Data Privacy Statement

How your data is processed, what is retained, and what is not.

How Your Data Is Processed

Pipeline Recovery Group operates under a strict CSV-only processing model. You upload a CSV export of your CRM data—contacts, deals, and companies. Our system:

  • Accepts only CSV format (no API access, no CRM login credentials)
  • Processes your data locally within the diagnostic session
  • Applies deterministic rule detection against the Revenue Risk Framework
  • Generates a classification and exposure score
  • Returns a version-stamped diagnostic PDF and receipt

At no point do we access your CRM platform directly, store your raw data on our servers, or transmit your data to third parties.

What We Do Not Store

The following information is processed during your diagnostic but is never retained after session completion:

  • Contact names and email addresses
  • Deal names and descriptions
  • Company identifiers beyond aggregated structural metrics
  • Raw CSV data in any form
  • CRM credentials or authentication tokens

What We Do Retain

To support your diagnostic, enable support, and track system health, we retain the following for 90 days:

Intake Metadata

Structural information about your upload: number of contacts, deals, and companies; date ranges in your pipeline; CRM source detection (e.g., "Salesforce", "HubSpot"); schema confidence grade (HIGH, MODERATE, LOW).

Scoring Metadata

Your Composite Exposure Index (CEI), classification tier, which deterministic rules triggered, and eligibility status for each rule domain. This supports comparisons if you re-run diagnostics.

Support Tokens

A unique intake support token (INT-xxxx) and audit run token (AUD-xxxx) are generated for every diagnostic. These tokens enable you to reference your diagnostic in support requests without re-sharing your data.

Snapshot Fingerprint

A deterministic hash of your dataset's structural properties (column names, data types, row counts, date range fingerprint). This allows us to detect if you re-upload the same dataset and inform you of version drift or prior diagnostic results.

No Third-Party Sharing

Your data is never shared with third parties. We do not:

  • Sell or license your data
  • Share your data with CRM vendors or analytics platforms
  • Use your data to train machine learning models
  • Disclose your dataset to any external service without explicit written consent

Data Retention

Intake metadata, scoring metadata, and support tokens are retained for 90 days from the date of your diagnostic. After 90 days, all data associated with your session is deleted from our systems. Snapshot fingerprints are retained indefinitely to support re-upload detection and version drift analysis, but the fingerprint itself contains no personally identifiable information.

Your Rights

  • You may request a summary of what metadata we retain about your diagnostic by contacting support with your support token (AUD-xxxx).
  • You may request deletion of your diagnostic record at any time. We will remove all metadata associated with your session within 5 business days.
  • You control all copies of your diagnostic PDF and receipt. If you delete these files, your diagnostic is no longer accessible to you outside of our support token recovery process.

CRM Platform Independence

Pipeline Recovery Group is independent of all CRM platforms. We do not have contractual relationships with CRM vendors that would create conflicts in how we assess your data or present findings. Your diagnostic is yours—you determine how to share it, with whom, and when.

Effective February 2026 · Pipeline Recovery Group