Back to CommuLand

Privacy Policy

Last updated: February 15, 2026

1. Introduction

CommuLand ("we", "our", "us") operates the website commuland.com and related services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

2. Information We Collect

Account Information

When you create an account, we collect your name, email address, and profile information through our authentication provider (Clerk). We also collect your organization/team information for multi-tenant access.

CRM Data

Contact information, company details, events, deals, activities, and other CRM records you create or import into CommuLand. This includes data extracted from business cards via AI/OCR processing.

Uploaded Files

Business card images, documents (PDF), and other media files you upload for OCR processing or attach to contacts. These files are stored securely in cloud storage (AWS S3).

Telegram Data

If you use the Telegram bot integration, we receive photos and messages you send to the bot, along with your Telegram user ID, username, and display name.

Usage Data

We automatically collect information about how you access and use the service, including browser type, IP address, pages visited, and actions performed.

3. How We Use Your Information

We use your information to:

  • Provide, operate, and maintain the CRM service
  • Process business cards and documents using AI/OCR extraction
  • Manage your account and organization settings
  • Process billing and credit transactions
  • Send service-related notifications and updates
  • Detect and prevent fraud, abuse, or security incidents
  • Improve and optimize the service
  • Provide customer support

4. AI and Third-Party Processing

Business card images and documents may be processed by third-party AI services (Azure OpenAI) for text extraction. These services process data transiently and do not retain your images or extracted text beyond the processing request.

We use the following third-party services:

  • Clerk — Authentication and user management
  • Azure OpenAI — AI-powered text extraction from business cards
  • AWS S3 — Secure file storage
  • Stripe — Payment processing
  • Resend — Email delivery (if configured)
  • Telegram Bot API — Telegram bot integration (if configured)

5. Data Isolation and Multi-Tenancy

All CRM data is strictly scoped to your organization (tenant). Your data is isolated from other organizations on the platform. Team members within your organization can access shared CRM data based on their role permissions (Owner, Admin, Member).

6. Data Security

We implement appropriate security measures including:

  • Encryption of integration secrets at rest (AES-256-GCM)
  • Signed URLs for secure file access (no public file links)
  • Tenant-scoped access controls on all API endpoints
  • Webhook signature verification for inbound integrations
  • HTTPS encryption for all data in transit

7. Data Retention

We retain your data for as long as your account is active. If you delete your account or request data deletion, we will remove your personal data and CRM records within 30 days. Some data may be retained longer if required by law or for legitimate business purposes (e.g., billing records).

8. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Export your data in a portable format
  • Object to or restrict certain processing activities
  • Withdraw consent where processing is based on consent

To exercise these rights, contact us at privacy@commuland.com.

9. Cookies

We use essential cookies for authentication and session management. We do not use tracking cookies or third-party advertising cookies.

10. Children's Privacy

CommuLand is not intended for use by individuals under the age of 16. We do not knowingly collect personal information from children.

11. International Data Transfers

Your data may be processed in regions outside your country of residence, including the United States and other regions where our service providers operate. We ensure appropriate safeguards are in place for such transfers.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by email or through the service. The "Last updated" date at the top indicates when the policy was last revised.

13. Contact Us

If you have questions or concerns about this Privacy Policy, please contact us at: