Friend CRMfrndcrm.com

Privacy Policy

Last updated: March 11, 2026

Overview

Friend CRM (“we”, “our”, or “us”) is a personal relationship management tool that helps you stay in touch with the people who matter to you. This policy explains what data we collect, how we use it, and your rights regarding that data.

Information We Collect

Account information

When you sign up, we collect your email address and a hashed password. We never store your password in plain text.

Contact data you enter

Any information you add about your friends — names, phone numbers, emails, birthdays, notes, addresses, and interaction history — is stored securely and associated with your account only.

Google Contacts (optional)

If you choose to connect your Google account, we request read-only access to your Google Contacts via the Google People API. We use this data solely to import contact information into your Friend CRM account. We store an OAuth access token and refresh token to perform this import. We do not share your Google contact data with any third party and do not retain the raw Google API response beyond the import operation.

How We Use Your Data

  • To provide and operate the Friend CRM service
  • To send reminder emails you have configured
  • To import contacts from Google when you explicitly request it
  • To authenticate your account securely

We do not sell your data, use it for advertising, or share it with third parties except as necessary to operate the service (e.g., email delivery via AWS SES).

Google API Data

Friend CRM's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically: data obtained through the Google People API is used only to populate your contact list within Friend CRM. It is not transferred to other apps, used for serving ads, or used for any purpose unrelated to the feature you requested.

Data Retention & Deletion

Your data is retained for as long as your account is active. You may delete individual contacts or your entire account at any time. To request full account deletion, contact us at the email below and we will permanently delete all your data within 30 days.

Security

We use industry-standard security practices including encrypted connections (HTTPS), hashed passwords, and restricted database access. However, no system is perfectly secure and we cannot guarantee absolute security.

Third-Party Services

We use the following third-party services to operate Friend CRM:

  • Amazon Web Services (SES) — for sending reminder emails
  • Google People API — for optional contact import (only when you connect your Google account)

Changes to This Policy

We may update this policy from time to time. Material changes will be communicated via email or a notice on the site. Continued use of Friend CRM after changes constitutes acceptance of the updated policy.

Contact

Questions or requests regarding your data can be sent to josh@joshfinnie.com.