Privacy Policy

The F* It Team, Inc., doing business as Effie (“Effie,” “we,” “us,” or “our”) provides an AI-powered smart CRM platform (the “Service”).

This Privacy Policy explains how we collect, use, disclose, and protect information when you use:

• Website: https://effieapp.ai
  
• Application: https://workspace.effieapp.ai
  

Contact: privacy@effieapp.ai
Address: 1700 S Lamar Blvd #338, Austin, Texas 78704, USA

California Notice at Collection (CCPA/CPRA)

This section provides “notice at collection” for California residents.

Categories of personal information we collect

Effie collects the following categories of personal information, depending on how you use the Service:

• Identifiers
  
  • Examples: name, email, phone number, mailing address (if provided)
    
• Internet or other electronic network activity information
  
  • Examples: IP address, device/browser information, session/authentication data, security events
    
• Commercial information
  
  • Examples: subscription plan, invoices, payment status
    
• Customer Data (business records stored in the CRM)
  
  • Examples: contacts/leads, property data, notes, contracts/files, communications content (such as SMS), and transcriptions
    

Purposes for collecting the categories above

We collect and use these categories for the purposes described in this policy, including to:

• provide and operate the Service (accounts, authentication, record storage)
  
• provide AI-powered CRM workflows (see “AI Features”)
  
• provide communications functionality (SMS/calling features through providers)
  
• process billing and subscriptions
  
• provide support and troubleshoot
  
• secure the Service and prevent fraud/abuse
  
• comply with law and protect rights and safety
  

Retention (at a glance)

• We generally retain information while your account is active.
  
• When you close your account, we delete Customer Data within 90 days, subject to limited exceptions (security, legal compliance, dispute resolution).
  
• We maintain backups for up to 60 days.
  

Do we “sell” or “share” personal information?

• We do not sell personal information.
  
• We do not share personal information for cross-context behavioral advertising by default.
  
• If we enable ad/tracking technologies (e.g., Meta/Facebook) that could be considered “sharing” for cross-context behavioral advertising, we will:
  
  • update this policy and this Notice at Collection, and
    
  • provide an opt-out mechanism (see “Do Not Sell or Share / Targeted Advertising Opt-Out”).
    

1) Who This Policy Applies To

This Privacy Policy applies to:

1. website visitors,
   
2. customers and users who create accounts and use Effie, and
   
3. individuals whose information is stored in Effie by our customers (e.g., leads, sellers, agents, vendors).
   
   

Customer Data vs. Account Data (Important)

Effie is a tool customers use to store and manage information about their own contacts and deals.

• “Customer Data”: information our customers upload to or process in the Service (e.g., contact records, property details, notes, messages, documents, and transcriptions).
  
• “Account Data”: information we collect to create and manage Effie accounts (e.g., admin info, security, billing status, agreement logs).
  

If you are an individual whose information is stored in a customer’s Effie account, we process your information on that customer’s instructions. To exercise rights for that data, contact the business that collected your information.

2) Information We Collect

A) Information you provide (Account Data)

We collect information you choose to provide, such as:

• name
  
• email
  
• phone number
  
• mailing address (if provided)
  
• communications with support
  

B) Agreement logs

When you accept Terms, Privacy Policy, or other agreements, we may log:

• IP address
  
• timestamp
  
• the agreement/version accepted
  
• account identifiers associated with acceptance
  

C) Information stored or generated in the Service (Customer Data)

Depending on how customers use Effie, Customer Data may include:

• contacts/leads (names, phone numbers, emails, addresses, tags, notes)
  
• property and deal records (addresses, property details, attachments, deal notes)
  
• contracts, documents, images, PDFs, and other files
  
• communication content (SMS and related metadata) and transcriptions where enabled through providers
  

D) Information from integrations and third parties

If customers connect integrations, we may receive information from those services to provide features. This may include:

• Dialpad and Twilio (calling/SMS features, delivery metadata, and content depending on configuration)
  
• Gmail / Google (email integration if enabled)
  
• Stripe (billing status, subscription identifiers)
  
• data sources/tools used for workflows (e.g., BatchLeads, RentCast (including via RapidAPI), Redfin, and others customers enable)

Totally—this is exactly what Google is looking for when they say “your privacy policy is improperly formatted / missing Google data disclosures.” (Google Help)

Here’s a drop-in section you can add to your existing Privacy Policy.

