At myday, we take your privacy seriously. This policy explains what data we collect, why we collect it, and how we protect it.
Information We Collect
Account Information
When you sign up, we collect your email address and password (encrypted). If you sign up via Google or Microsoft, we receive your name and email from those providers.
CRM Data
We store the data you enter into myday: contacts, leads, deals, notes, activities, and file attachments. This data belongs to you and your organization.
Optional Integrations
If you enable external integrations (such as email providers), we only access the data necessary for the integration you turned on. We do not read, analyze, or share message content for unrelated purposes.
Usage Data
We collect basic usage information to improve our service: pages visited, features used, and error logs. We do not sell this data or use it for advertising.
Interactive Demo
If you access our interactive demo, we collect your email address to create a temporary demo account. Demo sessions expire after 7 days. During the demo, we track which pages you view and features you explore to understand how to improve our product. Demo users have read-only access to sample data and cannot modify or access real customer information.
How We Use Your Data
- To provide and maintain the myday service
- To power optional integrations you enable in your workspace
- To send transactional emails (password resets, billing receipts)
- To respond to support requests
- To improve our product based on usage patterns
Data Security
Your data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use enterprise-grade, SOC 2 Type II certified infrastructure. Passwords are hashed using bcrypt. OAuth tokens for email integrations are encrypted before storage.
Data Retention
We retain your data for as long as your account is active. If you delete your account, we delete all associated data within 30 days. Backups are purged within 90 days. Demo accounts and their associated session data are automatically deleted after 7 days of inactivity.
Third-Party Services
We use carefully selected third-party services to operate myday:
- Payment processing — Your payment information is handled by our PCI DSS Level 1 certified payment processor. We never store your credit card details.
- Optional integrations — When enabled, approved third-party providers process only the data needed for that integration.
All our service providers are bound by data processing agreements and maintain enterprise security certifications.
Your Rights
You have the right to:
- Access your data (export via CSV)
- Correct inaccurate data
- Delete your account and all associated data
- Manage or disconnect integrations at any time
Cookies
We use essential cookies only for authentication and session management. We do not use tracking cookies or third-party advertising cookies.
Changes to This Policy
We may update this policy from time to time. We'll notify you of significant changes via email or an in-app notification.
Contact Us
Questions about privacy? Email us at support@mydaycrm.com