Sumciq

Privacy Policy

Home / Privacy Policy
Last updated: 30 May 2026

Introduction

Sumciq (Sumciq, we, us, our) respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI CRM platform, visit our website, or interact with our services. Please read this policy carefully to understand our practices regarding your personal data.

We comply with the General Data Protection Regulation (GDPR) (EU) 2016/679 and applicable German data protection laws. This policy applies to all personal information we process, whether collected online or offline, through our platform or during business communications.

Data Controller Information

Sumciq acts as the data controller for personal data collected directly from you, including when you create an account, contact our support team, subscribe to our communications, or visit our website. For customer data you upload to our AI CRM platform, Sumciq acts as a data processor, and you remain the data controller responsible for compliance.

Sumciq
Willy-Brandt-Platz 1, 90402 Nürnberg, Germany
Email: privacy@sumciq.com
Phone: +49 911 2108550

What Personal Data We Collect

We collect various types of personal information depending on how you interact with Sumciq:

  • Account Information: Full name, email address, company name, job title, phone number, and password credentials when you register for an account.
  • Usage Data: Information about how you use our AI CRM platform, including features accessed, pages viewed, time spent, click patterns, and interaction with AI recommendations.
  • Technical Data: IP address, browser type and version, device identifiers, operating system, and location data based on your IP address.
  • Communication Data: Records of your correspondence with our support team, feedback submissions, survey responses, and chat interactions.
  • Customer Data (processed on your behalf): Information about your clients, leads, and contacts that you upload to our platform. We process this data only according to your instructions.
  • Payment Information: Billing details, invoice addresses, and payment history. We do not store full credit card numbers on our servers.

How We Collect Your Data

We collect personal data through various methods:

  • Direct interactions: When you create an account, fill out forms, contact our sales team, request a demo, or communicate with us via email or phone.
  • Automated technologies: As you navigate our platform, we automatically collect technical data about your device and usage patterns using cookies, log files, and similar tracking technologies.
  • Third-party sources: We may receive data about you from business partners, referral programs, or public sources to verify your identity or improve our services.

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

  • Contractual necessity: Processing necessary to perform our contract with you, including providing access to the AI CRM platform, managing your account, and delivering support services.
  • Legitimate interests: Processing necessary for our legitimate business interests, such as improving our AI algorithms, preventing fraud, ensuring platform security, and direct marketing to existing customers.
  • Legal compliance: Processing required to comply with legal obligations, including tax laws, anti-money laundering regulations, and court orders.
  • Consent: For certain processing activities, such as sending marketing communications or placing non-essential cookies, we obtain your explicit consent, which you may withdraw at any time.

How We Use Your Personal Data

We use your personal data for the following purposes:

  • To create and manage your Sumciq AI CRM account
  • To provide, maintain, and improve our platform features and AI capabilities
  • To train and enhance our machine learning models for better recommendations and analytics
  • To respond to your inquiries, support requests, and provide customer service
  • To send administrative information, such as security alerts, platform updates, and policy changes
  • To analyze usage patterns and optimize user experience
  • To detect, prevent, and address technical issues or security breaches
  • To comply with legal obligations and enforce our terms and conditions
  • To conduct business analytics and improve our marketing strategies

Data Sharing and Disclosure

We do not sell your personal data to third parties. We may share your information in the following limited circumstances:

  • Service providers: We engage trusted third-party vendors to perform services on our behalf, such as cloud hosting, data storage, payment processing, email delivery, and customer support. These providers have access to your data only to perform specific tasks and are contractually obligated to protect your information.
  • Business transfers: If Sumciq is involved in a merger, acquisition, or asset sale, your personal data may be transferred. We will notify you before your data becomes subject to a different privacy policy.
  • Legal requirements: We may disclose your data if required by law, subpoena, or legal process, or to protect the rights, property, or safety of Sumciq, our users, or the public.
  • With your consent: We may share your information for other purposes with your explicit consent.

