Privacy Policy

We keep your data safe, predictable, and in your control.

This policy explains what A1 CMS collects, how we use it to run the platform, and the choices you have. We keep the language plain and practical so you can make decisions quickly.

Effective: February 17, 2026 Applies to: A1 CMS apps, portals, and marketing pages
Short version: We only use data to deliver the service, provide support, and improve the product. We do not sell personal data. You control your tenant data and can export or delete it.

Quick navigation

Data we collect
How we use data
Legal bases
Data retention
Security
Data sharing
Cookies and analytics
Your choices
International data
Contact

Data we collect

Account and billing

  • Name, email, and company details for your admin users.
  • Billing contact, plan selection, and transaction history.
  • Support tickets and communications with our team.

Product data

  • Customers, contacts, projects, tickets, invoices, and approvals you choose to store.
  • Files, notes, and attachments added to your workspace.
  • Configuration settings for automations, roles, and portals.

Usage and device data

  • Login timestamps, IP address, browser type, and device data.
  • Audit logs for security and compliance visibility.
  • Performance metrics that help us keep the platform fast.

Marketing data (optional)

  • Lead form submissions and demo requests.
  • Site analytics events (page views, clicks) for site improvement.
  • Preferences you set for communications.

You can use A1 CMS without providing marketing data. Only the minimum required data is collected to deliver the service.

How we use data

  • Provide the CRM, client portal, billing, approvals, and ticketing features you expect.
  • Secure your account and detect suspicious activity.
  • Operate billing, invoicing, and subscription management.
  • Deliver support and answer your questions.
  • Improve the product based on usage trends and feedback.
  • Communicate updates, security notices, and relevant product changes.

Data retention

We retain data only as long as needed to run the service and meet legal requirements. When an account is closed, you can export your data and request deletion. Some data may remain in backups for a limited period before being removed.

Security

  • Encrypted connections (TLS) for data in transit.
  • Access controls and audit logs for accountability.
  • Tenant-aware separation to prevent cross-tenant exposure.
  • Monitoring and alerting for unusual behavior.

No system is perfect, but we continually improve our safeguards.

Data sharing

We do not sell your personal data. We may share limited data with trusted service providers who help us operate A1 CMS (hosting, email delivery, payment processing, error monitoring). They are bound by confidentiality and only access what they need to provide their services.

Cookies and analytics

  • Essential cookies for authentication and session security.
  • Preference cookies to remember your settings.
  • Analytics signals to measure performance and usage trends.

You can configure cookie behavior in your browser. Disabling cookies may limit functionality.

Your choices

Access and export

Admins can export customer, project, ticket, and billing data from within the platform.

Correction and deletion

You can update or delete data in your tenant, or contact us for account-level requests.

International data transfers

A1 CMS may process data in the regions where we operate or where our infrastructure providers run data centers. We apply consistent safeguards across environments.

Contact

Questions or requests? Reach us at privacy@a1cms.com or submit a support ticket from your portal.