Privacy Policy

Last Updated: January 8, 2026

1. Introduction

ProfitRinger ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our web application and browser extension.

2. Information We Collect

2.1 Account Information

• Email address: For account creation and authentication
• Name: For identification within your organization
• Profile information: Optional company details, phone number
• Authentication credentials: Encrypted session tokens

2.2 Lead Session Data

• Visitor information: Names, emails, phone numbers submitted by prospects
• Session metadata: Connection times, rep assignments, call outcomes
• UTM parameters: Marketing attribution data from URL parameters

2.3 Usage Data

• Ringer status: Whether your ringer is on or off
• Availability settings: Your schedule and concurrent session limits
• Session history: Calls accepted, declined, or missed

2.4 Browser Extension Data

• Authentication tokens: Stored locally in encrypted format
• Ringer preferences: On/off status, stored locally
• Active notifications: Temporary storage of incoming lead data (cleared after interaction)

3. How We Use Your Information

3.1 Core Functionality

• Authenticate users and maintain secure sessions
• Route incoming leads to available sales representatives
• Send real-time notifications via Pusher Channels
• Store session history and analytics
• Process billing and subscription management via Polar

3.2 Browser Extension

• storage permission: Store encrypted authentication tokens and user preferences locally
• alarms permission: Check authentication status every 5 minutes to keep you connected
• tabs permission: Open authentication pages, meeting URLs, and dashboard links
• notifications permission: Alert you of incoming leads with Chrome notifications
• offscreen permission: Play audio alerts (Manifest V3 requirement for service workers)
• host permissions (profitringer.com): Communicate with our secure API for authentication and notifications

3.3 Future Features

• Google Calendar Integration (Coming Soon): We will request access to your Google Calendar to check availability and schedule follow-up meetings. This permission will be optional and clearly disclosed before requesting access. Calendar data will only be read to check availability and will not be stored on our servers.

4. Data Sharing and Third Parties

4.1 Service Providers

We use the following third-party services to provide our functionality:

• Neon (PostgreSQL): Database hosting
• Upstash (Redis): Caching and session management
• Pusher Channels: Real-time WebSocket notifications
• Polar: Billing and subscription management
• Resend: Transactional email delivery
• Vercel: Application hosting

4.2 What We DON'T Do

• ❌ We do NOT sell your data to third parties
• ❌ We do NOT use your data for advertising
• ❌ We do NOT share your data with marketers
• ❌ We do NOT track you across other websites
• ❌ We do NOT use your data for creditworthiness or lending

5. Data Security

• Encryption: All data transmitted via HTTPS/TLS
• Authentication: Secure session management via Better Auth
• Token storage: Encrypted tokens stored in Redis with expiration
• Database: Hosted on secure Neon infrastructure with access controls

6. Data Retention

• Account data: Retained while your account is active
• Session data: Retained for analytics and reporting purposes
• Deleted accounts: Data permanently deleted within 30 days
• Extension data: Stored locally and cleared when you sign out or uninstall

7. Your Rights

You have the right to:

• Access your personal data
• Correct inaccurate data
• Request deletion of your data
• Export your data
• Opt out of email communications

8. Browser Extension Specific

8.1 What the Extension Stores Locally

• Authentication session token (encrypted)
• Ringer on/off preference
• Active incoming lead notifications (temporary)

8.2 What the Extension Transmits

• Authentication requests to profitringer.com
• Ringer toggle commands
• Accept/decline ring responses
• All transmitted via HTTPS

8.3 What the Extension Does NOT Do

• Does NOT collect browsing history
• Does NOT track activity on other websites
• Does NOT access content from other tabs
• Does NOT execute remote code
• Does NOT send data to any third parties except ProfitRinger servers

9. Cookies and Local Storage

• Session cookies: Used for authentication (Better Auth)
• Preference cookies: Remember your theme and settings
• Local storage: Cache data for performance

10. Children's Privacy

ProfitRinger is not intended for use by individuals under 18 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

• Right to know what personal information is collected
• Right to know if personal information is sold or disclosed
• Right to opt-out of the sale of personal information (we don't sell data)
• Right to deletion of personal information
• Right to non-discrimination for exercising CCPA rights

13. GDPR Compliance (European Users)

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR):

• Legal basis for processing: Contractual necessity and legitimate interest
• Right to access your data
• Right to rectification
• Right to erasure ("right to be forgotten")
• Right to data portability
• Right to object to processing

14. Contact Us

If you have questions about this privacy policy or our data practices:

• Email: support@profitringer.com
• Website: https://profitringer.com

This privacy policy applies to both the ProfitRinger web application and browser extension.