Privacy Policy

Effective Date: February 15, 2026

This Privacy Policy explains how iByte Innovations ("Company", "we", "us", or "our") collects, uses, stores, and protects your information when you use Fennel Cloud (the "Service"). We are committed to protecting your privacy and handling your data responsibly.

1. Information We Collect

1.1 Account Information

When you register for an account, we collect:

  • Full name
  • Email address
  • Password (stored as a secure, one-way hash)
  • Organization name and type

1.2 Business Data

In the course of using the Service, you and your team members may input business data such as lead information (names, phone numbers, email addresses, notes), custom field values, activity logs, and other content relevant to your business operations ("Business Data").

1.3 Usage Data

We automatically collect certain information when you use the Service, including:

  • IP address and approximate location
  • Browser type and version
  • Pages visited and features used
  • Date and time of access
  • Referring URL

1.4 Third-Party Integration Data

If you connect third-party services (such as Meta/Facebook for Lead Ads integration), we may receive data from those services, including page access tokens, lead form submissions, and page metadata. This data is processed solely to provide the integration functionality you requested.

1.5 Payment Information

Payment processing is handled by third-party payment processors. We do not store your full credit card number or banking details on our servers. We may retain transaction identifiers and billing history for accounting purposes.

2. How We Use Your Information

We use the information we collect to:

  • Provide the Service: Operate, maintain, and improve Fennel Cloud's features and functionality.
  • Account Management: Create and manage your account, authenticate your identity, and process your requests.
  • Communication: Send service-related notifications, updates, security alerts, and support messages.
  • Billing: Process payments and manage your subscription.
  • Security: Detect, prevent, and address fraud, abuse, and security issues.
  • Analytics: Understand how users interact with the Service to improve the user experience.
  • Legal Compliance: Comply with applicable laws, regulations, and legal processes.

3. Data Storage & Security

We take the security of your data seriously and implement measures including:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using SSL/TLS.
  • Password Security: Passwords are hashed using industry-standard algorithms (bcrypt). We never store plaintext passwords.
  • Two-Factor Authentication: Optional TOTP-based two-factor authentication is available for additional account security.
  • Access Controls: Role-based access controls limit data access to authorized team members within your organization.
  • Regular Backups: Data is backed up regularly to prevent loss.

While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security but will notify affected users promptly in the event of a data breach.

4. Data Sharing & Disclosure

We do not sell, rent, or trade your personal information. We may share your information only in the following circumstances:

  • Within Your Organization: Data you input is accessible to other members of your organization based on their role and permissions.
  • Service Providers: We may share data with trusted third-party service providers who assist in operating the Service (e.g., hosting, payment processing), subject to confidentiality obligations.
  • Third-Party Integrations: When you enable integrations (e.g., Meta Lead Ads), data is exchanged with those platforms in accordance with their respective privacy policies.
  • Legal Requirements: We may disclose information when required by law, court order, or government request, or to protect the rights, safety, or property of iByte Innovations, our users, or the public.
  • Business Transfers: In the event of a merger, acquisition, or asset sale, user data may be transferred as part of the transaction, subject to this Privacy Policy.

5. Multi-Tenant Data Isolation

Fennel Cloud operates on a multi-tenant architecture. Each organization's data is logically isolated using organization-specific identifiers. Team members of one organization cannot access data belonging to another organization. We maintain strict data boundaries between tenants.

6. Cookies & Tracking

We use cookies and similar technologies for:

  • Essential Cookies: Session management, authentication, and CSRF protection. These are required for the Service to function.
  • Preference Cookies: Remembering your settings (e.g., theme preference, dashboard filters).

We do not use third-party advertising cookies or cross-site tracking on the application. The marketing website may use analytics cookies to understand visitor behavior.

7. Data Retention

We retain your data as follows:

  • Active Accounts: Data is retained for as long as your account is active and your subscription is valid.
  • Cancelled Accounts: After cancellation, your data is retained for 30 days to allow for reactivation. After 30 days, data may be permanently deleted.
  • Deleted Content: Items you delete within the Service (e.g., trashed leads) follow the Service's retention rules (e.g., trash can be emptied manually or retained for a period).
  • Legal Obligations: We may retain certain data longer if required for legal, tax, or regulatory compliance.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request correction of inaccurate or incomplete data.
  • Deletion: Request deletion of your personal data, subject to legal retention requirements.
  • Portability: Request your data in a structured, commonly used format.
  • Objection: Object to certain types of data processing.
  • Withdrawal of Consent: Where processing is based on consent, you may withdraw it at any time.

To exercise any of these rights, contact us at privacy@fennel.cloud. We will respond to requests within 30 days.

9. Children's Privacy

The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete it promptly.

10. International Data Transfers

Your data may be stored and processed in servers located outside your country of residence. By using the Service, you consent to the transfer of your data to these locations. We ensure that appropriate safeguards are in place to protect your data in accordance with this Privacy Policy.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes via email or through a notice on the Service at least 30 days before they take effect. The "Effective Date" at the top will be updated accordingly.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us: