Built for business owners. Run by operators.

Privacy Policy

Last updated: June 7, 2026

Back Office Solutions LLC (“BOS,” “we,” “us”) operates Vortex OS (the “Service”). This Privacy Policy describes how we collect, use, share, and protect personal information when you use the Service or the websites at vortexcrm.ai and app.vortexcrm.ai.

1. Information We Collect

  • Account info: name, email, phone, company, role.
  • Billing info: processed by Stripe; we store the customer ID, subscription status, amounts, and last 4 digits — never full card numbers.
  • Customer Data: records you upload (CRM leads, financials, marketing assets, documents) and AI conversation history within your workspace.
  • Integration data: when you connect QuickBooks, Google, Facebook, or other providers, we receive the data permitted by your authorization scope.
  • Usage data: log data, IP address, device/browser type, pages viewed, referring URL, UTM parameters, and feature usage telemetry.
  • Cookies: strictly necessary cookies for authentication; analytics and marketing cookies only where consent is granted.

2. How We Use Information

  • Provide, secure, and improve the Service.
  • Process payments and manage subscriptions.
  • Send transactional emails (account, billing, security, product notifications).
  • Provide customer support and respond to inquiries.
  • Detect, prevent, and respond to fraud, abuse, and security incidents.
  • Comply with legal obligations.

3. AI Processing

AI features process prompts and relevant Customer Data through trusted model providers under contractual confidentiality and no-training commitments. We do not sell Customer Data, and we do not allow AI providers to train foundation models on your Customer Data.

4. Sharing

We share information only with: (a) service providers under written agreement (hosting, email, analytics, payments); (b) integration providers you authorize; (c) law enforcement when legally required; and (d) successors in connection with a merger, acquisition, or asset sale (you will be notified).

5. Retention

Active account data is retained for the life of your subscription plus 30 days for export. Billing records are retained for 7 years for tax/audit compliance. Backup snapshots roll off within 90 days.

6. Your Rights

Depending on your jurisdiction (e.g., GDPR, CCPA, CPRA), you may have rights to access, correct, delete, port, or restrict processing of your personal information. Submit requests to privacy@vortexcrm.ai. You can also request account deletion at vortexcrm.ai/data-deletion.

7. Security

Data is encrypted in transit (TLS 1.2+) and at rest. Access is role-based and audited. MFA is required for administrative accounts. Report vulnerabilities to security@vortexcrm.ai.

8. Children

The Service is not directed to children under 16, and we do not knowingly collect their data.

9. International Transfers

Data may be processed in the United States. Where required, we rely on Standard Contractual Clauses or equivalent safeguards.

10. Changes

We will post material changes here and notify you by email at least 30 days before they take effect.

11. Contact

Back Office Solutions LLC · privacy@vortexcrm.ai