New
AI-powered answers & reports

HookedCRM Privacy Policy

Last Updated: Mar 1, 2026

1. Introduction

This Privacy Policy explains how HookedCRM LLC (“HookedCRM,” “we,” “us,” or “our”) collects, uses, stores, and protects information in connection with the HookedCRM platform, website (hookedcrm.com), application portals, APIs, and related services (collectively, the “Services”).

HookedCRM is a cloud-based call center CRM platform that includes telephony, call recording, AI-powered analysis, workflow automation, and customer relationship management tools.

By using the Services, you consent to the data practices described in this Policy. If you do not agree, you should discontinue use of the Services.

2. Scope

This Policy applies to:

  • Customers
  • Agency administrators
  • Authorized agents and supervisors
  • End users accessing the HookedCRM platform

It covers information collected:

  • Directly from you or your organization
  • From telephony providers connected to the platform
  • Automatically through use of the Services

HookedCRM primarily acts as a data processor/service provider on behalf of its customers.

3. Information We Collect

3.1 Account and Contact Information

When you register or subscribe, we may collect:

  • Name
  • Business email address
  • Phone number
  • Company name
  • Billing details
  • User role and permissions

3.2 CRM and Customer Data

Your organization may upload or input:

  • Contact records
  • Lead data
  • Notes and task history
  • Dispositions and status updates
  • Custom fields and campaign data

This information may contain personal information relating to your employees, leads, or customers.

3.3 Call Data and Telephony Information

To provide telephony functionality, we may process:

  • Call recordings
  • Voicemail recordings
  • Call transcripts
  • Call metadata (timestamps, duration, call SID, participants, phone numbers)
  • Call routing and queue logs
  • Whisper and barge activity logs

Call recordings and transcripts may contain personal information.

You are responsible for ensuring proper call recording disclosures and consent in compliance with applicable laws.

3.4 AI-Generated Data

HookedCRM may generate:

  • Transcriptions
  • Call summaries
  • Sentiment analysis
  • Risk detection indicators
  • Coaching recommendations
  • Call scoring outputs

These are generated automatically based on input data.

3.5 Usage and Technical Data

We collect:

  • IP address
  • Browser type
  • Device identifiers
  • Login timestamps
  • Audit logs
  • System activity logs

This data supports security, fraud prevention, and system performance monitoring.

3.6 Cookies and Similar Technologies

We use cookies or similar technologies to:

  • Maintain secure sessions
  • Measure platform analytics
  • Improve user experience

You may manage cookies via your browser settings.

4. How We Use Information

We process data for legitimate business and contractual purposes, including:

  • Providing and operating telephony and CRM services
  • Enabling call routing, recording, and conferencing
  • Generating AI-powered transcriptions and insights
  • Monitoring reliability and preventing abuse
  • Supporting TCPA/DNC compliance tools
  • Responding to support requests
  • Communicating service updates
  • Improving platform functionality (in aggregated or anonymized form only)
  • Complying with legal or regulatory obligations

We do not sell personal information.

5. Legal Basis for Processing (GDPR Awareness)

Where applicable, our legal bases include:

  • Contractual necessity – to deliver the Services
  • Legitimate interests – security, fraud prevention, service improvement
  • Consent – where required (e.g., optional communications)
  • Legal obligation – compliance with regulatory requirements

6. Data Ownership and Control

You and your organization retain ownership of all CRM records, call recordings, and uploaded data (“Customer Data”).

HookedCRM acts as:

  • A data processor under GDPR
  • A service provider under CCPA
  • A business associate (if applicable under HIPAA with executed BAA)

We process Customer Data solely:

  • To provide the Services
  • Under your instructions
  • As required by law

We do not sell or share Customer Data for advertising purposes.

7. Data Retention

Customer Data is retained:

  • For the duration of your active subscription
  • Based on your configured retention settings
  • As required by law or contract

Upon termination or written request:

  • Data may be deleted or anonymized within a commercially reasonable period
  • Backup copies may persist temporarily in secure systems

You are responsible for exporting data prior to account closure.

8. Data Security and Compliance

HookedCRM maintains administrative, physical, and technical safeguards aligned with industry standards, including:

  • Encryption in transit (TLS)
  • Encryption at rest (where applicable)
  • Role-based access controls
  • Audit logging and monitoring
  • Incident response procedures
  • Periodic security assessments

While we implement industry-standard safeguards, no system is completely secure.

Customers are responsible for:

  • Protecting login credentials
  • Configuring proper user permissions
  • Securing endpoint devices

9. Third-Party Processors and Carriers

HookedCRM may engage third-party providers to:

  • Host infrastructure
  • Provide telephony services
  • Deliver AI functionality
  • Store recordings
  • Process payments

Such providers are contractually required to implement security and confidentiality protections.

We may change service providers without notice, provided protections remain substantially equivalent.

10. AI Model Usage and Automated Processing

HookedCRM uses artificial intelligence to generate:

  • Transcripts
  • Summaries
  • Sentiment and performance analysis
  • Risk scoring

AI outputs:

  • Are assistive, not determinative
  • Should not replace human supervision
  • May contain inaccuracies

Automated processing does not constitute legal, employment, or compliance advice.

By using the Services, you acknowledge that certain outputs are generated automatically.

11. Call Recording and Monitoring

HookedCRM enables recording, whisper, and barge features.

You are solely responsible for:

  • Providing legally required recording disclosures
  • Obtaining necessary consent
  • Complying with employment monitoring laws
  • Ensuring telemarketing compliance

HookedCRM does not independently verify user compliance with recording laws.

12. Business Associate / HIPAA Commitments

HookedCRM is not HIPAA-compliant unless a separate Business Associate Agreement (BAA) is executed.

Where a BAA is in place, we will comply with applicable obligations related to Protected Health Information (“PHI”).

We access PHI only as necessary to provide Services.

13. International Data Transfers

Primary processing and storage occur within the United States.

If international transfers occur, HookedCRM will implement appropriate safeguards such as:

  • Standard Contractual Clauses (SCCs)
  • Equivalent legal mechanisms

14. Your Rights

Depending on your jurisdiction, you may have rights to:

  • Access personal information
  • Correct inaccuracies
  • Request deletion
  • Restrict certain processing
  • Receive a portable copy of data

To exercise these rights, contact:

Email: support@hookedcrm.com

We may verify identity before responding.

15. Children’s Privacy

The Services are intended for business use and not directed to individuals under 18 years of age.

We do not knowingly collect personal data from minors.

16. Changes to This Policy

We may update this Privacy Policy from time to time.

Material changes will be communicated via:

  • Website notice
  • Email notification

Continued use of the Services after updates constitutes acceptance.

17. Contact Information

HookedCRM

1201 Orange Street, Suite 600

Wilmington, DE 19801

United States

Email: support@hookedcrm.com

© 2025 HookedCRM LLC. All rights reserved.