Privacy Policy

We collect information you provide directly to us when you create an account, use the Service, or contact us for support. This includes: • **Account information**: name, email address, and password when you register. • **Profile information**: job title, company name, phone number, and profile photo if you choose to provide them. • **Usage data**: how you interact with the Service, including features you use, pages you visit, and actions you take. • **Lead data**: the contacts, companies, notes, attachments, and other information you add to the Service. • **Communications**: messages you send to our support team. • **Device information**: IP address, browser type, operating system, and device identifiers.

We use the information we collect to: • Provide, maintain, and improve the Service. • Process transactions and send related information. • Send administrative messages, updates, and security alerts. • Respond to your comments and questions. • Monitor and analyse trends, usage, and activities. • Detect, investigate, and prevent fraudulent transactions and other illegal activities. • Comply with legal obligations. We do not sell your personal information to third parties. We do not use your lead data for any purpose other than providing the Service to you.

We may share your information with: • **Service providers**: third-party vendors who perform services on our behalf (hosting, payment processing, email delivery). These providers are contractually required to protect your data. • **Business transfers**: if we are involved in a merger, acquisition, or sale of assets, your information may be transferred. We will notify you before your information becomes subject to a different privacy policy. • **Legal requirements**: we may disclose your information if required by law or in response to valid legal process. • **With your consent**: we may share your information for any other purpose with your explicit consent. We will never sell, rent, or trade your personal information.

We take security seriously and implement industry-standard safeguards: • **Encryption**: all data is encrypted in transit using TLS 1.2+ and at rest. • **Authentication**: passwords are hashed using bcrypt with a minimum of 10 salt rounds. We never store plaintext passwords. • **Access control**: role-based permissions ensure users only access data relevant to their role. • **Rate limiting**: API endpoints are rate-limited to prevent brute-force attacks. • **Audit logging**: all significant actions are logged with user identity and timestamps. No method of transmission over the internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your information, we cannot guarantee its absolute security.

We retain your information for as long as your account is active or as needed to provide the Service. If you close your account: • We delete or anonymise your personal information within 30 days. • Lead data, attachments, and activity logs are deleted within 30 days. • We may retain certain information as required by law or for legitimate business purposes (e.g. fraud prevention, dispute resolution). You may request deletion of your data at any time by contacting us at privacy@leadcrm.com.

We use cookies and similar tracking technologies to operate and improve the Service. **Essential cookies** are required for the Service to function. They cannot be disabled. **Analytics cookies** help us understand how visitors interact with the Service. We use this data in aggregate form only. **Preference cookies** remember your settings (such as theme preference) between sessions. You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

Depending on your location, you may have the following rights: • **Access**: request a copy of the personal information we hold about you. • **Correction**: ask us to correct inaccurate or incomplete information. • **Deletion**: request that we delete your personal information. • **Portability**: receive your data in a structured, machine-readable format. • **Objection**: object to our processing of your information. • **Restriction**: ask us to restrict how we use your information. To exercise any of these rights, please contact us at privacy@leadcrm.com. We will respond within 30 days.

If you have questions about this Privacy Policy or our data practices, please contact us: **LeadCRM Privacy Team** Email: privacy@leadcrm.com Address: LeadCRM Inc., San Francisco, CA, USA For EU residents: we are committed to resolving privacy complaints. If you have an unresolved complaint, you may contact your local data protection authority.