Privacy Policy
Your data privacy and security are our top priorities
Effective Date: August 30, 2025
Contact: support@leadsprep.com
Notice at Collection: We collect personal information for sales intelligence services. Categories include identifiers, professional information, and usage data. For full details, see our Privacy Policy.
LeadsPrep provides a trigger-based sales intelligence platform that converts public market signals into AI-assisted sales briefs, call notes, and ready-to-send email drafts (the "Services"). This Privacy Policy explains how we collect, use, disclose, and protect personal information when you visit our website, create an account, connect integrations (e.g., CRM/Slack), receive email/SMS alerts, or otherwise use the Services.
If you do not agree with this Policy, please do not use the Services.
Children's Privacy: Our Services are not intended for children under 13. We do not knowingly collect personal information from children under 13.
1. Roles & Scope
Website visitors & marketing contacts
For information we collect to operate our site, run analytics, and send marketing, LeadsPrep is an independent controller.
Customers & team users
For information we process to provide the Services to your organization (e.g., ICP settings, target lists, CRM sync), we act primarily as a processor/service provider to your organization (the "Customer"), which is the controller. We process such data only under the Customer's instructions and our agreement.
Public signal data & business contact info
We collect and transform publicly available business information (e.g., news, press releases, job posts, regulatory filings) into signals and briefs. Where this includes business contact details (name, role, work email), we act as a controller or processor depending on context and applicable law.
2. Information We Collect
A. Information you provide
Account & profile
Name, work email, password (hashed), company, role, team membership.
Onboarding configuration
Ideal Customer Profile (industries, company size, geographies), competitors list, target accounts (CSV/manual), preferred email tone/style, words/phrases to avoid (compliance guardrails), notification preferences (daily digest time, instant SMS, Slack/CRM push).
Value proposition inputs
Your product/service summaries and proof points used to personalize briefs.
Integrations (at your direction)
OAuth tokens, API keys/scopes, field mappings for HubSpot, Salesforce, Close, Slack, and similar tools.
Billing
Plan tier, invoices, and payment status (payment data is processed by Stripe; we do not store full card numbers).
Support & communications
Messages to support or sales, surveys, demo bookings.
B. Information collected automatically
Usage & device data
IP address, device/browser type, pages viewed, referring/exit pages, timestamps, language, approximate location (from IP), product interactions, error logs.
Cookies & similar tech
See Section 7.
C. Information from third parties and public sources
Signal sources
Public news sites and wire services (e.g., PRNewswire/BusinessWire), corporate websites and newsroom posts, regulatory filings (e.g., SEC 8-K), job and career pages, general web pages discoverable by search engines.
Vendors & data partners
Deliverability, analytics, and B2B data providers that help validate or enrich business records, where permitted by law and contract.
Do not send credentials
We do not request or want passwords to third-party accounts outside of OAuth/API flows.
Sensitive Personal Information
We do not seek to collect sensitive personal information. For purposes of this Policy, sensitive personal information includes: precise geolocation data, financial account information, biometric identifiers, health data, racial/ethnic origin, religious beliefs, sexual orientation, union membership, mail/email communications content, genetic data, and information concerning sex life.
Do not upload personal data you are not authorized to share.
3. How We Use Information
Provide and operate the Services
Create accounts; authenticate users; monitor sources; deduplicate stories; generate alerts, briefs, call notes, and email drafts; assign confidence scores; route content to email/SMS/Slack/CRM; provide dashboards and exports.
Customize & improve
Personalize digests, improve AI brief accuracy and ranking, measure feature usage, and develop new capabilities.
Security & integrity
Detect, prevent, and investigate fraud, abuse, or security incidents; enforce terms; ensure high availability.
Communications
Send transactional emails/SMS (service, billing, changes); send marketing where permitted by law or with consent (you can opt out).
Analytics & measurement
Understand usage to improve performance, reliability, and user experience.
Legal bases (EEA/UK)
Contract performance; legitimate interests (product improvement, security, B2B outreach); consent (where required, e.g., certain cookies/SMS); and legal compliance.
4. AI, Automated Processing & Training
We use AI models to transform public signals and your inputs into sales briefs, call notes, and email drafts and to rank/summarize opportunities.
No model training on your Customer Content without opt-in
We do not use Customer Content (ICP settings, target lists, briefs, CRM/Slack data, SMS content) to train foundation models for use outside your account unless you separately opt in through your account settings.
We may use aggregated or de-identified usage patterns to improve system performance and safety.
Automated Decision Making
Automated scoring/ranking surfaces opportunities but does not make decisions with legal or similarly significant effects about individuals.
