Privacy policy
Welcome to runcrm.co.uk (“we”, “our”, “us”). We are committed to protecting and respecting your privacy in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and the Privacy and Electronic Communications Regulations (PECR).
This Privacy Policy explains how we collect, use, and protect personal data when you:
- Visit https://www.runcrm.co.uk
- Contact us
- Engage us to manage or support your existing CRM system
- Subscribe to marketing communications
1. Who We Are
RunCRM is a UK-based agency that manages and supports clients’ existing CRM systems. We do not provide CRM software. We work with businesses to optimise, maintain, and administer their current CRM platforms.
Data Controller:
RunCRM
Website: https://runcrm.co.uk
Email: team@runcrm.co.uk
If you have any questions about this Privacy Policy or your data, please contact us using the details above.
2. The Information We Collect
We may collect and process the following types of personal data:
2.1 Information You Provide to Us
- Full name
- Work email address
- Phone number
- Company name
- Job title
- Billing and invoicing details
- Information provided through contact forms or support enquiries
- Information provided during sales consultations
2.2 Customer Data (CRM Data)
When providing CRM management services, we may access or process personal data stored within your CRM system.
This may include (depending on your CRM setup):
- Names
- Email addresses
- Telephone numbers
- Customer notes
- Communication records
- Marketing preferences
- Sales data
In these circumstances:
- Our client is the Data Controller
- We act as a Data Processor
We only process this data on documented instructions from our clients and in accordance with applicable data protection laws.
We do not use client CRM data for our own marketing or commercial purposes.
2.3 Automatically Collected Information
When you visit our website, we may automatically collect:
- IP address
- Browser type and version
- Device information
- Pages visited and time spent
- Referral sources
- Cookie data
3. How We Use Personal Data
We use personal data to:
- Respond to enquiries
- Provide CRM management services
- Administer contracts and billing
- Communicate with clients
- Improve our website and services
- Send marketing communications (where lawful)
- Comply with legal obligations
When acting as a Data Processor, we process personal data solely in accordance with our client’s instructions.
4. Legal Bases for Processing
Under UK GDPR, we rely on the following lawful bases:
- Contract – To deliver services agreed with clients
- Legitimate Interests – To operate and improve our business
- Consent – For marketing communications and non-essential cookies
- Legal Obligation – For accounting, taxation, and regulatory compliance
When acting as a Data Processor, the lawful basis for processing is determined by our client as the Data Controller.
5. Cookies
We use cookies and similar technologies to:
- Ensure website functionality
- Analyse website performance
- Improve user experience
You may control cookies through your browser settings. A separate Cookie Policy may provide further detail.
6. Data Sharing
We may share personal data with trusted third parties, including:
- IT and cloud hosting providers
- Email and communication providers
- Professional advisers (legal and accounting)
- Payment processors
Where we process CRM data on behalf of clients, we may engage approved sub-processors where necessary to deliver services. Appropriate data processing agreements are in place.
We do not sell personal data.
7. International Transfers
Where personal data is transferred outside the UK, we ensure appropriate safeguards are implemented, such as:
- UK-approved Standard Contractual Clauses
- Adequacy regulations
8. Data Retention
We retain personal data only for as long as necessary:
- Client contact and contractual data: for the duration of the contract and up to 6 years thereafter (for legal and accounting purposes)
- Marketing data: until consent is withdrawn
- CRM data processed on behalf of clients: in accordance with the client’s instructions and contractual terms
9. Data Security
We implement appropriate technical and organisational measures to protect personal data, including:
- Secure access controls
- Encrypted communications (SSL/TLS)
- Role-based permissions
- Confidentiality agreements
- Secure IT infrastructure
10. Your Data Protection Rights
Under UK GDPR, you have the right to:
- Access your personal data
- Request rectification
- Request erasure
- Restrict processing
- Object to processing
- Data portability
- Withdraw consent (where applicable)
- Lodge a complaint with a supervisory authority
If your personal data is contained within one of our client’s CRM systems, you should contact that organisation directly as they are the Data Controller.
You also have the right to lodge a complaint with:
Information Commissioner’s Office
Website: https://ico.org.uk
11. Marketing Communications
We may send marketing communications if:
- You have opted in; or
- You are an existing business contact and we are marketing similar services in accordance with PECR.
You may unsubscribe at any time via the link in emails or by contacting us directly.
12. Third-Party CRM Platforms
As part of our services, we may work within third-party CRM systems selected by our clients. Those platforms operate under their own privacy policies, and we do not control their data handling practices.
13. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will always be published on our website with the updated “Last updated” date.
14. Contact Us
If you have questions about this Privacy Policy or our data handling practices, please contact:
RunCRM
Email: team@runcrm.co.uk
Website: https://www.runcrm.co.uk
Last updated: 21st February 2026
