Privacy Policy

MicroCRM Last updated: 27 February 2026

1. Who We Are

MicroCRM ("we", "us", "our") is operated by Dead Level Ltd. This policy explains how we collect, use, and protect your personal data when you use the MicroCRM application and website.

Contact: privacy@thd.agency

2. What Data We Collect

Account Information

  • Name, email address, and password when you create an account
  • Business name and role
  • Billing information (processed securely by our payment provider, Paddle — we do not store your card details)

Lead and CRM Data

  • Lead contact information you enter into the system (names, emails, phone numbers, company names)
  • Google Click IDs (GCLIDs) and tracking parameters captured from your website forms
  • Lead status, sales stage progression, and conversion data
  • Notes and activity logs you add to lead records

Integration Data

  • Google Ads account data accessed via the Google Ads API (campaign performance, conversion data)
  • Data from other integrations you choose to connect

Usage Data

  • Device type, operating system, and browser information
  • App usage patterns and feature interactions
  • Crash reports and performance data

Cookies and Tracking

  • Essential cookies required for the application to function
  • Analytics cookies to help us improve the service (you can opt out)

3. How We Use Your Data

We use your data to:

  • Provide lead tracking and CRM functionality
  • Capture and store tracking parameters for attribution
  • Upload offline conversion data to Google Ads on your behalf
  • Generate reports on lead and campaign performance
  • Process payments and manage your subscription
  • Send important service communications
  • Improve our service quality
  • Respond to your support requests

We will never sell your personal data or your CRM data to third parties.

4. Your CRM Data

You own your CRM data. The lead information, conversion data, and tracking parameters stored in MicroCRM belong to you. We process this data solely to provide the Service. We do not access, analyse, or use your CRM data for any purpose other than delivering the functionality you have subscribed to.

5. Google Ads Integration

When you connect your Google Ads account, we access your account data via the Google Ads API in accordance with Google's API Terms of Service. We use this access to:

  • Upload offline conversion data from your CRM to your Google Ads account
  • Retrieve campaign performance data for reporting

We do not share your Google Ads data with any third parties. You can disconnect your Google Ads account at any time.

6. Legal Basis for Processing (UK/EU)

We process your data under the following legal bases:

  • Contract: To provide the service you have subscribed to
  • Legitimate interest: To improve our service and prevent fraud
  • Consent: For optional marketing communications and analytics cookies

For CRM data containing your customers' personal information, you are the data controller and we are the data processor acting on your instructions.

7. Data Sharing

We share data only with:

  • Paddle (payment processing — as Merchant of Record, Paddle is the seller and processes transactions under their own privacy policy)
  • Google (when you use the Google Ads integration, conversion data is sent to your Google Ads account)
  • Cloud hosting providers for secure data storage
  • Analytics providers for anonymised usage data

We do not share your CRM data with other MicroCRM users or any third parties beyond what is necessary to provide the Service.

8. Data Retention

  • Account data: Retained while your account is active, deleted within 90 days of account closure
  • CRM data: Retained while your account is active; you can delete individual records at any time and export all data before account closure
  • Billing records: Retained for 7 years as required by law

9. Your Rights

Under UK GDPR and EU GDPR, you have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your data ("right to be forgotten")
  • Export your data in a portable format
  • Restrict or object to certain processing
  • Withdraw consent at any time

To exercise any of these rights, contact us at privacy@thd.agency. We will respond within 30 days.

10. Data Processing Agreement

If you store personal data of EU/UK individuals in MicroCRM, we act as a data processor on your behalf. A Data Processing Agreement (DPA) is available on request for customers who require one.

11. Data Security

We implement appropriate technical and organisational measures to protect your data, including encryption in transit and at rest, access controls, regular security reviews, and secure handling of API credentials.

12. International Transfers

Your data may be processed outside the UK/EEA by our service providers. Where this occurs, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses.

13. Children

MicroCRM is a business tool not directed at children under 16. We do not knowingly collect data from children under 16.

14. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes via email or in-app notification. Continued use of the service after changes constitutes acceptance.

15. Contact and Complaints

For any privacy-related questions or concerns, contact us at privacy@thd.agency.

You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk if you are unhappy with how we handle your data.