Privacy Policy — SeldonFrame

1. Introduction

SeldonFrame ("we," "our," "us") is a business identity operating system that helps service professionals manage their business. This includes CRM, booking, email, landing pages, and payment features — all connected through a single business identity layer called the "soul." This Privacy Policy explains how we collect, use, and protect your information when you use SeldonFrame at app.seldonframe.com.

2. What We Collect

• Account information: name, email address (collected during signup via Google OAuth or magic link email)
• Business information: business name, service types, pipeline stages, voice preferences, branding — all provided voluntarily during the soul wizard onboarding
• Client/contact data: names, emails, phone numbers, notes, and booking history that YOU add to your CRM
• Usage data: pages visited, features used, blocks installed (for improving the product)
• Payment information: processed by Stripe — we never store credit card numbers

3. How We Use Your Data

• To provide and personalize the SeldonFrame service
• To configure your business identity (soul) so all blocks adapt to your business
• To process bookings, send emails, and manage contacts on your behalf
• To improve the product based on usage patterns
• We do NOT sell your data to third parties
• We do NOT use your business or client data to train AI models

4. Google OAuth

When you sign in with Google, we receive your name and email address from your Google account. We do not access your Google contacts, calendar, drive, or any other Google services unless you explicitly connect them in Settings. We use Google OAuth solely for authentication.

5. Data Storage and Security

• Data is stored on servers in the United States (Vercel, Neon PostgreSQL)
• All data is encrypted in transit (HTTPS/TLS)
• Sensitive credentials (API keys, integration tokens) are encrypted at rest
• We use industry-standard security practices

6. Your Rights

• You can export your data at any time
• You can delete your account and all associated data by contacting us
• You can disconnect Google OAuth at any time
• For self-hosted users: your data never leaves your own infrastructure

7. Third-Party Services

SeldonFrame integrates with third-party services only when you explicitly connect them:

• Stripe (payments)
• Resend (email delivery)
• Google Calendar (scheduling, optional)
• Twilio (SMS, optional)

We only share the minimum data necessary for each integration to function.

8. SMS & Mobile Information

When you provide a mobile phone number to a business operating on SeldonFrame — by booking, submitting a form, placing a call, or replying to a text — we collect that number and your messaging consent so the business can send you SMS such as booking confirmations, appointment reminders, missed-call follow-ups, and review requests. You can opt out at any time by replying STOP.

• No mobile information — including your phone number and SMS opt-in or consent — is ever sold, rented, or shared with third parties or affiliates for their own marketing or promotional purposes.
• We share your number only with the messaging carrier and our SMS provider (Twilio), strictly to deliver the messages you asked to receive.
• SMS opt-in and consent data are never shared with any third party for any purpose other than delivering your messages.

See our Terms of Service for the full SMS program disclosures (opt-out, HELP, message frequency, and rates).

9. Open Source

SeldonFrame is open source. The source code is available at github.com/seldonframe/crm. Self-hosted users control their own data entirely — no data is sent to SeldonFrame servers.

10. Contact

For privacy questions: privacy@seldonframe.com
SeldonFrame is operated by Max Thule.

11. Changes

We may update this policy. Changes will be posted on this page with an updated date.