1. Introduction

Innexum OÜ (“Innexum,” “we,” “us,” or “our”) respects your privacy. This Privacy Policy explains how we handle information when you use our conversation export service (“Service”).

Company Details:

• Legal Name: Innexum OÜ
• Address: Harju maakond, Kuusalu vald, 74626, Estonia
• Contact: innexumtech@gmail.com

2. Information We Collect

2.1 Authentication Data:

• We collect only the minimum authentication credentials necessary to access your CRM account
• This includes encrypted SSO tokens provided by your CRM system
• No passwords are stored by our Service

2.2 Export Parameters:

• Date ranges for exports
• Selected conversation channels (SMS, Email, WhatsApp, etc.)
• Optional contact ID filters

2.3 Technical Data:

• Processing logs for system monitoring and error detection
• Performance metrics for service optimization

3. How We Use Your Information

We use collected information solely to:

• Authenticate your access to the Service
• Process your export requests
• Monitor system performance and detect errors
• Provide customer support

4. Data Storage & Retention

4.1 Temporary Processing:

• Exported CSV files are stored temporarily on AWS servers during processing
• Files are automatically and permanently deleted immediately after you access the download link
• Typical storage duration: minutes to hours, depending on processing time

4.2 No Long-Term Storage:

• We do not retain copies of your exported conversation data
• Authentication tokens are used only for the duration of the export process
• Processing logs are retained only for technical troubleshooting purposes

5. Data Security

5.1 Encryption:

• All data transmissions are encrypted using TLS/SSL protocols
• Authentication data is encrypted using AES-256 encryption
• AWS infrastructure provides enterprise-grade security

5.2 Access Controls:

• Only authorized administrator users can initiate exports
• Access to our systems is strictly limited to necessary personnel
• All activities are monitored through AWS CloudWatch

6. Data Sharing & Third Parties

6.1 No Selling of Data:

• We never sell, rent, or trade your data to third parties

6.2 Service Providers:

• Amazon Web Services (AWS) – for hosting and file storage infrastructure
• Your CRM system – for authentication and data retrieval

6.3 Legal Requirements:

• We may disclose information if required by law or to protect our legal rights

7. Your Rights

7.1 Automatic Deletion:

• All exported data is automatically deleted after you access the download link
• No action is required from you to request data deletion

7.2 Access to Information:

• You may request information about what data we process by contacting innexumtech@gmail.com
• Note: Due to automatic deletion, we typically have minimal data to provide

7.3 Data Portability:

• The nature of our Service is to provide you with portable data (CSV exports)
• You receive your data directly through the export process

8. Compliance & Legal Basis

8.1 Data Protection:

• Our Service processes data under the legal basis of contract fulfillment
• Compliance with data protection regulations (GDPR, etc.) is your responsibility as the data controller
• We act as a data processor, executing your instructions to export data

8.2 CRM System Compliance:

• Your CRM system is responsible for compliance with applicable data protection laws
• We rely on your CRM’s authentication and authorization mechanisms

9. International Data Transfers

Data may be processed on AWS servers in various regions. AWS complies with applicable data transfer regulations and provides appropriate safeguards.

10. Children’s Privacy

Our Service is not intended for users under 18 years of age. We do not knowingly collect information from children.

11. Cookies & Tracking

Our Service does not use cookies or tracking technologies. We process only the data necessary to complete your export requests.

12. Changes to Privacy Policy

We may update this Privacy Policy periodically. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Data Breach Notification

In the unlikely event of a data breach affecting your information, we will notify you within 72 hours as required by applicable law.

14. Contact & Complaints

For privacy inquiries:
Email: innexumtech@gmail.com

For complaints:
You have the right to lodge a complaint with the Estonian Data Protection Inspectorate or your local data protection authority.

15. Definitions

• Data Controller: The entity (you/your organization) that determines the purposes and means of processing personal data
• Data Processor: Innexum OÜ, which processes data on behalf of the data controller
• Personal Data: Any information relating to an identified or identifiable natural person