), transactional email (Brevo/SMTP), file storage (Cloudinary), and AI inference providers — under strict data processing agreements
  • Legal requirements: If required by law, court order, or to protect our rights
  • Business transfer: In the event of a merger or acquisition, with notice to users

5. Data Retention

We retain your account data for as long as your account is active. Contact data, conversations, and workflow history are retained until you delete them or close your account. After account deletion, data is purged within 30 days except where retention is required by law.

Facebook and Instagram conversation data is deleted immediately when you disconnect a Page from PageCRM.

6. Security

We implement industry-standard security measures including:

  • AES-256-GCM encryption for all stored API keys and access tokens
  • HTTPS/TLS for all data in transit
  • bcrypt-hashed passwords
  • HMAC-SHA256 signature verification for all Meta webhooks
  • Role-based access control (user / admin / owner)

No security system is 100% impenetrable. If you discover a vulnerability, please contact us at sales@virtux.in.

7. Your Rights

You have the right to:

  • Access, correct, or delete your personal data
  • Export your contacts and conversation data
  • Withdraw consent for data processing at any time
  • Disconnect third-party integrations (Facebook, Instagram, WhatsApp) at any time
  • Request account deletion by contacting us

To exercise any of these rights, email us at sales@virtux.in.

8. Children's Privacy

PageCRM is not directed at children under 13. We do not knowingly collect personal information from children. If you believe a child has provided us with data, contact us and we will delete it promptly.

9. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users by email and post the updated policy at pagecrm.com/privacy with a revised effective date.

10. Contact Us

For privacy-related questions or requests, contact:

Virtux

Product: PageCRM

Email: sales@virtux.in

Website: pagecrm.com