Sirius Admin CRMPrivacy Policy
How Sirius Admin CRM collects, uses, protects, and gives you control over your personal data. Aligned with Google Play Policy, India DPDP Act 2023, and GDPR principles.
Information We Collect
Sirius Admin CRM collects only the minimum information necessary to deliver our services to your business. We are transparent about what we collect and why.
- Full Name — to identify users within the CRM system
- Mobile / Contact Number — for authentication and call features
- Email Address — for account management and service communications
- Business / Company Name — to support multi-user CRM environments
With your explicit permission, the app may read device contacts to:
- Display and link contacts within the CRM customer management module
- Enable click-to-call functionality from the contact directory
- Synchronize customer profiles with your phonebook (only with consent)
As a dialer-enabled CRM, we monitor call metadata for operational purposes:
- Outgoing and incoming call phone numbers
- Call status: initiated, connected, missed, ended
- Call timestamps and duration (for CRM activity logging)
- Call outcome tags added by the agent
- Device model, operating system version, and Android version
- App version and crash/error logs (for debugging only)
- Network type (WiFi / Mobile Data) for performance diagnostics
- App usage patterns and performance telemetry (anonymized)
- Feature interactions (buttons tapped, screens visited) — anonymized
- Session length and app open frequency
- Error events and performance metrics
How We Use Your Information
All data collected is used strictly for the purpose of delivering, maintaining, and improving the Sirius Admin CRM experience. We do not use your data for advertising, profiling, or sale to any third party.
Legal Basis for Processing
In compliance with the EU General Data Protection Regulation (GDPR) and India's Digital Personal Data Protection Act, 2023 (DPDP Act), we rely on the following legal grounds to process your personal data:
Permissions Usage Explanation
The following Android permissions are requested by Sirius Admin CRM. Each is required for a specific, justified business function. You may revoke any permission at any time via your device's app settings.
| Permission | Classification | Justification |
|---|---|---|
| CALL_PHONE | Sensitive | Enables agents to initiate outbound calls directly from CRM contact profiles without leaving the app. |
| READ_PHONE_STATE | Sensitive | Monitors call state transitions (ringing, connected, ended) to auto-log call activities in the CRM. |
| READ_CONTACTS | Sensitive | Reads device phonebook to display and match contacts within the CRM customer management module. |
| CAMERA | Normal | Allows agents to capture on-site images (e.g., delivery confirmations, site visits) and attach to customer records. |
| POST_NOTIFICATIONS | Normal | Sends real-time push alerts for follow-up reminders, new assignments, and CRM activity updates. |
| INTERNET | Normal | Mandatory for syncing CRM data with cloud servers and real-time updates. |
| RECEIVE_BOOT_COMPLETED | Normal | Restores notification listeners and background sync after device restart. |
Data Sharing & Third Parties
We do not sell, rent, or trade your personal data to any third party for marketing, advertising, or commercial purposes — ever.
Limited data sharing occurs only in the following circumstances, strictly necessary for service delivery:
- Google Firebase — Cloud database, authentication, and push notification delivery. Firebase processes data under Google's Data Processing Addendum.
- Cloud Hosting Providers — Encrypted server infrastructure for CRM data storage, hosted in compliant data centers.
- Crash reporting and performance analytics tools receive only anonymized, aggregated data with no personally identifiable information.
- No behavioral profiling or advertising IDs are shared with analytics providers.
- We may disclose data if required by a valid court order, statutory obligation under Indian law, or to protect the rights and safety of users.
- We will notify affected users of any such disclosure where legally permissible.
Data Security
Sirius Admin CRM employs industry-standard safeguards to protect your personal information from unauthorized access, disclosure, alteration, or destruction.
Data Retention
We retain your personal data only for as long as it is necessary to fulfill the purposes described in this policy, or as required by applicable law.
| Data Category | Retention Period | Notes |
|---|---|---|
| Account & Profile Data | Duration of account + 90 days | Deleted upon verified account deletion request |
| CRM Activity Logs | Duration of account + 90 days | Includes call logs, notes, follow-up records |
| Call Metadata | Up to 2 years | No audio stored; only timestamps, duration, status |
| Usage Analytics | 12 months (anonymized) | No PII in analytics data |
| Crash & Error Logs | 90 days | Used solely for debugging and app improvements |
| Legal / Compliance Records | As required by applicable law | Minimum 5 years under IT Act obligations |
Your Rights & Data Control
Under the India DPDP Act 2023 and GDPR principles, you have the following rights regarding your personal data. These rights are enforceable and we will respond within 30 days of a valid request.
Email: tech@siriusjewels.com with subject line: "Data Rights Request — [Your Request Type]"
Include: your registered email address, account name, and a brief description of your request. We will verify your identity before processing.
Children's Privacy
We do not knowingly collect, process, or store personal information from children under the age of 13 (or under 18 where higher age restrictions apply under local law). If we become aware that personal data of a minor has been collected without verified parental consent, we will delete such data immediately.
If you believe a minor has inadvertently submitted data through our application, please contact us immediately at tech@siriusjewels.com and we will take prompt corrective action.
Third-Party Services
The Sirius Admin CRM application integrates the following third-party services to deliver its core functionality. These services operate under their own independent privacy policies:
| Service | Purpose | Privacy Policy |
|---|---|---|
| Google Firebase | Authentication, database, push notifications | firebase.google.com/support/privacy |
| Firebase Crashlytics | Anonymized crash reporting & diagnostics | firebase.google.com/support/privacy |
| Google Play Services | App distribution, security updates | policies.google.com/privacy |
Policy Updates
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will:
- Post the updated policy within the application with a revised 'Effective Date'
- Send an in-app notification or email alert to registered users for significant changes
- Provide a minimum of 7 days' notice before material changes take effect
- Obtain fresh consent where required by law for new processing activities
Continued use of Sirius Admin CRM after the effective date of any update constitutes acceptance of the revised policy.
Contact & Grievance Officer
For any privacy-related queries, data requests, or concerns — including those under India's DPDP Act — please contact our Data Controller: