Request a Quote

SouthCRM Privacy Policy

Last updated: 28 May 2026

SouthCRM is a trading name of SOUTH INTERNATIONAL LIMITED. In this Privacy Policy, “SouthCRM,” “we,” “our,” or “us” means SOUTH INTERNATIONAL LIMITED.

We respect your privacy and are committed to protecting personal data. This Privacy Policy explains how we collect, use, share, store, and protect personal data when you visit our website, contact us, request a demo, sign up for updates, use our products or services, or interact with us as a customer, prospect, partner, supplier, or website visitor.

For the purposes of data protection law, SOUTH INTERNATIONAL LIMITED is the controller of personal data processed for our own business purposes, unless this Privacy Policy states otherwise.

Age Verification

SouthCRM is intended for business and professional use. You must be at least 18 years old to create an account, request services in your own name, or otherwise submit information to us for contracting purposes.

If you are acting on behalf of a company or other organization, you confirm that you have authority to do so.

We do not knowingly market our services to children or intentionally collect personal data from children.

Operating Address

SOUTH INTERNATIONAL LIMITED
Company number: 14844361
Registered office address: 321-1 Nechells Park Road, Nechells Park Road, Birmingham, England, B7 5NU
Email: contact@southcrm.com

If SouthCRM notifies you of a different operational contact address for a specific contract, support matter, or legal notice, that notified address will apply for that purpose.

What Personal Data We Collect

Depending on how you interact with us, we may collect the following categories of personal data.

Identity and Contact Data

This may include:

  • Name
  • Business email address
  • Telephone number
  • Job title
  • Employer or company name
  • Postal address

Account and Service Data

This may include:

  • Account identifiers
  • Username and login-related information
  • Workspace and organization details
  • Service preferences
  • Subscription and contract information

Communications Data

This may include:

  • Messages sent through our forms
  • Email correspondence
  • Support tickets
  • Meeting notes
  • Call recordings or transcripts where recording is enabled and lawful

Technical and Usage Data

This may include:

  • IP address
  • Browser type
  • Device type
  • Operating system
  • Referral source
  • Log data
  • Page views
  • Feature usage
  • Timestamps
  • Diagnostic and performance data

Billing and Transaction Data

This may include:

  • Billing contact details
  • Invoice details
  • Payment status
  • Transaction history

We do not intentionally store full payment card details unless this is expressly stated and handled through an approved payment flow.

Marketing and Preference Data

This may include:

  • Newsletter preferences
  • Consent records
  • Event registrations
  • Communication preferences

Customer Content and Connected Data

If you use SouthCRM, you or your organization may upload, sync, generate, or connect business information, messages, CRM records, workflow content, tickets, files, notes, prompts, outputs, contact records, and related metadata.

Controller and Processor Roles

SouthCRM does not have a single role for every category of data.

Where SouthCRM Acts as Controller

We act as controller for personal data we use for our own business purposes, including:

  • Operating the website
  • Responding to enquiries and demo requests
  • Account administration
  • Billing and collections
  • Product security, abuse prevention, and diagnostics
  • Service communications
  • Legal compliance
  • Direct marketing where lawful

Where SouthCRM Acts as Processor

When our business customers use SouthCRM to store or process personal data in their own accounts, workflows, or connected systems, SouthCRM generally acts as a processor or service provider on that customer’s behalf.

In those cases, the customer is generally responsible for deciding:

  • What data is uploaded
  • Which individuals are included
  • The purposes of processing
  • How long the data should be retained

Our customer contract, order form, Data Processing Addendum, or similar agreement will govern that processor relationship.

How We Collect Personal Data

We collect personal data:

  • Directly from you
  • From your employer or organization
  • From account administrators and authorized users
  • From cookies and similar technologies
  • From connected applications and integrations you authorize
  • From public business sources such as company websites or professional profiles
  • From referral or implementation partners where lawful

Why We Use Personal Data and Our Lawful Bases

We may use personal data for the following purposes.

To Respond to Enquiries, Demo Requests, and Onboarding Discussions

Lawful basis: steps requested before entering into a contract; legitimate interests in growing and operating our business.

To Provide, Configure, Secure, Maintain, and Support SouthCRM

Lawful basis: performance of a contract; legitimate interests in operating a secure and reliable service.

To Manage Accounts, Subscriptions, Invoices, Collections, and Records

Lawful basis: performance of a contract; compliance with legal obligations; legitimate interests in managing our commercial operations.

To Improve Our Platform, Monitor Performance, Troubleshoot Issues, and Protect Security

Lawful basis: legitimate interests in service improvement, resilience, fraud prevention, and information security.

To Send Service Notices and Administrative Communications

Lawful basis: performance of a contract; legal obligation where applicable; legitimate interests in providing important updates.

To Send Marketing and Promotional Communications

Lawful basis: consent where required; otherwise legitimate interests, subject to applicable data protection and electronic marketing rules.

You can opt out of marketing communications at any time.

To Comply With Law, Enforce Our Rights, and Handle Claims or Disputes

Lawful basis: legal obligation; legitimate interests in defending and enforcing legal rights.

