Privacy Policy

1. Overview

Iron Digital MI ("we," "us," or "our") operates the Iron Digital MI Business Suite, a customer relationship management and business operations platform. This Privacy Policy describes how we collect, use, and protect information when you use our services.

By accessing or using our platform, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Account Information. When you create an account, we collect your name, email address, and password credentials.

Business Data. We store the contact records, pipeline entries, follow-up notes, and other business data you enter into the platform. This data belongs to you.

Usage Data. We may collect information about how you interact with the platform, including log data, browser type, pages visited, and timestamps. This helps us improve reliability and performance.

Communications. If you contact us for support, we retain those communications to resolve your issue and improve our service.

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and maintain the platform
• Send follow-up and notification emails on your behalf
• Authenticate your identity and secure your account
• Respond to support requests
• Monitor and analyze usage to improve the platform
• Comply with legal obligations

We do not sell your data to third parties. We do not use your business contact data for our own marketing purposes.

4. Data Storage and Security

Your data is stored on Supabase infrastructure, which provides encrypted storage and industry-standard security practices. We use service-role keys server-side only and do not expose database credentials to the client.

While we take reasonable measures to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

5. Third-Party Services

We rely on the following third-party providers to operate the platform:

• Supabase — database, authentication, and file storage
• Resend — transactional email delivery
• Vercel — application hosting and deployment
• Google — optional OAuth sign-in

Each provider has their own privacy policy and data handling practices. We share only the minimum data necessary for each service to function.

6. Your Rights

You have the right to:

• Access the personal data we hold about you
• Request correction of inaccurate data
• Request deletion of your account and associated data
• Export your business data at any time

To exercise any of these rights, contact us at the email below.

7. Data Retention

We retain your account and business data for as long as your account is active. If you close your account, we will delete your data within 30 days unless we are required by law to retain it longer.

8. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Continued use of the platform after changes constitutes acceptance of the updated policy.

9. Contact

For questions or concerns about this Privacy Policy, contact us at: