AgentMorning

Privacy Policy

Last updated: April 26, 2026

AgentMorning ("we", "us", "our") is a lightweight CRM for solo real estate agents. This Privacy Policy explains what data we collect, how we use it, and the choices you have. We collect the absolute minimum needed to make the product work and we never sell your data.

Information we collect

Account information

You sign in with Google OAuth via Supabase. We receive your name, email address, and profile photo from Google — nothing else. You may also add a phone number and timezone in Settings.

CRM data you provide

Everything you enter into AgentMorning is your data. This includes:

  • Contacts — name, phone, email, type, source, tags, notes, estimated deal value, pipeline stage, follow-up preferences, sale price, closing date, and referral info
  • Timeline entries — call, text, email, meeting, and note logs including direction, duration, subject, content, and property address
  • Sequences and templates — email subjects and body text you create
  • Imported data — CSV or JSON files you upload for contact import
  • Feature requests — title and optional description you submit

Billing information

Subscription payments are processed by Polar. You are redirected to Polar's checkout and customer portal to manage payment. We never see or store your credit card details. We only receive your subscription status and plan information from Polar.

Cookies and local storage

We use minimal browser storage — strictly functional, never for advertising or tracking:

  • Theme cookie — stores your light/dark preference for 1 year (samesite=lax, path=/)
  • Theme (localStorage) — mirrors the theme cookie for instant page load without flash
  • Changelog timestamp (localStorage) — remembers when you last viewed "What's new" so we can show a badge for unread updates
  • Auth session (localStorage) — managed by the Supabase client library to keep you signed in and refresh your session token

We do not use any marketing, advertising, or analytics cookies.

Analytics and tracking

We do not use third-party analytics services. No Google Analytics, no Segment, no PostHog, no tracking pixels, and no ad networks. We do not fingerprint your browser or track you across sites.

Third-party services

We rely on a small number of trusted services to operate AgentMorning:

  • Supabase — authentication and session management (privacy policy)
  • Google — OAuth sign-in and Google Fonts (the Inter typeface loaded on every page; Google may collect your IP address) (privacy policy)
  • Polar — subscription billing and payment processing (privacy policy)
  • Railway — backend hosting and data processing (privacy policy)

These services process data only as needed to provide their function. We do not share your CRM data with any of them beyond what is technically required.

How we use your data

  • Provide and operate the CRM service
  • Authenticate your identity and maintain your session
  • Process subscription billing through Polar
  • Respond to your support inquiries and feature requests
  • Improve the product based on aggregated, non-personal usage patterns

Data sharing

We do not sell, rent, or trade your personal data. We share data only with the sub-processors listed above, and only to the extent necessary for them to provide their services. We may disclose data if required by law or to protect our legal rights.

Data retention

Your data is retained for as long as your account is active. If you delete your account (available in Settings), we permanently remove all your records — contacts, timeline, sequences, and profile — within 30 days. Backups that may contain your data are purged on the same cycle.

Your rights

  • Export — download all your data in JSON format at any time from Settings
  • Delete — permanently delete your account and all associated data from Settings
  • Access & correction — view and edit all your data directly in the app

If you need assistance exercising these rights, contact us at the address below.

Security

All connections to AgentMorning use HTTPS. Authentication is handled by Supabase with industry-standard JWT tokens. API requests are authenticated with short-lived access tokens that are automatically refreshed. While no system is perfectly secure, we apply reasonable measures to protect your data.

Children's privacy

AgentMorning is a business tool for real estate professionals. We do not knowingly collect data from anyone under 16. If we learn that a child has created an account, we will delete it promptly.

International users

AgentMorning is operated from the United States. If you access the service from outside the US, your data may be transferred to and processed in the US and other countries where our service providers operate. By using AgentMorning you consent to this transfer.

Changes to this policy

We may update this policy from time to time. When we do, we will revise the "last updated" date at the top. For material changes, we will notify you via email or an in-app notice. Continued use of the service after changes constitutes acceptance of the updated policy.

Contact

Privacy questions or requests: andrew@agentmorning.com

© 2026 AgentMorning. Built by a solo agent, for solo agents.