AI Features and Automated Processing

SouthCRM may include AI-assisted features that help users:

  • Summarize content
  • Classify or prioritize information
  • Generate or suggest workflow actions
  • Produce insights, recommendations, drafts, and automations

AI-generated outputs may be incomplete, inaccurate, or inappropriate for a particular context and should be reviewed by a human user before reliance, especially for legal, financial, employment, compliance, or similarly significant matters.

Unless we expressly agree otherwise in writing, we do not use Customer Content submitted through paid customer accounts to train third-party foundation models for generalized use unrelated to providing the services to that customer.

SouthCRM does not routinely make solely automated decisions about individuals that produce legal or similarly significant effects without appropriate safeguards, notice, and, where required, a route to request human review.

Who We Share Personal Data With

We may share personal data only where there is a valid reason to do so, including with:

  • Cloud hosting and infrastructure providers
  • Communications and collaboration providers
  • Analytics and monitoring providers
  • Identity and access-management providers
  • Customer support and ticketing providers
  • Professional advisers, auditors, insurers, and legal counsel
  • Payment, invoicing, and finance providers
  • Regulators, courts, law enforcement, or public authorities where required by law
  • A purchaser, successor, investor, or transaction counterparty in connection with a merger, financing, reorganization, or asset sale

Where SouthCRM uses vendors to process personal data on its behalf, we require them to protect personal data and process it only for permitted purposes.

A current list of subprocessors used for customer-account processing is available on request. SouthCRM may later publish a live subprocessors page and, if so, this Privacy Policy will be updated accordingly.

International Transfers

We may process or store personal data in England, the European Economic Area, or other countries where we or our service providers operate.

If we transfer personal data internationally, we will use an appropriate transfer mechanism where required by applicable law. This may include an adequacy decision, standard contractual clauses, an approved data transfer agreement, or another lawful safeguard or exception available under applicable law.

You may request more information about the transfer safeguards relevant to your personal data by contacting us.

How Long We Keep Personal Data

We keep personal data only for as long as reasonably necessary for the purpose for which it was collected, including to meet legal, regulatory, accounting, security, and dispute-handling requirements.

Our default retention periods are:

Data Type Default Retention Period
Demo and contact enquiries 12 months after last meaningful contact
Marketing subscription records Until you unsubscribe or after 24 months of inactivity
Customer account administration data Contract term plus 6 years
Contracts, invoices, and related billing records 6 years from the end of the relevant financial year, or longer if required by law
Support tickets 3 years after closure
Security logs 12 months, unless they need to be held longer for an investigation
Call or meeting recordings / transcripts 12 months unless a different period is agreed or required
Customer Content in the platform During the subscription term, then deleted within 30 days after termination or deletion request, subject to customer instructions, legal obligations, and backup cycles
Backups Rolling 90 days

If we cannot state an exact period for a particular category, we will keep it only for as long as necessary to fulfil the relevant purpose and then delete or anonymize it.

Your Rights

Depending on the applicable law and the context of processing, you may have the right to:

  • Request access to your personal data
  • Request correction of inaccurate or incomplete data
  • Request deletion of personal data
  • Request restriction of processing
  • Object to processing based on legitimate interests
  • Request portability of data you provided to us where the law applies
  • Withdraw consent at any time where we rely on consent

To exercise these rights, contact us using the details at the end of this Privacy Policy.

Complaints

If you have a privacy concern or data protection complaint, please contact SouthCRM first so we can investigate and try to resolve it.

You can send data protection complaints to:  contact@southcrm.com

Please include enough detail for us to identify the issue and your relationship with SouthCRM. We aim to acknowledge complaints promptly and, where applicable, in line with our legal obligations.

You may also have the right to complain to the relevant data protection authority if you believe your personal data has not been handled properly.

Cookies and Similar Technologies

We use cookies and similar technologies on our website. Some are strictly necessary for the website to function. Others are used only if you consent.

Please read our Cookies Policy for more information about:

  • The categories of cookies we use
  • How to manage your choices
  • How to withdraw consent

Security

We use technical and organizational measures designed to protect personal data, including measures relating to access control, authentication, logging, monitoring, encryption where appropriate, and vendor management.

No method of transmission or storage is completely secure. You should also use appropriate security measures on your side, including strong passwords and access controls.

Third-Party Links and Integrations

Our website or services may contain links to third-party websites, products, or services. If you follow those links or enable third-party integrations, those third parties may process personal data under their own terms and privacy notices.

We are not responsible for their independent processing.

Refund and Dispute Policies

Commercial payment terms, renewals, suspension rights, service credits, refunds, and dispute procedures for paid services are primarily governed by the applicable order form, statement of work, subscription agreement, master services agreement, or another written contract with SouthCRM.

SouthCRM does not use blanket “no refunds” language in this Privacy Policy.

If you have a billing or refund query, contact us first at contact@southcrm.com and we will review the matter in good faith in line with the relevant contract and any mandatory legal rights that apply.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will post the updated version on this page and update the “Last updated” date above.

Material changes will apply from the date stated in the updated notice.

Company Contact Information

SOUTH INTERNATIONAL LIMITED
Trading name: SouthCRM
Company number: 14844361
Registered office address: 321-1 Nechells Park Road, Nechells Park Road, Birmingham, England, B7 5NU
Email: contact@southcrm.com

If SouthCRM appoints a Data Protection Officer or a privacy representative for the purposes of applicable data protection law, their contact details will be published in this Privacy Policy.