Aggrandize

Privacy Policy

Last updated: March 10, 2026

Nonce Group, LLC, an Idaho limited liability company doing business as Aggrandize ("Aggrandize," "we," "us," or "our"), is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access or use the Aggrandize CRM platform, our websites, applications, and related services (collectively, the "Service").

By accessing or using the Service, you agree to the collection and use of information as described in this Privacy Policy. If you do not agree, do not access or use the Service. This Privacy Policy is incorporated into and subject to our Terms of Service.

1. Information We Collect

1.1 Information You Provide. We collect information you voluntarily provide when you register for an account, use the Service, or communicate with us, including:

  • Account Information: Name, email address, password, company name, job title, phone number, and billing information.
  • CRM Data: Contacts, companies, deals, pipeline stages, notes, tasks, activities, and any other data you enter into the platform.
  • Email Content: If you connect an email account (Microsoft Outlook or Google Gmail), we sync email messages, headers, metadata, and attachments to provide email features within the Service.
  • AI Interactions: Prompts, queries, and instructions you provide to the AI CRM assistant, and the corresponding AI-generated responses.
  • Communications: Messages you send to us, including support requests, feedback, and survey responses.
  • Payment Information: Credit card numbers, billing addresses, and related payment details are collected and processed by our third-party payment processor (Stripe). We do not store full credit card numbers on our servers.

1.2 Information Collected Automatically. When you access or use the Service, we automatically collect certain information, including:

  • Usage Data: Feature usage, click and interaction data, pages visited, actions taken, frequency and duration of activities, and performance metrics.
  • Device and Browser Information: IP address, browser type and version, operating system, device type, screen resolution, and language preferences.
  • Log Data: Server logs, error reports, access times, and referring URLs.
  • Cookies and Similar Technologies: We use cookies, local storage, and similar technologies to maintain your session, remember your preferences, and analyze usage patterns. See Section 6 for more details.

1.3 Information from Third Parties. We may receive information about you from third-party sources, including:

  • Email Providers: Email content, contact information, and metadata synced from Microsoft Outlook or Google Gmail when you connect your email account.
  • Authentication Providers: If you sign in using a third-party authentication service, we receive your name, email address, and profile information as permitted by that service.
  • Publicly Available Sources: Business contact information, company data, and other publicly available information used to enrich your CRM records.

2. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Operate, maintain, and deliver the features and functionality of the platform, including CRM management, email sync, pipeline tracking, and AI-powered features.
  • Power AI Features: Process your CRM data and AI interactions through third-party AI models (including Anthropic Claude) to generate assistant responses, email drafts, contact classifications, deal recommendations, and other AI outputs.
  • Process Payments: Manage subscriptions, process transactions, and send billing-related communications.
  • Communicate with You: Send service-related notices, security alerts, support messages, and, with your consent, promotional communications.
  • Improve the Service: Analyze usage patterns, diagnose technical issues, conduct research, and develop new features and products.
  • Generate Aggregated Insights: Create de-identified, aggregated analytics, benchmarks, and industry insights that do not identify you or any individual.
  • Ensure Security: Detect, prevent, and respond to fraud, abuse, security incidents, and technical issues.
  • Comply with Law: Fulfill legal obligations, respond to lawful requests, and enforce our Terms of Service.

3. How We Share Your Information

We do not sell your personal information. We share your information only in the following circumstances:

3.1 Service Providers. We share information with third-party service providers who process data on our behalf to provide the Service. These providers are contractually obligated to use your information only as directed by us. Our key service providers include:

  • Anthropic (AI model provider) — Processes CRM data and conversation context to power AI features. Under Anthropic's commercial API terms, data submitted through their API is not used to train their AI models.
  • Supabase (cloud infrastructure) — Hosts our database, authentication, and storage services.
  • Stripe (payment processing) — Processes subscription payments and billing information.
  • Microsoft (email integration) — Syncs email content and contacts for Outlook-connected accounts via Microsoft Graph API.
  • Google (email integration) — Syncs email content and contacts for Gmail-connected accounts via Google API.
  • Vercel (hosting) — Hosts our web application frontend.

3.2 Legal Requirements. We may disclose your information if required to do so by law, regulation, legal process, or governmental request, or when we believe in good faith that disclosure is necessary to protect our rights, your safety, or the safety of others, investigate fraud, or respond to a government request.

3.3 Business Transfers. In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or a portion of our assets, your information may be transferred as part of that transaction. We will notify you via email or prominent notice on the Service before your information becomes subject to a different privacy policy.

3.4 With Your Consent. We may share your information with third parties when you have given us explicit consent to do so.

3.5 Aggregated and De-Identified Data. We may share aggregated, anonymized, or de-identified data that cannot reasonably be used to identify you for any lawful purpose, including industry benchmarks, research, and analytics.

4. AI Data Processing

The Service includes AI features powered by third-party AI models. This section explains how your data is processed in connection with these features.

4.1 What Data Is Sent to AI Providers. When you use AI features, relevant portions of your CRM data (such as contact details, deal information, email content, and conversation history) are transmitted to our AI model provider (currently Anthropic) to generate responses and recommendations.

