Privacy Policy

Effective Date: December 15, 2024

1. Introduction

Leadmate ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered lead qualification and messaging platform ("Service").

Please read this Privacy Policy carefully. By using the Service, you consent to the data practices described in this policy. If you do not agree with this policy, please do not use the Service.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, password, company name, and business details
  • Payment Information: Credit card details, billing address (processed by Stripe)
  • Agent Configuration: AI agent settings, personality prompts, pricing rules
  • Contact Data: Information about your leads and customers that you import or collect
  • Communication Content: Messages sent and received through the platform

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent, click patterns
  • Device Information: IP address, browser type, operating system, device identifiers
  • Log Data: Server logs, error reports, performance data
  • Cookies: Session cookies, authentication tokens, preferences

2.3 Information from Third Parties

  • Social Media Platforms: Data from Facebook, Instagram, WhatsApp when you connect accounts
  • OAuth Providers: Authentication data from Google or other SSO providers
  • Payment Processors: Transaction information from Stripe

3. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve the Service
  • Process transactions and send related information
  • Send administrative notices, updates, and security alerts
  • Respond to your comments, questions, and customer service requests
  • Power AI-driven conversations and lead qualification
  • Analyze usage patterns to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations
  • Enforce our Terms of Service

4. AI and Data Processing

Our Service uses artificial intelligence (AI) to process messages and provide automated responses. Important information about AI data processing:

  • AI Processing: Messages are processed by OpenAI to generate responses
  • No Training on Your Data: Your conversation data is not used to train AI models
  • Data Retention: Conversation history is retained according to our retention policy
  • Human Review: We may review conversations for quality assurance and safety
  • PII Protection: Personally identifiable information is redacted from logs

5. Data Sharing and Disclosure

We may share your information with:

5.1 Service Providers

  • OpenAI: AI processing for conversation handling
  • Stripe: Payment processing
  • Meta (Facebook/Instagram/WhatsApp): Messaging platform integration
  • Supabase: Database and authentication services
  • Email Service Providers: Transactional email delivery

5.2 Legal Requirements

We may disclose information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect rights, safety, or property.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.

6. Data Security

We implement appropriate technical and organizational security measures to protect your information:

  • Encryption of data in transit (TLS/HTTPS) and at rest
  • Secure authentication with session management
  • Row-level security for database access
  • Regular security audits and vulnerability assessments
  • Access controls and employee training
  • PII redaction in system logs
  • Rate limiting to prevent abuse

However, no method of transmission over the Internet or electronic storage is 100% secure. We cannot guarantee absolute security.

7. Data Retention

We retain your information for as long as necessary to provide the Service and fulfill the purposes described in this policy:

  • Account Data: Retained while your account is active, plus 30 days after deletion
  • Conversation History: Retained for 2 years or as required by law
  • Payment Records: Retained for 7 years for tax and legal compliance
  • Log Data: Retained for 90 days

8. Your Rights and Choices

Depending on your location, you may have the following rights:

8.1 Access and Portability

You can request a copy of your personal data in a structured, machine-readable format.

8.2 Correction

You can update or correct inaccurate personal information through your account settings.

8.3 Deletion

You can request deletion of your personal data, subject to legal retention requirements.

8.4 Opt-Out

You can opt out of marketing communications by clicking "unsubscribe" in emails or adjusting notification settings.

8.5 Restrict Processing

You can request that we limit how we use your personal data in certain circumstances.

9. GDPR Compliance (EU Users)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

  • Legal Basis: We process data based on consent, contract performance, legitimate interests, or legal obligation
  • Data Transfers: When transferring data outside the EEA, we use Standard Contractual Clauses
  • Data Protection Officer: Contact privacy@leadmate.io for DPO inquiries
  • Supervisory Authority: You have the right to lodge a complaint with your local data protection authority

10. CCPA Compliance (California Users)

If you are a California resident, you have rights under the California Consumer Privacy Act (CCPA):

  • Right to Know: You can request information about data collection and sharing
  • Right to Delete: You can request deletion of your personal information
  • Right to Opt-Out: You can opt out of the sale of personal information (we do not sell personal information)
  • Non-Discrimination: We will not discriminate against you for exercising your rights

To exercise these rights, contact us at privacy@leadmate.io or use the "Do Not Sell My Personal Information" link in our footer (if applicable).

11. Australian Privacy Principles (Australian Users)

If you are located in Australia, we comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). As an Australian user, you have the following rights:

  • APP 1 - Open and transparent management: This Privacy Policy explains how we manage your personal information
  • APP 5 - Notification: We notify you at or before the time of collection about how we will handle your personal information
  • APP 6 - Use and disclosure: We only use or disclose your personal information for the primary purpose for which it was collected, or for secondary purposes you would reasonably expect
  • APP 7 - Direct marketing: You can opt out of direct marketing at any time by clicking "unsubscribe" or contacting us
  • APP 8 - Cross-border disclosure: When we transfer personal information overseas (including to the United States for AI processing), we take reasonable steps to ensure the overseas recipient handles your information in accordance with Australian privacy laws
  • APP 11 - Security: We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorized access
  • APP 12 - Access: You can request access to your personal information that we hold
  • APP 13 - Correction: You can request correction of your personal information if it is inaccurate, out-of-date, incomplete, irrelevant, or misleading

Complaints: If you believe we have breached the Australian Privacy Principles, you can lodge a complaint with us at privacy@leadmate.io. We will respond within 30 days. If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Overseas Disclosure: Your personal information may be disclosed to service providers located overseas, including in the United States (OpenAI, Stripe) and other countries. By using our Service, you consent to this overseas disclosure.

12. Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Maintain your session and authentication state
  • Remember your preferences
  • Analyze how you use the Service
  • Improve our Service

You can control cookies through your browser settings. Disabling cookies may affect Service functionality.

13. Children's Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.

14. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws. We take appropriate safeguards to ensure your data remains protected, including contractual protections with our service providers.

15. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Effective Date." We encourage you to review this policy periodically.

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

We will respond to your request within 30 days.

By using Leadmate, you acknowledge that you have read and understood this Privacy Policy.

See also: Terms of Service