Effective date: 28th day of August, 2025

www.karmacrm.com (the “Site”) is owned and operated by John P. Narowski. John P. Narowski is the data controller and can be contacted at: support@karmacrm.com

At Karma Software, Inc., we prioritize your privacy and data security. This Privacy Policy outlines how we adhere to the EU-U.S. Data Privacy Framework (DPF) Principles to safeguard personal information transferred from the European Union (EU) and the United Kingdom (UK) to the United States (U.S.). Our compliance ensures transparency, trust, and adherence to the highest standards of data protection.

Scope and Application

This Privacy Policy applies to all personal information collected, processed, and shared under the scope of our certification to the DPF Principles.

  1. Notice

We collect personal information to provide services and enhance user experience. Information collected may include names, email addresses, and billing details. We use this data to:

  • Process transactions and manage customer accounts
  • Create your account and enable features within the system
  • Send customer service communications

We share this data only with third parties that help us fulfill these purposes. You will be informed of any new uses of your personal data or changes in third-party data sharing.

We may also be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

  1. Choice

You have the right to opt out of sharing your personal data with third parties or using your data for purposes other than those originally collected or authorized. By opting out, your account will be placed at a Free Account level, and any integrations will be severed. Please contact us at support@karmacrm.com to exercise this right.

  1. Accountability for Onward Transfer

When transferring personal data to third parties, we ensure that they maintain the same level of data protection required under the DPF Principles. Contracts and other measures are implemented to ensure compliance.

Under the DPF Principles, we remain liable if our third-party service providers process personal data in a manner inconsistent with these Principles, unless we can demonstrate that we are not responsible for the event giving rise to the damage.

  1. Security

We implement reasonable and appropriate security measures to prevent unauthorized access, disclosure, alteration, or destruction of your personal data.

  1. Data Integrity and Purpose Limitation

We collect only relevant and accurate data necessary for our legitimate purposes. Personal data is retained only as long as required for the purposes for which it was collected, after which it is securely deleted or anonymized.

  1. Access

You have the right to access your personal data held by us, to correct any inaccuracies, and to request deletion under certain conditions. Please contact support@karmacrm.com for assistance.

  1. Recourse, Enforcement, and Liability

We use an independent dispute resolution provider to address unresolved complaints regarding privacy practices. Complaints can also be filed with relevant EU data protection authorities or the U.S. Department of Commerce.

Karma Software, Inc. complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF) and the UK Extension to the EU-U.S. DPF, as set forth by the U.S. Department of Commerce. Karma Software, Inc. has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF Principles with regard to the processing of personal data received from the EU and the UK in reliance on the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF. If there is any conflict between the terms in this privacy policy and the DPF Principles, the Principles shall govern. To learn more about the Data Privacy Framework (DPF) Program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

In compliance with the EU-U.S. DPF and the UK Extension to the EU-U.S. DPF, Karma Software, Inc., commits to resolve DPF Principles-related complaints about your privacy and our collection or use of your personal information. European Union, United Kingdom, and Swiss individuals with inquiries or complaints regarding our handling of personal data in reliance on the DPF should first contact Karma Software at: support@karmarcrm.com

Karma Software has further committed to refer unresolved DPF Principles-related complaints to a U.S.-based independent dispute resolution mechanism, BBB NATIONAL PROGRAMS. If you do not receive timely acknowledgment of your complaint, or if your complaint is not satisfactorily addressed by us, please visit www.bbbprograms.org/dpf-complaints for more information and to file a complaint. This service is provided free of charge to you.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission (FTC).

If your DPF complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. See  https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction for more information on this process.

Contact Information
If you have any questions or concerns regarding this Privacy Policy or how we handle your data under the DPF Principles, please contact:

support@karmacrm.com

  Get expert sales tips straight to your inbox, and become a better salesperson. Subscribe to the Sales Blog below.