International Data Transfers

Sumciq operates globally, and your personal data may be transferred to and processed in countries outside your residence, including Germany and other European Economic Area (EEA) countries. When we transfer data outside the EEA, we ensure adequate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission or other legally recognized transfer mechanisms.

Our primary data processing infrastructure is located in Germany, ensuring compliance with strict European data protection standards. For any international transfers, we maintain appropriate protections to preserve the security and confidentiality of your information.

Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. The retention period depends on the type of data and our legitimate business needs:

  • Account data: Retained for the duration of your active account plus a reasonable period afterward to comply with legal obligations.
  • Usage data: Typically retained for up to 24 months to improve our AI models and analyze platform performance.
  • Customer data you upload: Retained as long as your account is active and deleted within 90 days of account termination, unless legal requirements dictate otherwise.
  • Communication records: Retained for up to 36 months for quality assurance and dispute resolution purposes.

After the retention period expires, your personal data will be securely deleted or anonymized so that it can no longer be associated with you. You may request data deletion earlier by contacting our support team.

Your Data Protection Rights

Under the GDPR, you have comprehensive rights regarding your personal data. These rights include:

  • Right to access: You have the right to request copies of your personal data from us.
  • Right to rectification: You have the right to request correction of inaccurate or incomplete data.
  • Right to erasure (right to be forgotten): You have the right to request deletion of your personal data under certain circumstances.
  • Right to restrict processing: You have the right to request limitation of how we process your data.
  • Right to data portability: You have the right to receive your data in a structured, machine-readable format and transmit it to another controller.
  • Right to object: You have the right to object to processing based on legitimate interests or direct marketing.
  • Right to withdraw consent: If we process based on your consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to lodge a complaint: You have the right to file a complaint with a supervisory authority, such as the Bavarian State Office for Data Protection Supervision (BayLDA).

To exercise any of these rights, please contact us at privacy@sumciq.com. We will respond to your request within thirty (30) days. Some requests may require identity verification before processing.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our website and platform. Cookies are small text files stored on your device that help us remember your preferences, analyze usage patterns, and improve functionality. For detailed information about our cookie practices, including how to manage your preferences, please refer to our Cookies Policy.

You can control cookies through your browser settings. However, disabling certain cookies may affect platform functionality and user experience.

AI Data Processing Statement

Sumciq AI CRM uses machine learning models to provide predictive analytics, intelligent recommendations, and automated workflows. To train and improve these AI models, we process aggregated and anonymized data derived from platform usage. We do not use your raw customer data to train models that are shared with other customers. All AI training is performed on isolated, de-identified datasets that cannot be traced back to you or your clients.

You have the right to opt out of having your usage data used for AI training purposes. Contact our support team to exercise this option.

Data Security Measures

We implement robust security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These measures include:

  • End-to-end encryption for data in transit (TLS 1.3) and at rest (AES-256)
  • Regular security assessments and penetration testing
  • Role-based access controls and multi-factor authentication for administrative access
  • Continuous monitoring and automated threat detection systems
  • Employee training on data protection and privacy best practices
  • Incident response procedures and data breach notification protocols

While we strive to protect your data, no transmission over the internet is completely secure. You are also responsible for maintaining the security of your account credentials and any data you access through our platform.

Children's Privacy

Sumciq AI CRM is not intended for individuals under the age of sixteen (16). We do not knowingly collect personal data from children. If we learn that we have inadvertently collected personal information from a child under 16, we will delete it immediately. Parents or guardians who believe their child has provided us with personal data should contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or platform features. When we make material changes, we will notify you via email or through a prominent notice on our platform before the changes become effective. The updated policy will include a new Last updated date at the top of this document.

We encourage you to review this Privacy Policy regularly to stay informed about how we protect your personal data. Your continued use of Sumciq after any changes constitutes acceptance of the updated policy.

Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Data Protection Officer:

Email: contact@sumciq.com or privacy@sumciq.com

Phone: +49 911 2108550