Privacy Policy

How we protect your data and comply with privacy regulations worldwide

Quick Navigation

Multi-Jurisdiction ComplianceData EncryptionZero Data SellingGDPR ComplianceYour Privacy RightsContact Data ProcessingScheduled Message Delivery

Multi-Jurisdiction Privacy Compliance

Suite Circle complies with privacy laws across major jurisdictions worldwide

Our privacy-by-design architecture ensures compliance without requiring region-specific implementations. We meet or exceed privacy standards in:

European Union

  • ✓ GDPR (General Data Protection Regulation)
  • ✓ ePrivacy Directive (Cookie Law)

United States

  • ✓ CCPA/CPRA (California)
  • ✓ State Privacy Laws (VA, CO, CT, UT)
  • ✓ COPPA (Children's Privacy)

Americas

  • ✓ PIPEDA (Canada)
  • ✓ LGPD (Brazil)

Asia-Pacific

  • ✓ APPI (Japan)
  • ✓ Privacy Act 1988 (Australia)

Data Encryption & Security

Military-grade encryption protects your data at rest

AES-256 Encryption

All sensitive data (contact details, notes, phone numbers, scheduled messages) is encrypted at rest using AES-256 encryption—the same standard used by governments and military organizations.

What This Means for You

  • Data breach protection: Even if our database is compromised, your data is unreadable without encryption keys
  • Per-user isolation: Your data lives in a tenant-isolated database, completely separated from other users
  • Staff cannot access: Even Suite Circle staff cannot read your encrypted data
  • GDPR advantage: Encrypted data may not require breach notification if keys aren't compromised

Additional Security Measures

  • HTTPS encryption for all data in transit
  • Secure message queue encryption (scheduled messages)
  • Authentication via Clerk with MFA support
  • Session security and access controls

Zero Data Selling Guarantee

Your data is never sold, shared, or monetized

Our Commitment

Suite Circle will never sell your data, show intrusive ads, or create social graphs. We don't track how often you visit, how long you stay, or what you click.

What We Don't Do

  • No data selling: Your contact details, notes, and personal data are never sold or shared with third parties
  • No tracking: No analytics companies, no data brokers, no invisible trackers
  • No ads: No banners, no popups, no algorithmically targeted advertising
  • No social graphs: No network effects, no follower counts, no social comparison
  • No engagement metrics: We don't track how often you visit or how long you stay

CCPA/CPRA Compliance: Under California law, you have the right to opt-out of data selling. At Suite Circle, this right is built-in—we never sell data, so there's nothing to opt-out of.

GDPR Compliance

Full compliance with European data protection regulation

Suite Circle complies with all GDPR requirements through:

  • Data minimization: We only collect essential data (Article 5(1)(c))
  • Purpose limitation: Data used only for stated purposes (Article 5(1)(b))
  • Storage limitation: User-configurable retention controls (Article 5(1)(e))
  • Integrity & confidentiality: AES-256 encryption at rest (Article 5(1)(f))
  • Accountability: Full documentation and audit trails (Article 5(2))
  • Privacy by Design: Built-in from day one (Article 25)

The Contact Data Challenge

When you store someone's birthday in Suite Circle, they never consented to be in our database. Under GDPR, we rely on legitimate interest (Article 6(1)(f)) as the lawful basis—similar to keeping a paper address book or personal diary.

You are the data controller for your contacts. If a contact asks to be removed, you can delete them immediately from your Suite Circle account.

Your Privacy Rights

Full control over your personal data

Under GDPR, CCPA, and other privacy laws, you have the following rights:

Right to Access

Export all your data (contacts, dates, notes, interaction history) in JSON or CSV format via Settings → Privacy → Download Data

Right to Rectification

Update your data directly in the app—you have full control over all contacts and notes

Right to Erasure

Delete your account and all data via Settings → Privacy → Delete Account. Deletion is immediate and permanent—no 30-day grace period holding your data

Right to Data Portability

Export your data in machine-readable formats (JSON, CSV, vCard) to transfer to other services

Right to Object

Object to specific data processing—you can disable features or delete your account if you disagree with how we process data

Scheduled Message Delivery

How scheduled messages work and your responsibilities as a sender

5.1 You Are the Sender

When you use Suite Circle's scheduled message feature, you are the sender of those messages. Suite Circle acts as infrastructure to deliver messages you have composed and scheduled. Your name (or your configured Twilio number) identifies you to recipients.

5.2 Your Responsibilities

By using the scheduled message feature you warrant that:

  • You have the right to contact each recipient
  • Your contacts have consented to receive communications from you
  • You will not use the service to send spam, marketing, or unsolicited messages
  • You are responsible for compliance with applicable laws in your jurisdiction, including the Telephone Consumer Protection Act (TCPA), GDPR, and local telecommunications regulations

5.3 Recipient Opt-Out

Recipients may reply STOP to any SMS to opt out of future messages. Suite Circle honours these requests automatically by flagging the contact record. You may also manually exclude any contact from automated messaging via the contact's settings page.

5.4 No Marketing Use

Suite Circle is designed for personal relationship maintenance, not commercial messaging. Use of the scheduled message feature for marketing, advertising, or commercial solicitation is prohibited and may result in account suspension.

Questions about privacy?

Contact us at privacy@suitecircle.com