Privacy Policy

Last Updated: May 7, 2026

1. Introduction

ProfitRinger ("we," "our," or "us") respects your privacy and is committed to protecting your personal data. This privacy policy explains how we collect, use, and safeguard your information when you use our web application and browser extension.

2. Information We Collect

2.1 Account Information

  • Email address: For account creation and authentication
  • Name: For identification within your organization
  • Profile information: Optional company details, phone number
  • Authentication credentials: Encrypted session tokens

2.2 Lead Session Data

  • Visitor information: Names, emails, phone numbers submitted by prospects
  • Session metadata: Connection times, rep assignments, call outcomes
  • UTM parameters: Marketing attribution data from URL parameters

2.3 Usage Data

  • Ringer status: Whether your ringer is on or off
  • Availability settings: Your schedule and concurrent session limits
  • Session history: Calls accepted, declined, or missed

2.4 Browser Extension Data

  • Authentication tokens: Stored locally in encrypted format
  • Ringer preferences: On/off status, stored locally
  • Active notifications: Temporary storage of incoming lead data (cleared after interaction)

2.5 Google User Data

If you sign in with Google or connect a Google integration, we may collect or process Google user data that you authorize through Google's OAuth consent screen.

  • Google Sign-In data: Your Google account identifier, name, email address, profile image, and email verification status, used to create and authenticate your ProfitRinger account.
  • Google Calendar data: If you connect Google Calendar, calendar account information, calendar metadata, availability information, and event data needed to check availability, create meetings, update meetings, and show connected calendar status.
  • OAuth tokens: Access tokens, refresh tokens, granted scopes, expiration times, and connected account metadata needed to maintain the integration you requested.

3. How We Use Your Information

3.1 Core Functionality

  • Authenticate users and maintain secure sessions
  • Route incoming leads to available sales representatives
  • Send real-time notifications via Convex reactive subscriptions
  • Store session history and analytics
  • Process billing and subscription management via Polar

3.2 Browser Extension

  • storage permission: Store encrypted authentication tokens and user preferences locally
  • alarms permission: Check authentication status every 5 minutes to keep you connected
  • tabs permission: Open authentication pages, meeting URLs, and dashboard links
  • notifications permission: Alert you of incoming leads with Chrome notifications
  • offscreen permission: Play audio alerts (Manifest V3 requirement for service workers)
  • host permissions (profitringer.com): Communicate with our secure API for authentication and notifications

3.3 Google User Data

We use Google user data only to provide and improve the user-facing ProfitRinger features you request.

ProfitRinger's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

  • Authenticate your account when you choose Google Sign-In
  • Display the Google account connected to your organization or user profile
  • Check calendar availability when you configure Google Calendar features
  • Create, update, or link meeting events when you explicitly use calendar scheduling features
  • Maintain OAuth connections, refresh expired access tokens, and troubleshoot integration errors

We do not use Google user data for advertising, retargeting, personalized ads, selling data, determining creditworthiness, lending, building data broker products, or training generalized AI or machine learning models.

4. Data Sharing and Third Parties

4.1 Service Providers

We use the following third-party services to provide our functionality:

  • Convex: Serverless database and real-time WebSocket subscriptions
  • Polar: Billing and subscription management
  • Resend: Transactional email delivery
  • Vercel: Application hosting

4.2 What We DON'T Do

  • ❌ We do NOT sell your data to third parties
  • ❌ We do NOT use your data for advertising
  • ❌ We do NOT share your data with marketers
  • ❌ We do NOT track you across other websites
  • ❌ We do NOT use your data for creditworthiness or lending
  • ❌ We do NOT use Google user data to train generalized AI or machine learning models

4.3 Google User Data Sharing

We do not sell Google user data. We do not transfer Google user data to third parties except as necessary to provide ProfitRinger functionality, comply with law, protect users, or act on your instructions.

  • Service providers: Google user data may be processed by infrastructure providers such as Convex and Vercel solely to host, secure, store, and operate ProfitRinger.
  • Your organization: Calendar connection status or account labels may be visible to authorized administrators in your ProfitRinger organization.
  • Legal and security: We may disclose information if required by law or necessary to detect, prevent, or address fraud, abuse, security incidents, or technical issues.

5. Data Security

  • Encryption: All data transmitted via HTTPS/TLS
  • Authentication: Secure session management via Better Auth
  • Token storage: Encrypted tokens stored in Convex with expiration
  • Database: Hosted on Convex Cloud with access controls
  • Google OAuth protection: Google OAuth tokens are stored server-side, access is limited to authorized application workflows, and tokens are not exposed to browser extension storage or public client code.
  • Access controls: Organization data is scoped by organization and user permissions to reduce unauthorized access.

6. Data Retention

  • Account data: Retained while your account is active
  • Session data: Retained for analytics and reporting purposes
  • Deleted accounts: Data permanently deleted within 30 days
  • Extension data: Stored locally and cleared when you sign out or uninstall
  • Google OAuth tokens: Retained while the integration remains connected and deleted when you disconnect the integration or delete your account, subject to backup and legal retention requirements.
  • Google Calendar data: Retained only as needed to provide calendar integration functionality, maintain audit/debug records, or satisfy legal obligations.

7. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Export your data
  • Opt out of email communications
  • Disconnect Google integrations and request deletion of Google user data associated with your account or organization

To request access, correction, export, deletion, or Google integration disconnection assistance, contact us at support@profitringer.com. You may also revoke ProfitRinger's access to your Google Account from your Google Account permissions page.

8. Browser Extension Specific

8.1 What the Extension Stores Locally

  • Authentication session token (encrypted)
  • Ringer on/off preference
  • Active incoming lead notifications (temporary)

8.2 What the Extension Transmits

  • Authentication requests to profitringer.com
  • Ringer toggle commands
  • Accept/decline ring responses
  • All transmitted via HTTPS

8.3 What the Extension Does NOT Do

  • Does NOT collect browsing history
  • Does NOT track activity on other websites
  • Does NOT access content from other tabs
  • Does NOT execute remote code
  • Does NOT send data to any third parties except ProfitRinger servers

9. Cookies and Local Storage

  • Session cookies: Used for authentication (Better Auth)
  • Preference cookies: Remember your theme and settings
  • Local storage: Cache data for performance

10. Children's Privacy

ProfitRinger is not intended for use by individuals under 18 years of age. We do not knowingly collect data from children.

11. Changes to This Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last Updated" date.

12. California Privacy Rights (CCPA)

California residents have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected
  • Right to know if personal information is sold or disclosed
  • Right to opt-out of the sale of personal information (we don't sell data)
  • Right to deletion of personal information
  • Right to non-discrimination for exercising CCPA rights

13. GDPR Compliance (European Users)

For users in the European Economic Area (EEA), we comply with the General Data Protection Regulation (GDPR):

  • Legal basis for processing: Contractual necessity and legitimate interest
  • Right to access your data
  • Right to rectification
  • Right to erasure ("right to be forgotten")
  • Right to data portability
  • Right to object to processing

14. Contact Us

If you have questions about this privacy policy or our data practices:

  • Email: support@profitringer.com
  • Website: https://profitringer.com

This privacy policy applies to both the ProfitRinger web application and browser extension.