LeadsGen
LoginStart free

Privacy Policy

Last updated: April 12, 2026

LeadsGen (“we,” “us,” or “our”) respects your privacy and is committed to protecting it. This Privacy Policy explains what data we collect, how we use it, and your rights regarding your personal information when you use our platform and services (the “Service”).

1. Information we collect

We collect different types of information to provide and improve our services. This may include:

Personal Information

When you register for a LeadsGen account, we collect your name, email address, hashed password, workspace name, and billing address. If you subscribe to a paid plan, Stripe collects your payment details directly — we never store raw card numbers.

Usage Data

We record how you interact with the Service: pages visited, features used, API calls made, jobs created, leads generated, credit transactions, login history (IP + user agent), and error events. This helps us debug issues and improve product quality.

Cookies & Tracking Data

We use cookies to keep you signed in, remember preferences, and measure product analytics. See our Cookie Policy for a full list of cookies we set and how to opt out.

Scraped business data

When you run a scraping job, LeadsGen collects publicly available business data from third-party sources (Google Maps, LinkedIn, Facebook, AnyMailFinder) on your behalf. This data is stored in your workspace and governed by the same security controls as your own data.

2. How we use your information

We may use your information for the following purposes:

  • To provide and maintain our services
  • To improve and personalize your experience on our website
  • To communicate with you about updates, promotions, or services
  • To process payments and issue invoices
  • To detect, prevent, and investigate fraudulent activity or abuse of our platform
  • To comply with legal obligations

3. How we share your information

We do not share your personal information with third parties, except in the following circumstances:

  • Service providers: Payment processing (Stripe), email delivery (Resend), error monitoring (Sentry), infrastructure (Vercel, cPanel host) — all bound by data processing agreements
  • Legal compliance: When required by law, such as responding to a legal request or regulatory obligation
  • Business transfers: In connection with a merger, acquisition, or sale of assets, with notice to affected users
  • With your consent: Any other sharing requires your explicit opt-in

4. Data security

We use industry-standard security measures to protect your data: TLS 1.2+ encryption in transit, encryption at rest for backups, bcrypt password hashing, HMAC-signed webhooks, row-level credit transaction locking, full audit logging, rate limiting, and automated off-site backups with 7-day retention.

While we take reasonable precautions, no method of transmission over the internet is 100% secure. In the event of a data breach, we will notify affected users within 72 hours as required by GDPR.

5. Your rights (GDPR / CCPA)

Depending on your location, you may have the following rights regarding your personal data:

  • The right to access — request a copy of all personal data we hold about you
  • The right to rectification — correct inaccurate or incomplete data
  • The right to erasure — request deletion of your personal data (“right to be forgotten”)
  • The right to restrict processing — limit how we use your data
  • The right to data portability — receive your data in a machine-readable format
  • The right to object — opt out of marketing communications or legitimate-interest processing
  • The right to withdraw consent — where processing is based on consent

If you wish to exercise any of these rights, please contact us at privacy@leadsgen.app. You can also export or delete your data directly from Settings.

6. Data retention

We retain personal data for as long as your account is active or as needed to provide the Service. After account deletion, data is permanently removed within 90 days, except where we are legally required to retain records (billing records: 7 years). Error logs are retained for 90 days, audit logs for 2 years, webhook logs for 30 days.

7. International data transfers

Your data may be processed in countries outside your country of residence. When we transfer data internationally, we use Standard Contractual Clauses or other legally recognized transfer mechanisms to ensure adequate protection.

8. Children

LeadsGen is not directed at children under 16. We do not knowingly collect data from children. If you believe a child has provided us with data, please contact us and we will delete it.

9. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or in-app banner at least 14 days before taking effect. The “Last updated” date at the top reflects the most recent revision.

10. Contact us

If you have questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at privacy@leadsgen.app or through our contact page.

Disclaimer: this document is a template and must be reviewed by qualified legal counsel before production use.