Data Protection

Lua CRM is committed to protecting personal data and ensuring the confidentiality, integrity, and availability of all information processed through our platform. This Data Protection page describes the technical, organisational, and legal measures implemented to safeguard data in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR).

1.1 Customer Management Manage your customer data, contacts, and interactions in one central location. Track customer details, communication history, and sales activities. 2.1 Sales Pipeline Monitor your sales pipeline and forecast future revenue. Identify high-value leads and prioritize sales activities. 3.1 Financial Operations Streamline your financial processes like invoicing, payments, and expense tracking. Generate reports for accounting and tax purposes. 4.1 User Permissions Customize user roles and permissions to control access to sensitive data and features. Ensure your team has the right level of access.

• Lua CRM serves as a Data Controller for its own operational data.
• Lua CRM serves as a Data Processor for customer-uploaded data processed within the CRM.
• Customers remain responsible for the lawfulness of data they collect and process using Lua CRM.

• Primary data hosting: Germany (Hetzner)
• 3.2 Sichere Cloud-Infrastruktur innerhalb der Europäischen Union
• Redundant systems and monitored environments

3.2 Data a ọ na-akpọ na-eme na-enye ọrụ na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-eme na-

3.1 Applies industry-standard security practices, including:

• Encrypted data transmission (TLS/HTTPS)
• Encrypted credentials and access tokens
• Role-based access control (RBAC)
• Secure authentication and authorisation
• Protection against unauthorized access
• Logging and monitoring of system activity

• 3.2 Ọ̀rọ̀ àwọn ẹni tí a gbà láyè nìkan ní ní ẹ̀tọ́ láti wọ́ dátà.
• 3.2 Confidentiality obligations for employees and contractors Ọrụ na ọrụ nke ọrụ na ọrụ
• Internal security policies and procedures
• Regular review of access permissions

Lua CRM leverages AI technologies to improve productivity and automation.

Safeguards include:

• AI processing only within user-defined scopes
• No resale of customer data
• No use of customer data to train public AI models
• Isolation of customer environments where applicable

When used by medical or dental organisations, Lua CRM may process sensitive personal data.

Additional safeguards include:

• Restricted access controls
• Secure storage and transmission
• Processing strictly under customer directives
• Compliance with GDPR Article 9 requirements

3.2 Ọ bụ ọrụ ndị ọrịa ịchọpụta ụzọ dị n'iwu maka ịchịkwa data nchekwa.

Lua CRM uses vetted third-party processors, including:

• Cloud infrastructure providers
• Payment gateways
• Authentication services
• Communication Service Providers

3.2 Ang lahat ng mga processor ay may mga obligasyon sa proteksyon ng data at kumpidensiyalidad na nakasaad sa kontrata.

In the event of a personal data breach:

• Lua CRM will promptly investigate the incident.
• Affected customers will be notified without undue delay.
• Regulatory authorities will be notified where legally required.
• Mitigation measures will be applied immediately

3.1 Fulfilling Data Subject Rights Lua CRM supports customers in fulfilling data subject rights, including:

• Access
• Rectification
• Erasure
• Restriction
• Data portability

Requests can be submitted via: [email protected]

• Data is retained only as long as necessary
• Customers control retention of their CRM data
• Secure deletion procedures are applied upon request or contract termination

Lua CRM aligns with:

• GDPR
• Data Protection Principles
• Industry best practices for SaaS platforms

3.2 Formal certifications may be added as the platform evolves.

For data protection inquiries: