CrudeDesk™
Sign Up

Privacy Policy

How CrudeDesk™ collects, uses, and protects your information

Effective Date: April 10, 2026
Last Updated: April 10, 2026

CrudeDesk™ is operated by Pivoten LLC, an Indiana limited liability company (collectively, "CrudeDesk™," "we," "us," or "our"). We provide the CrudeDesk™ platform and related online services (collectively, the "Service"). This Privacy Policy explains what information we collect, how we use and share it, and the choices available to you. By using the Service, you agree to the practices described in this policy.

1. Information We Collect

1.1 Account Information

When you create an account or are added as a user by your organization, we may collect:

  • Full name and email address
  • Company or organization name
  • Job title or role within the organization
  • Phone number (optional, used for account verification)
  • Account configuration and preference settings

1.2 Customer Data

The Service allows you and authorized users to submit, upload, store, and share information in the course of using its features. This may include text, files, images, records, measurements, and other operational or business data (collectively, "Customer Data"). Customer Data is processed on behalf of the organization that controls the relevant account.

1.3 Location Data (Where Applicable)

Certain features of the Service may collect location data from devices used by authorized users (such as GPS coordinates, timestamps, and related metadata). Where these features are enabled by a customer organization, location data is transmitted to the Service and stored in association with relevant records for operational and reporting purposes. The customer organization is responsible for obtaining all necessary consents from individuals whose location is collected, in compliance with applicable employment and privacy laws.

1.4 Payment Information

We use a third-party payment processor to handle subscription billing. When you subscribe to a paid plan, the payment processor collects your credit card or bank account details directly. We do not store full payment card numbers on our servers. We receive from the payment processor only limited billing information such as your billing name, address, the last four digits of your card number, and transaction history for your account. The payment processor's handling of your payment data is governed by its own privacy policy.

1.5 Usage and Technical Data

We automatically collect certain technical information when you interact with the Service:

  • Log data including IP address, browser type and version, operating system, referring URLs, and pages visited
  • Device identifiers and mobile device information for users accessing the Service via mobile applications
  • Session information including login timestamps, feature usage events, and error logs
  • Performance and diagnostic data used to monitor Service stability and troubleshoot issues

We use analytics tools to help us understand how the Service is used. Please see our Cookie Policy for details on browser-based tracking.

1.6 Communications

If you contact us for support, submit feedback, or correspond with us by email, we retain records of those communications including your contact details and the content of the messages.

2. How We Use Your Information

We use the information we collect for the following purposes:

  • Providing the Service: Operating, maintaining, and delivering the features of the Service to you and your organization.
  • Account Management: Creating and maintaining your account, managing team membership and permissions, and authenticating user access.
  • Billing and Subscriptions: Processing subscription payments, managing invoices, and communicating billing-related notices.
  • Customer Support: Responding to support requests, diagnosing technical issues, and resolving disputes.
  • Service Improvement: Analyzing usage patterns to identify improvements, fix bugs, develop new features, and optimize performance.
  • Safety and Security: Detecting, investigating, and preventing fraudulent, unauthorized, or illegal activity involving the Service.
  • Legal Compliance: Meeting our obligations under applicable laws and regulations, responding to lawful requests from government authorities, and enforcing our agreements.
  • Communications: Sending transactional notifications (e.g., account alerts, invitation emails, billing alerts) and, where you have opted in, product updates and announcements. You may unsubscribe from marketing communications at any time.

3. How We Share Your Information

We do not sell your personal information. We may share information in the following circumstances:

3.1 Within Your Organization

Customer Data shared within the Service is visible to other authorized users within your organization according to their assigned roles and permissions. Where the Service supports connections or collaboration between organizations, relevant information may be shared with those connected parties as part of the agreed workflow.

3.2 Service Providers

We share information with third-party vendors who perform services on our behalf, including cloud infrastructure (hosting and databases), payment processing, email delivery, and analytics. These providers access data only as necessary to provide their services and are contractually required to maintain appropriate security standards.

