Privacy policy

crumm crm is a service of Cyber Inc B.V.

1. Introduction

This privacy policy explains how Cyber Inc B.V. (“we”) handles personal data within the crumm crm service. We respect the privacy of all our users and ensure that the personal data we process is handled carefully and in accordance with applicable laws and regulations (GDPR).

2. Data controller

Cyber Inc B.V.
[Address details]
Chamber of Commerce: [number]
E-mail: privacy@crumm.nl

3. Which data do we process?

• Account data: name, e-mail address, company name, password (encrypted), login data.
• Billing data: company details, address, VAT number, payment details.
• Usage data: logins, support tickets, usage statistics (anonymous where possible).
• CRM data you enter yourself: contacts, deals, quotes, orders, notes and all other information you store in crumm crm.

Please note: you are responsible for the accuracy of the data you enter into crumm crm, including personal data of your customers, employees or relations.

4. Purposes of processing

• Providing and maintaining the crumm crm service.
• Facilitating customer management and communication.
• Handling payments and invoicing.
• Providing support and answering questions.
• Improving the service, including through usage statistics.
• Complying with legal obligations.

5. Legal basis

We process personal data on the basis of:

• Performance of the agreement (providing crumm crm).
• Legal obligations (for example tax retention rules).
• Legitimate interest (such as improving our services).
• Consent (where applicable, for example newsletters).

6. Retention periods

We do not retain personal data longer than necessary. Account and CRM data is retained as long as your account is active. After cancellation we delete the data within 90 days, unless we are legally required to keep it longer (for example invoices: 7 years).

7. Sharing with third parties

We never sell your data. We only share data with:

• Processors who provide services on our behalf (hosting, e-mail, payment provider).
• Public authorities if required by law or court order.

We conclude data processing agreements with all processors in accordance with the GDPR.

8. Security

We take appropriate technical and organisational measures to protect personal data against loss or unlawful processing. Examples include encrypted storage, access control, logging and monitoring, regular backups and security testing. Read more on our security page.

9. Your rights

Under the GDPR you have the right to:

• Access your personal data.
• Rectify or delete your data.
• Restrict processing.
• Data portability.
• Object to the processing of your data.

You can exercise these rights by sending a request to privacy@crumm.nl. We respond within 30 days.

10. Complaints

Do you have a complaint about how we handle your data? Contact us via privacy@crumm.nl. If we cannot resolve it, you have the right to lodge a complaint with your local data protection authority.

11. Changes

We may update this privacy policy. We recommend checking it regularly. If there are material changes, we will notify you by e-mail or in the application.

Last updated: 24-03-2026