LEADRPrivacy Policy

Privacy Policy

Last updated: April 1, 2025

1. Introduction

LEADR ("we," "our," or "us") is an AI-powered web design studio platform that helps agencies manage leads, deals, client relationships, and payments. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform, including our web application, client portal, and related services.

By accessing or using LEADR, you agree to this Privacy Policy. If you do not agree, please discontinue use of the platform.

2. Information We Collect

2.1 Account & User Data

  • Full name, email address, and profile avatar
  • Authentication credentials (securely hashed passwords)
  • Role and permissions within your organization
  • Login timestamps and session information

2.2 Lead & Business Data

  • Business names, addresses, phone numbers, and email addresses of leads
  • Website URLs, social media profiles, and online presence data
  • Lead source, status, category, and priority designations
  • Notes, follow-up schedules, and interaction history
  • Google Maps ratings and review counts (when available)

2.3 Deal & Financial Data

  • Deal values, plan selections, setup fees, and monthly retainer amounts
  • Contract duration and payment status
  • Profit split percentages and payout records
  • Stripe checkout session identifiers and payment intent IDs

2.4 Client Portal Data

  • Client account credentials and authentication tokens
  • Project status and deployed site URLs
  • Invoice and payment history

2.5 Automatically Collected Data

  • Browser type, operating system, and device information
  • IP address and approximate geographic location
  • Pages visited, features used, and interaction patterns
  • Error logs including severity, module, message, and stack trace data

3. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the LEADR platform
  • Authenticate users and manage access controls
  • Process payments and manage billing through Stripe
  • Generate analytics, leaderboards, and performance reports
  • Calculate profit splits and track payout history
  • Send follow-up reminders, notifications, and system alerts
  • Monitor platform health via error logging and console diagnostics
  • Maintain audit trails for compliance and accountability
  • Improve platform features and user experience
  • Comply with legal obligations

4. Payment Processing & Stripe

We use Stripe as our third-party payment processor. When you make a payment through LEADR:

  • Your payment card details are collected and processed directly by Stripe. LEADR does not store, access, or transmit your full card number, CVV, or expiration date.
  • We store only Stripe-generated identifiers (checkout session IDs and payment intent IDs) to link transactions to your account.
  • Stripe's handling of your payment data is governed by the Stripe Privacy Policy.
  • Stripe is PCI DSS Level 1 certified, the highest level of certification in the payment industry.

For subscription payments, Stripe securely stores your payment method to process recurring charges. You may manage or cancel subscriptions through the client portal or by contacting us directly.

5. Data Storage & Security

Your data is stored securely using Supabase, a hosted PostgreSQL platform with enterprise-grade security:

  • All data is encrypted in transit (TLS 1.2+) and at rest (AES-256)
  • Row Level Security (RLS) policies enforce data isolation between organizations
  • Authentication tokens are managed via secure, HTTP-only cookies
  • Passwords are hashed using bcrypt before storage
  • Service-role access is restricted to server-side operations only (e.g., webhooks)
  • Audit logs are immutable and timestamped for accountability

While we implement commercially reasonable security measures, no system is 100% secure. We cannot guarantee absolute security of your data.

6. Data Sharing & Third Parties

We do not sell your personal information. We may share data with:

  • Stripe — for payment processing (checkout sessions, subscriptions, webhooks)
  • Supabase — as our database and authentication infrastructure provider
  • Vercel — as our hosting provider for the web application
  • Google Maps Platform — for lead discovery and business data enrichment (when Maps search is used)
  • Law enforcement or regulators — when required by law, subpoena, or to protect our rights

7. Client Portal Privacy

If you access LEADR through the client portal, the following applies:

  • Your portal account is created by the agency managing your project. Your initial credentials are generated by the agency administrator.
  • You can view your project status, invoices, and make payments through the portal.
  • Your data is isolated from other clients via Row Level Security — you can only access information related to your own account and projects.
  • Payment data entered through the portal is processed by Stripe under the same protections described in Section 4.

8. Data Retention

  • Account data is retained for as long as your account is active or as needed to provide services.
  • Lead and deal data is retained for the duration of the business relationship and a reasonable period thereafter for record-keeping.
  • Audit logs are retained indefinitely to maintain compliance and accountability.
  • Console error logs are retained for up to 90 days for diagnostic purposes.
  • Payment records are retained as required by applicable tax and financial regulations.
  • You may request deletion of your personal data by contacting us (see Section 11).

9. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your personal data
  • Object to or restrict processing of your data
  • Request data portability
  • Withdraw consent where processing is based on consent

To exercise any of these rights, contact us using the information in Section 11. We will respond to requests within 30 days.

10. Cookies & Tracking

LEADR uses only essential cookies required for platform functionality:

  • Authentication cookies — to maintain your login session securely
  • CSRF tokens — to protect against cross-site request forgery

We do not use advertising cookies, tracking pixels, or third-party analytics cookies. We do not serve targeted advertisements.

11. Contact Us

If you have questions about this Privacy Policy, want to exercise your data rights, or have concerns about how your information is handled, contact us at:

LEADR

Email: privacy@leadr-crm.com

12. Changes to This Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. Continued use of LEADR after changes constitutes acceptance of the updated policy. We encourage you to review this page periodically.

© 2026 LEADR. All rights reserved.Back to Login