4.2 AI Model Training. Under Anthropic's commercial API terms, Customer Data submitted through their API is not used to train their AI models. We do not use your identifiable Customer Data to train any AI or machine learning models.

4.3 AI Output Accuracy. AI-generated outputs may contain errors or inaccuracies. We do not verify AI outputs for accuracy before presenting them to you. You are responsible for reviewing and verifying all AI outputs before relying on them. See Section 10 of our Terms of Service for additional disclaimers.

4.4 AI Interaction Logs. We may retain logs of your AI interactions (prompts and responses) to provide the Service, troubleshoot issues, and improve AI feature performance. These logs are treated as Customer Data and subject to the same protections described in this Privacy Policy.

5. Data Retention

We retain your information for as long as your account is active or as needed to provide the Service. After termination or expiration of your account:

  • Your Customer Data will be available for export for thirty (30) days, after which it may be deleted.
  • We may retain certain information as required by law, for legitimate business purposes (such as resolving disputes and enforcing agreements), or as part of our regular backup procedures.
  • Aggregated, anonymized, or de-identified data may be retained indefinitely.

You may request deletion of your personal information at any time by contacting us at privacy@aggrandizelabs.com. We will respond to your request within thirty (30) days.

6. Cookies and Tracking Technologies

We use the following types of cookies and similar technologies:

  • Essential Cookies: Required for the Service to function, including session management, authentication, and security. These cannot be disabled.
  • Analytics Cookies: Help us understand how you use the Service so we can improve functionality and performance.
  • Preference Cookies: Remember your settings and preferences to provide a personalized experience.

Most web browsers allow you to control cookies through their settings. Disabling certain cookies may limit your ability to use some features of the Service.

7. Data Security

We implement commercially reasonable administrative, technical, and physical safeguards to protect your information, including:

  • Encryption of data in transit (TLS) and at rest.
  • Role-based access controls and authentication requirements.
  • Regular security assessments and monitoring.
  • Secure data hosting through reputable cloud infrastructure providers.

However, no method of electronic transmission or storage is completely secure. We cannot guarantee absolute security and are not responsible for unauthorized access resulting from circumstances beyond our reasonable control.

8. Your Rights and Choices

Depending on your location, you may have the following rights regarding your personal information:

  • Access: Request a copy of the personal information we hold about you.
  • Correction: Request that we correct inaccurate or incomplete personal information.
  • Deletion: Request that we delete your personal information, subject to certain legal exceptions.
  • Portability: Request a copy of your data in a structured, machine-readable format.
  • Opt-Out of Marketing: Unsubscribe from promotional emails at any time using the unsubscribe link in each email or by contacting us.
  • Withdraw Consent: Where processing is based on your consent, you may withdraw that consent at any time.

To exercise any of these rights, contact us at privacy@aggrandizelabs.com. We will respond to your request within thirty (30) days. We will not discriminate against you for exercising your privacy rights.

9. California Privacy Rights

If you are a California resident, the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA) provide you with additional rights regarding your personal information:

  • Right to Know: You may request that we disclose the categories and specific pieces of personal information we have collected about you, the sources of collection, the purposes of collection, and the categories of third parties with whom we share it.
  • Right to Delete: You may request that we delete the personal information we have collected about you, subject to certain exceptions.
  • Right to Opt-Out of Sale: We do not sell your personal information. We do not share your personal information for cross-context behavioral advertising.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA/CPRA rights.

To submit a request, contact us at privacy@aggrandizelabs.com. We may need to verify your identity before processing your request.

10. International Data Transfers

The Service is hosted in the United States. If you access the Service from outside the United States, your information will be transferred to and processed in the United States, where data protection laws may differ from those in your jurisdiction. By using the Service, you consent to the transfer and processing of your information in the United States.

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we will ensure that any transfer of your personal data is carried out in accordance with applicable data protection laws, including through the use of standard contractual clauses or other lawful transfer mechanisms where required.

11. Children's Privacy

The Service is not directed to individuals under the age of 18. We do not knowingly collect personal information from children under 18. If we become aware that we have collected personal information from a child under 18, we will take steps to delete such information promptly. If you believe a child under 18 has provided us with personal information, please contact us at privacy@aggrandizelabs.com.

12. Third-Party Links and Services

The Service may contain links to third-party websites, services, or integrations that are not operated by us. We are not responsible for the privacy practices of these third parties. We encourage you to review the privacy policies of any third-party service before providing your information. Our inclusion of a link does not imply endorsement of the linked site or service.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will notify you at least thirty (30) days in advance via email or in-app notification. The "Last updated" date at the top of this page indicates when the policy was last revised. Your continued use of the Service after the effective date of the revised policy constitutes your acceptance of the changes.

14. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Nonce Group, LLC d/b/a Aggrandize
Attn: Privacy
Boise, Idaho
privacy@aggrandizelabs.com

Aggrandize is a trade name of Nonce Group, LLC, an Idaho limited liability company.