NewMeet OBCRM AI Operations: Boost your student application conversions by 45%.Learn More
OBCRM Logo
Back to Home

Privacy Policy

Last updated: June 17, 2026

OBCRM (“we,” “our,” or “us”) is committed to protecting the privacy of your organization and the student applicants you represent. This Privacy Policy details how we collect, store, share, and protect information when you subscribe to our SaaS platform, use our student portals, or visit our marketing website.

1. Information We Collect

We act as a data processor for study abroad consultancies and student recruitment agencies. In this role, we collect and process several categories of information on your behalf:

  • Admin & Counselor Identifiers: First and last name, business email address, phone coordinates, corporate branch identifier, and login credentials.
  • Student Applicant folders: Personal identifiers, home addresses, dates of birth, nationality, passports, academic transcripts, test grades, and language score benchmarks submitted for university applications.
  • Partner Sub-agent parameters: Agency names, split commission schedules, address directories, and portal upload records.

2. How We Use Information

We process information solely to maintain, optimize, and secure the SaaS CRM platform services:

  • To initialize, provision, and partition your agency sub-tenant database.
  • To execute automated workflow rules such as lead assignment, task triggers, and commission splitting.
  • To process document OCR verification and SOP transcript drafts requested through our AI operations block.
  • To verify user authorization and enforce system access levels (RBAC).

3. Data Sharing & Security Standards

We do not sell student directories or agency analytics to third-party brokers. Data sharing is limited to:

  • Cloud storage infrastructure and database node hostings (AWS/Cloudflare) complying with ISO 27001 and SOC 2 standards.
  • SMS/Email messaging relays (such as Twilio) triggered by your active CRM integrations.

We encrypt all personal folders and transcripts in transit using TLS 1.3 and at rest using AES-256 standard database partitions.

4. Your Compliance Obligations

As the data controller, your agency is responsible for obtaining explicit consent from prospective students before entering their records, transcripts, and passport packages into the OBCRM platform. You must ensure students understand that their folders will be securely processed to match university intake criteria.

5. Support & Updates

We may revise this Privacy Policy periodically. For queries regarding our data security compliance, GDPR compliance registers, or database backup protocols, contact us at support@obcrm.net.