Privacy Policy
Last updated: April 2026
1. Overview
FX Unlocked CRM ("the App") is a private, internal customer relationship management platform operated by FX Unlocked. This policy explains how we collect, use, and protect data when authorised users access the App.
2. Data We Collect
We collect information you provide when using the App, including affiliate contact details, broker records, appointment data, revenue figures, and notes. We also collect authentication data via Supabase and, when you choose to connect it, Google Calendar OAuth tokens (access token and refresh token) solely to sync appointments to your Google Calendar.
3. How We Use Your Data
Data is used exclusively to operate the CRM — managing affiliate relationships, scheduling appointments, tracking commissions, and generating performance reports. We do not sell, share, or transfer your data to third parties except where required to operate the service (e.g., Supabase for database hosting, Google APIs for calendar integration, Resend for transactional email).
4. Google API Scopes
When you connect Google Calendar, the App requests the "calendar.events" scope. This allows the App to create, update, and delete calendar events on your behalf. We do not access any other Google data. Google OAuth tokens are stored securely in our database and are never shared with third parties.
5. Data Retention
Your data is retained for as long as your account is active. You may request deletion of your data at any time by contacting the system administrator. Google Calendar tokens are deleted immediately when you disconnect your Google account from the App.
6. Security
All data is encrypted in transit (HTTPS/TLS). Database access is protected by row-level security policies. Authentication is handled by Supabase Auth with optional multi-factor authentication.
7. Contact
For any privacy-related questions, contact the FX Unlocked team at: joshivilol1011@gmail.com