← Back to home

Privacy Policy

Last updated: January 2026.

LeadFlags (“we”, “our”, “the service”) is committed to protecting your privacy. This policy explains how we collect, use, store, and protect information when you use our website, API, and client dashboard.

1. Data controller

The data controller responsible for your personal data in connection with this service is LeadFlags. You can contact us at info@leadflags.com.

2. What data we collect

2.1 Website and contact form

When you use our website or submit the contact form, we may collect:

• Contact form: name, email address, company (optional), and message content. We use this solely to respond to your request. We do not use it for marketing unless you have given explicit consent.
• Usage data: IP address, browser type, pages visited, and similar technical data may be logged by our hosting provider for security and operation. We do not use this to identify you personally beyond what is necessary for security and abuse prevention.

2.2 API (Lead scoring)

Our API is designed to avoid storing personal data:

• Lead data you send: We do not store the raw lead content (names, emails, phone numbers, messages) you submit for scoring. We compute a quality score and return it to you. For analytics and usage accounting we may store anonymised data only (e.g. hashed identifiers, score, quality level, flags, and recommended action) so that we cannot reconstruct the original lead.
• API key and usage: We associate API requests with your client account (API key) for billing, quotas, and support. We do not log request bodies or store PII from the payloads.

2.3 Client and admin dashboards

If you log in to the client or admin dashboard we store:

• Login email and a hashed password for authentication.
• Session data (e.g. client or admin ID) for the duration of your session. We do not share this with third parties.
• Anonymised usage and scoring statistics (e.g. number of leads scored, quality distribution, flag counts) as described in the API section above.

3. Legal basis and purposes

We process your data on the following bases:

• Contract: To provide the API, dashboard, and support you have signed up for.
• Legitimate interests: To operate and secure our systems, prevent abuse, and improve our service (e.g. aggregated analytics).
• Consent: Where we ask for consent (e.g. optional cookies or marketing), we will process data only as you have agreed.

4. Retention

We retain data only as long as necessary:

• Contact form: We keep your message and contact details only as long as needed to handle your request and any follow-up.
• Anonymised scoring/usage data: Retained according to our configured retention period (e.g. 30 days) for analytics and support, then deleted or further anonymised.
• Account data: For as long as your account is active and, after closure, as required by law or for legitimate purposes (e.g. disputes, legal obligations).

5. Your rights

Depending on applicable law (including GDPR if you are in the EEA), you may have the right to:

• Access: Request a copy of the personal data we hold about you.
• Rectification: Ask us to correct inaccurate or incomplete data.
• Erasure: Ask us to delete your personal data, subject to legal and contractual exceptions.
• Restriction: Request that we limit how we use your data in certain circumstances.
• Portability: Receive your data in a structured, machine-readable format where applicable.
• Object: Object to processing based on legitimate interests or to direct marketing.
• Withdraw consent: Where processing is based on consent, you may withdraw it at any time.
• Complain: Lodge a complaint with a supervisory authority in your country.

To exercise these rights, contact us at info@leadflags.com. We will respond within the time required by applicable law.

6. Cookies

We use cookies and similar technologies as follows:

• Strictly necessary: Session cookies required to keep you logged in to the client or admin dashboard. These cannot be disabled if you use the dashboard.
• Preferences: We may store your cookie consent choice (e.g. “Accept”) so we do not show the cookie notice again.
• We do not use third-party advertising or tracking cookies on our main site. If we introduce analytics or other optional cookies, we will ask for your consent and describe them here.

You can control cookies via your browser settings. Blocking strictly necessary cookies may prevent you from using the dashboard.

7. Sharing and transfers

We do not sell your personal data. We may share data only:

• With service providers (e.g. hosting, email) who process data on our instructions and under agreements that protect your data.
• When required by law, court order, or to protect our rights and safety.

If we transfer data outside the European Economic Area, we ensure appropriate safeguards (e.g. standard contractual clauses or adequacy decisions) as required by law.

8. Security

We implement technical and organisational measures to protect your data (e.g. encryption, access controls, secure development practices). No system is completely secure; we will notify you and regulators of serious breaches where required by law.

9. Children

Our service is not directed at minors. We do not knowingly collect personal data from children. If you believe we have collected such data, please contact us and we will delete it.

10. Changes to this policy

We may update this privacy policy from time to time. We will post the revised version on this page and update the “Last updated” date. Continued use of the service after changes constitutes acceptance of the updated policy. For material changes we may notify you by email or a notice on the site.

11. Contact

For any questions about this privacy policy or our data practices, contact us at info@leadflags.com.

← Back to home