E) Additional Disclosures for Google User Data (Gmail / Google APIs)

When you connect Effie to Google services (such as Gmail or other Google APIs), we access and process certain Google user data to provide in-app features.

What Google data we access

Depending on the scopes you approve, this may include:

• Gmail data:
  
  • email headers (sender, recipients, subject, timestamps)
    
  • email body content and attachments, where needed to show messages in Effie or help you draft and send communications
    
• Google account identifiers:
  
  • basic profile or account identifiers necessary to link your Google account to Effie
    
• Other Google API data (if you enable it):
  
  • metadata or content from resources you explicitly select (for example, files or folders you choose to use with Effie)
    

We only access Google user data after you explicitly grant permission via Google’s OAuth consent screen.

How we use Google user data

We use Google user data only to:

• connect your Google account to Effie
  
• show, send, or organize your communications inside the Service (for example, displaying email threads in your CRM view or drafting emails on your behalf)
  
• support workflows you initiate (for example, logging communication history with contacts)
  
• maintain and improve the user-facing functionality of these integrations (such as reliability, performance, and usability)
  
  

We do not use Google user data to:

• build marketing profiles,
  
• perform credit-worthiness or lending decisions,
  
• train standalone models unrelated to providing or improving Effie’s user-facing features, or
  
• create or sell datasets to third parties.
  
  

How we share Google user data

We do not sell Google user data.

We do not share or transfer Google user data to third parties except:

• to service providers that help us operate Effie (for example, hosting and infrastructure providers), and only so they can perform services on our behalf, or
  
• where you explicitly direct us to (for example, sending an email to a recipient you choose).
  
  

We do not allow third parties to use Google user data for their own advertising or marketing purposes.

Data protection, retention, and deletion for Google user data

We protect Google user data using the same safeguards described in the Security and Data Retention sections of this policy, including encryption in transit and access controls.

In addition:

• We store Google OAuth tokens securely and restrict access to them.
  
• If you disconnect your Google account, we will stop requesting new data from Google for that connection.
  
• We retain any Google-sourced content stored as part of your Effie records (for example, logged emails) in line with our general data retention practices, and delete it when you delete your account or the associated records, subject to legal and security exceptions.
  
  

Compliance with Google policies

Our use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

If you’d like, next I can:

• weave in a one-liner near “Information from integrations and third parties” that explicitly calls out Gmail/Google again (helps the reviewer), and
  
• help you write the short “Google integration” description you’ll paste into the OAuth consent screen to match this language.
  

F) Cookies and similar technologies

We use cookies and similar technologies for essential functions (authentication, security, session management). If we enable advertising cookies later (e.g., Meta/Facebook), those will be described in “Cookies & Advertising,” and you will have choices where required.

3) How We Use Information

We use information to:

1. provide and operate the Service (accounts, authentication, collaboration, record storage)
   
2. provide AI-assisted CRM workflows (see AI section)
   
3. deliver communications functionality (SMS/calling features through providers)
   
4. process subscriptions and billing administration
   
5. provide support and troubleshoot
   
6. secure the Service (fraud prevention, abuse detection, enforcing terms)
   
7. comply with law and protect rights and safety
   

4) AI Features (Core to Effie)

Effie is an AI-powered CRM. Using the Service means AI processing is part of the product experience.

What we send to AI providers

Effie may send Customer Data and user content to AI providers (including OpenAI) to provide features such as:

• summarizing notes and deal history
  
• drafting messages
  
• extracting structured info from documents
  
• summarizing transcriptions
  

This can include property data, notes, and transcriptions and other content that users store in the Service.

Opt-out

There is no opt-out from AI processing inside Effie. Using the Service is opting in.

No automated “high-impact” decisions

Effie’s AI features assist users. Effie does not use AI to make automated decisions with legal or similarly significant effects (e.g., credit, employment, housing eligibility).

OpenAI data use (Effie → OpenAI)

We use OpenAI via its API to process inputs and return outputs. OpenAI states that API data is not used to train models by default, and that OpenAI may retain API inputs/outputs for up to 30 days for abuse monitoring (unless legally required to retain longer), with Zero Data Retention available for some eligible use cases/endpoints. See OpenAI’s documentation for details.

