Privacy Policy

This Privacy Policy explains how KroLead ("we", "us", "our") collects, uses, stores, and protects information when you use the KroLead Android app and related services.

KroLead is a business CRM for Team Business organizations with employee accounts, role-based access, and organization workspaces.

CallPilot features are intended for business users working inside an organization workspace. Access to those features depends on account role, workspace settings, and user consent.

1. Who we are

• Product: KroLead
• Contact email: krolead@gmail.com
• Support phone: +91 87002 40515

2. Scope

This policy applies to the KroLead app, cloud sync, backup, and payment workflows integrated in the app. It does not apply to third-party apps or sites you open from KroLead (such as dialer, WhatsApp, browser, or payment pages).

3. Information we collect

A. Information you provide

• Account/workspace data: name, email, phone, role, organization details
• CRM data: leads, follow-ups, tasks, notes, pipeline stages, products, tags, conversation entries
• Business profile data: business name, contact details, address, website, logo
• Support data: messages and details shared with support

B. Information collected automatically

• Device/app diagnostics: app version, device model, OS, language, timestamps
• Crash logs: technical crash diagnostics (Firebase Crashlytics)
• Security/session metadata: tokens and session status for authentication and sync

C. Information from integrations

• Payments: order/payment identifiers and status from Razorpay
• Drive backup: Google account authorization and backup file metadata if enabled by user

4. Permissions we request and why

KroLead requests permissions only for enabled features. Sensitive permissions are requested in context (for example, when user enables CallPilot), not at app startup.

Permission	Purpose
READ_CALL_LOG	Used by CallPilot in organization workspaces to map business calls to CRM leads and support post-call follow-up workflows inside the app. Not used for advertising, profiling, or sale of data.
READ_PHONE_STATE	Detect call state changes for pre/post-call CRM workflows.
READ_CONTACTS	Help identify and map contacts in call-related CRM workflows.
CALL_PHONE	Enable direct call actions initiated by user from within CRM screens.
SYSTEM_ALERT_WINDOW	Show CallPilot pre-call/post-call overlay dialogs when enabled by user.
POST_NOTIFICATIONS	Send reminders, follow-ups, and reliability/service notifications.
RECEIVE_BOOT_COMPLETED	Restore reminders/background schedules after device restart.
FOREGROUND_SERVICE	Run user-visible background operations required for reliability.
REQUEST_IGNORE_BATTERY_OPTIMIZATIONS	Optional reliability improvement on restrictive OEM battery settings.
USE_BIOMETRIC	Biometric app lock if user enables it.
INTERNET, ACCESS_NETWORK_STATE, VIBRATE, WAKE_LOCK	Connectivity, sync, notifications, and app reliability operations.

You can manage permissions in Android Settings. If a permission is denied, the related feature may be disabled or limited.

5. Call Log and CallPilot Compliance

• CallPilot permissions are requested only when a user explicitly enables CallPilot.
• If a sensitive permission is denied, CallPilot remains disabled or limited for that user.
• Call data is used only for CRM operations such as lead mapping and follow-up context.
• We do not sell call data and do not share call data for ad targeting.

6. How we use information

• Provide CRM workflows and account functionality
• Authenticate users and secure workspaces
• Sync/restore workspace data across devices
• Support call-to-lead workflows (CallPilot) when enabled
• Send follow-up/reminder notifications
• Diagnose issues, improve reliability, and prevent abuse
• Meet legal/compliance obligations

We do not sell personal data. We do not use call data for advertising profiling.

7. Data sharing

We share data only with service providers needed to run KroLead:

• Supabase (authentication, database, sync)
• Firebase Crashlytics (crash diagnostics)
• Razorpay (payment status)
• Google APIs / Drive (optional backup)

We may disclose data if required by law, legal process, or to protect rights and security.

8. Data retention and deletion

We retain data while the account/workspace is active and as needed for service continuity, security, and legal obligations. Data no longer required is deleted or anonymized where feasible.

To request account/workspace deletion, contact krolead@gmail.com from your registered email, or use Delete Account Request.

9. Security

We apply reasonable technical and organizational safeguards to protect data. No method of transmission or storage is 100% secure.

10. Your choices and rights

Depending on applicable law, you may request access, correction, deletion, portability, or objection to processing. You may also withdraw optional permission consent anytime in device settings.

11. International transfers

Your data may be processed in regions where our providers operate. We apply safeguards as required by applicable law.

12. Children

KroLead is not directed to children under the applicable minimum age and is intended for business use.

13. Changes to this policy

We may update this policy periodically. The "Last updated" date above reflects the latest revision.

14. Contact us