3.3 Legal Requirements

We may disclose information when required by law, court order, subpoena, or other legal process, or when we believe in good faith that disclosure is necessary to protect our rights, protect your safety or the safety of others, investigate fraud, or respond to a government request.

3.4 Business Transfers

If CrudeDesk™ is involved in a merger, acquisition, asset sale, or similar corporate transaction, information may be transferred to the acquiring entity. We will notify affected customers via email or in-app notice prior to any such transfer becoming effective.

3.5 Aggregated and Anonymized Data

We may use and share aggregated or de-identified data that cannot reasonably be used to identify any individual or organization for benchmarking, research, and product development.

4. Data Retention

We retain Customer Data for as long as your account is active or as needed to provide the Service. Specific retention practices:

  • Account data: Retained for the duration of the active subscription and for up to ninety (90) days following account termination or cancellation, after which it is deleted or anonymized.
  • Operational records: Retained for the duration of the active subscription. Upon account termination, customers have a thirty (30) day window to export their data before it is deleted.
  • Location history (where collected): Retained for up to twelve (12) months from the date of collection, after which it is purged or anonymized unless longer retention is required by law or requested by the customer within their export window.
  • Payment records: Retained as required by applicable tax and financial recordkeeping laws, typically seven (7) years.
  • Support communications: Retained for up to three (3) years following resolution of the support request.

5. Security

We implement technical, administrative, and physical safeguards designed to protect your information against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit using TLS (Transport Layer Security) and encryption of sensitive data at rest
  • Role-based access controls enforced at the database level
  • Regular security reviews and vulnerability assessments of our infrastructure
  • Restricted internal access to Customer Data on a need-to-know basis

No method of transmission over the internet or electronic storage is completely secure. While we strive to protect your information using commercially reasonable means, we cannot guarantee absolute security. In the event of a data breach that is likely to result in a risk to your rights and freedoms, we will notify affected customers without undue delay as required by applicable law.

6. Your Rights and Choices

Depending on your location, you may have the following rights with respect to your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete information associated with your account. Most account information can be updated directly within the Service settings.
  • Deletion: Request that we delete your personal information, subject to our legal retention obligations and contractual commitments.
  • Data Portability:Request an export of your Customer Data in a machine-readable format using the Service's built-in export tools or by contacting us.
  • Opt-Out of Marketing: Unsubscribe from promotional emails at any time using the unsubscribe link in any marketing message, or by contacting us directly.
  • Cookies: Manage cookie preferences as described in our Cookie Policy.

To exercise any of these rights, please contact us at hello@crudedesk.com. We will respond within a reasonable time and in accordance with applicable law. We may need to verify your identity before processing your request.

Note: For data related to your organization's employees or contractors, requests should be directed to your employer or the organization that controls the relevant account, as CrudeDesk™ processes that data on their behalf.

7. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to authenticate sessions, maintain preferences, and analyze usage of the Service. For a full description of the cookies we use and how to manage them, please see our Cookie Policy.

8. Children's Privacy

The Service is intended for use by businesses and professionals. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected such information, we will take steps to delete it promptly.

9. Third-Party Links and Integrations

The Service may contain links to third-party websites or integrate with third-party services. This Privacy Policy does not apply to those third parties, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party services you access through or in connection with the Service.

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or Service capabilities. When we make material changes, we will notify you by posting the updated policy on this page with a revised "Last Updated" date and, for significant changes, by sending a notice to the email address associated with your account at least thirty (30) days before the changes take effect.

Your continued use of the Service after the effective date of a revised policy constitutes your acceptance of the updated terms.

11. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Pivoten LLC
Email: hello@crudedesk.com
Indiana, USA

If you are located in a jurisdiction with specific data protection rights (such as the European Economic Area or California), and you believe your rights have not been adequately addressed, you may have the right to lodge a complaint with the relevant supervisory authority.