Privacy Policy
Last updated: February 27, 2026
1. Introduction
This Privacy Policy describes how the «Deal Duplicates by VentasBoost» widget (hereinafter «Service») collects, uses, and protects user data.
The Service is an integration (widget) for the Kommo CRM platform designed for automatic deal deduplication.
2. Data We Collect
During operation, the Service processes the following data:
- Kommo account data — account identifier (account_id), subdomain, OAuth authorization tokens.
- Deal metadata — deal identifiers, contact information (phone numbers, emails) linked to deals, hashes (fingerprints) used for duplicate detection.
- Rule settings — deduplication rule configurations created by the user.
- Operation history — records of completed merges for auditing and reporting.
3. Purpose of Data Processing
- Finding and merging duplicate deals.
- Managing licenses and subscription plans.
- Ensuring the widget operates correctly.
- Providing technical support to users.
4. Data Storage
Data is stored in a Supabase cloud database with the following protections:
- Encryption in transit (TLS/SSL).
- Encryption at rest (AES-256).
- Row Level Security policies.
- Access restricted to a service key with limited permissions.
Kommo OAuth tokens are stored in encrypted form and are used exclusively to make API requests on behalf of the user.
5. Payment Data
Payment processing is handled by Stripe. We do not store credit card numbers, CVV codes, or any other payment details on our servers.
Stripe is certified to PCI DSS Level 1. Learn more: stripe.com/privacy.
6. Sharing Data with Third Parties
We do not sell, share, or disclose user data to third parties, except in the following cases:
- Stripe — for payment processing.
- Kommo API — to perform CRM operations on behalf of the user.
- Legal requirements — upon request by authorized bodies in accordance with applicable law.
7. User Rights
You have the right to:
- Request information about the data stored for your account.
- Request complete deletion of all data associated with your account.
- Revoke OAuth authorization at any time through your Kommo settings.
- Cancel your subscription through the Stripe Customer Portal.
To exercise these rights, contact us at: sales@ventas-boost.com.
8. Data Deletion
When the widget is removed from a Kommo account:
- OAuth tokens are revoked.
- Deal processing stops immediately.
- Account data (fingerprints, merge history, rules) is retained for 30 days in case the widget is reinstalled, after which it is deleted automatically.
For immediate deletion of all data, email sales@ventas-boost.com.
9. Changes to This Policy
We may update this Privacy Policy from time to time. Users will be notified of significant changes through the widget interface or by email.
10. Contact
For any questions regarding privacy and data processing:
- Email: sales@ventas-boost.com