TurfDesk-AI™ — How We Handle Your Information
This Privacy Policy explains how TurfDesk-AI™ ("Company," "we," "us," or "our") collects, uses, stores, and protects information when you use the TurfDesk-AI™ platform (the "Service"). We are committed to protecting your privacy and handling your data responsibly.
When you sign up, we collect: your name, email address, phone number, company name, operator code, and CRM type. This information is used to create and manage your account.
You may upload customer lists, CSV exports from your CRM, business documents, pricing data, and other operational information. This data is processed and stored solely to provide the Service to you. We refer to this as "Customer Data."
We automatically collect information about how you use the Service, including: pages visited, features used, campaign activity, login timestamps, and browser type. This data helps us improve the Service and diagnose technical issues.
Payment processing is handled by Stripe, our third-party payment processor. We do not store your credit card numbers or bank account details on our servers. Stripe's handling of your payment information is governed by Stripe's privacy policy.
When you use our direct mail features (powered by Lob), recipient addresses and campaign content are transmitted to our mail fulfillment partner for printing and delivery. This data is used solely for the purpose of fulfilling your mail campaigns.
We use the information we collect to: (a) provide, maintain, and improve the Service; (b) process your data uploads and generate analytics, reports, and insights; (c) execute direct mail campaigns on your behalf; (d) generate AI-powered suggestions, pricing estimates, and campaign content; (e) communicate with you about your account, billing, and Service updates; (f) ensure the security and integrity of the Service; (g) comply with legal obligations.
AI processing may involve transmitting data to third-party AI providers (such as Anthropic) via secure API connections. These providers are contractually obligated to process your data only as instructed by us and are prohibited from using your data for their own purposes, including model training.
The Service uses a combination of browser-based local storage and cloud-based storage (Cloudflare Workers KV) to store your data. Data in transit is encrypted using TLS/SSL. Data at rest is stored on Cloudflare's globally distributed infrastructure with encryption at rest.
The Service stores operational data in your browser's localStorage and IndexedDB for performance and offline access. This data remains on your device and is not transmitted to our servers unless you use the cloud sync feature. You can clear this data at any time through your browser settings.
We implement industry-standard security measures including: encrypted data transmission (TLS 1.2+), PIN-based access control, operator-level data isolation (multi-tenant architecture with strict separation), and regular security reviews. However, no method of transmission or storage is 100% secure, and we cannot guarantee absolute security.
We do not sell, rent, or trade your personal information or Customer Data to third parties.
We may share information only in these limited circumstances: (a) Service Providers: With trusted partners who help us operate the Service (Cloudflare for hosting, Stripe for payments, Lob for direct mail, Anthropic for AI features), bound by contracts that prohibit them from using your data for other purposes; (b) Legal Requirements: When required by law, subpoena, court order, or government request; (c) Safety: To protect the rights, property, or safety of TurfDesk-AI™, our users, or the public; (d) Business Transfer: In connection with a merger, acquisition, or sale of assets, in which case you will be notified.
You may access, review, and export your Customer Data at any time through the Service's built-in export features or by contacting us.
You may request deletion of your account and associated data by contacting us at privacy@turfdesk.com. We will process deletion requests within 30 days. Some data may be retained as required by law or for legitimate business purposes (such as billing records).
Your Customer Data is stored in standard formats (CSV, JSON) and can be exported at any time. We believe your data is yours, and we will never hold it hostage.
You may opt out of non-essential communications (marketing emails, product updates) at any time by clicking the unsubscribe link in any email or by contacting us. You cannot opt out of transactional communications (billing notices, security alerts, Terms updates).
We retain your account information and Customer Data for as long as your account is active. After account termination, we retain data for up to 30 days to allow for reactivation or data export, after which it is permanently deleted from our systems. Billing records and transaction logs may be retained for up to 7 years as required for tax and legal compliance.
The Service is designed for business use and is not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete it.
The Service primarily uses browser localStorage rather than cookies for session management. We do not use third-party advertising cookies or cross-site tracking. We may use minimal analytics to understand Service usage patterns and improve performance.
If you are a California resident, you have the right to: know what personal information we collect, request deletion of your personal information, opt out of the sale of personal information (we do not sell your data), and not be discriminated against for exercising your privacy rights. To exercise these rights, contact privacy@turfdesk.com.
New Jersey residents have similar rights under applicable state privacy laws. Contact us at privacy@turfdesk.com to exercise any data privacy rights.
The Service is operated from the United States. If you access the Service from outside the United States, you consent to the transfer and processing of your information in the United States. We process data in accordance with applicable US law.
We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice within the Service at least 15 days before taking effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.
For questions, concerns, or requests related to this Privacy Policy or your data, contact us at:
TurfDesk-AI™
Email: privacy@turfdesk.com
Website: turfdesk-site.pages.dev