5) How We Disclose Information

We disclose information:

A) To service providers (“processors”)

We use vendors to run Effie. These vendors may process information only to provide services to us and our customers. Examples include:

• AWS (hosting, storage, infrastructure)
  
• Retool (application platform services used to deliver parts of the Service)
  
• Stripe (payments/subscriptions)
  
• Dialpad and Twilio (calling/SMS and related functionality)
  
• Gmail / Google (email integration where enabled)
  
• OpenAI (AI processing)
  
• RapidAPI, RentCast, BatchLeads, Redfin, and similar providers when enabled by customers
  
• other vendors used for security and operations (as needed)
  

B) For legal, safety, and compliance

We may disclose information if we believe it is reasonably necessary to:

• comply with law or lawful requests
  
• enforce our terms and policies
  
• detect/prevent fraud, abuse, or security incidents
  
• protect rights, safety, and security of Effie, our customers, or others
  

C) Business transfers

If we’re involved in a merger, acquisition, financing, reorganization, bankruptcy, or sale of assets, information may be transferred as part of that transaction.

D) With your instructions

We disclose information when customers direct us to (e.g., enabling integrations, adding team members, exporting records, sending messages).

We do not sell personal information.

6) Cookies & Advertising

Essential cookies

We use essential cookies for:

• login and session management
  
• security and fraud prevention
  
• core site/app functionality
  

Advertising (Meta/Facebook) — if enabled

We may enable advertising/remarketing tools (including Meta/Facebook) in the future. If enabled, these tools may involve cookies or similar technologies and may constitute “sharing” for cross-context behavioral advertising under certain laws.

When advertising is enabled, we will provide:

• a Cookie Preferences control, and
  
• an opt-out mechanism described below.
  

7) Do Not Sell or Share / Targeted Advertising Opt-Out

If we enable targeted advertising or “sharing” as described above, you can opt out via:

• Cookie Preferences: [INSERT_COOKIE_PREFERENCES_LINK]
  
• Do Not Sell or Share My Personal Information: [INSERT_DNS_LINK]
  

We also will honor opt-out preference signals where required by applicable law.

8) Data Retention

• We keep information while an account is active to provide the Service.
  
• When you close your account, we delete Customer Data within 90 days, unless we must retain certain information for legal, security, or dispute-resolution purposes.
  

Backups

We maintain backups for up to 60 days.

9) Security

We maintain safeguards designed to protect information, including:

• encryption in transit (TLS)
  
• encrypted storage of sensitive integration keys/tokens
  
• access controls and least-privilege permissions
  
• monitoring/logging and operational security practices
  
• multi-factor authentication (MFA) is required for account access
  

No method of transmission or storage is completely secure. You are responsible for maintaining the confidentiality of your credentials.

10) U.S. State Privacy Rights Addendum

Effie is intended for users in the United States (all 50 states).

Depending on your state, you may have rights to:

• access personal information
  
• correct inaccurate personal information
  
• delete personal information (subject to exceptions)
  
• data portability (receive a copy in a usable format)
  
• opt out of certain processing, including targeted advertising, and in some cases “sale” or “sharing,” as defined by law
  
• non-discrimination for exercising privacy rights
  

How to submit a request

Email privacy@effieapp.ai or use: [INSERT_PRIVACY_REQUEST_FORM_LINK]

Verification

We may need to verify your identity before fulfilling a request. If you have an account, we typically verify through your account or email address.

Appeals (where applicable)

If we deny your request, you may appeal by replying to our decision email or emailing privacy@effieapp.ai with the subject line “Privacy Request Appeal.”

If you are a contact stored in a customer’s Effie account

We act as a service provider/processor for our customers. Please contact the business that collected your information to exercise rights related to Customer Data.

11) International Processing

Effie is intended for U.S. customers, but our vendors may process data in the United States and other locations where they operate. If you access the Service from outside the U.S., your information may be processed internationally.

12) Age Requirement

Effie is intended for adults. You must be 18 or older to use the Service. We do not verify age by collecting birthdates.

13) Changes to This Policy

We may update this Privacy Policy from time to time. If we make material changes, we will post the updated policy and update the “Last updated” date above.

14) Contact Us

Effie (The F It Team, Inc. d/b/a Effie)*
1700 S Lamar Blvd #338
Austin, Texas 78704
United States

Email: privacy@effieapp.ai