5. How We Disclose Information
We disclose personal information only as described below:
Service providers & processors
Cloud hosting, databases, logging/monitoring, analytics, email (Beehiiv/SendGrid), SMS (Twilio), authentication/membership (e.g., Softr or Webflow + Memberstack), payments (Stripe), support tools, and backup. They may access data only to perform services for us and must protect it.
Integrations you enable
At your direction, we send briefs/alerts to Slack or push records to your CRM (HubSpot/Salesforce/Close). You control the scope via integration settings.
Data partners (B2B context)
Limited sharing to validate or enrich business contact data and maintain accuracy, where permitted.
Agency/white-label resellers
If you procure the Services via an agency or white-label partner, we may share account and usage information with that partner to support provisioning, billing, and support, consistent with this Policy and your agreement.
Corporate transactions
In a merger, acquisition, financing, or sale of assets, information may transfer under confidentiality and continued protections.
Legal & safety
To comply with law, lawful requests, or to protect rights, safety, and security.
De-identified/aggregated data
Insights that do not identify individuals.
Privacy Protection Commitment
We do not sell personal information as "sell" is defined by the CCPA/CPRA, nor do we "share" personal information for cross-context behavioral advertising.
6. Consumer Rights
California Consumer Rights (CCPA/CPRA)
If you are a California resident, you have the following rights:
Right to Know
Request categories and specific pieces of personal information we collect, use, disclose, or sell about you, including:
- Categories of personal information collected
- Categories of sources from which information is collected
- Business or commercial purposes for collecting information
- Categories of third parties with whom we share information
- Specific pieces of personal information collected about you
Right to Delete
Request deletion of personal information we have collected about you, subject to certain exceptions (e.g., completing transactions, security purposes, legal compliance).
Right to Correct
Request correction of inaccurate personal information we maintain about you.
Right to Opt-Out
Stop the sale or sharing of your personal information. We do not currently sell or share personal information, but you can submit requests via our "Do Not Sell My Personal Information" link.
Right to Limit
Limit the use and disclosure of sensitive personal information to purposes necessary to perform our services.
Right to Non-Discrimination
Receive equal service and pricing regardless of exercising your privacy rights. We will not deny services, charge different prices, or provide different quality based on your rights exercise.
European Rights (GDPR)
If you are in the European Economic Area, United Kingdom, or Switzerland, you have additional rights including:
Access to your personal information
Rectification of inaccurate information
Erasure of personal information
Data portability
Object to processing based on legitimate interests
Withdraw consent (where processing is based on consent)
Lodge complaints with supervisory authorities
How to Exercise Rights
support@leadsprep.com
Online Form
[Privacy Request Form - if available]
Phone
[Phone number - if available]
Verification
We verify your identity through account credentials or by matching information you provide with information we have on file.
Response Time
We respond to requests within 45 days maximum (may extend an additional 45 days with notice for complex requests).
Authorized Agents
You may designate an authorized agent to make requests on your behalf by providing written authorization.
Appeals
If you disagree with our response to your request, contact us at support@leadsprep.com to appeal.
7. Cookies and Tracking Technologies
We use cookies and similar technologies to operate and improve our Services:
Types of Cookies We Use
Essential Cookies
Necessary for service operation including authentication, security, and basic functionality. Legal basis: Legitimate interest.
Analytics Cookies
Google Analytics, usage tracking, and performance monitoring to understand how you use our Services. Legal basis: Consent (where required) or legitimate interest.
Marketing Cookies
Advertising, remarketing, and conversion tracking to show you relevant advertisements. Legal basis: Consent.
Third-Party Services That May Set Cookies
- Stripe - Payment processing and fraud prevention
- SendGrid/Beehiiv - Email delivery and engagement tracking
- Google Analytics - Website analytics and reporting
- Integration Partners - Slack, CRM systems (HubSpot, Salesforce, Close) as you direct
Cookie Controls
- Browser Settings - Configure cookie preferences in your web browser
- Cookie Banner - Manage preferences through our cookie consent tool (where applicable)
- Opt-Out Tools - Industry opt-out mechanisms for advertising cookies
- Global Privacy Control (GPC) - We recognize GPC signals where technically feasible
8. International Data Transfers
Personal information may be processed in the United States and other countries where we or our service providers operate.
For transfers from the European Economic Area, United Kingdom, or Switzerland:
Adequacy Decisions
We transfer data to countries that the European Commission has determined provide adequate data protection.
Standard Contractual Clauses
For transfers to countries without adequacy decisions, we use EU-approved Standard Contractual Clauses and implement additional technical and organizational safeguards.
Your Rights
If you are in the EEA, UK, or Switzerland and object to international transfers, contact us at support@leadsprep.com. Note that objecting may limit service availability.
9. Data Retention Periods
We retain personal information for the following specific periods:
Account Data
Duration of subscription plus 90 days
Usage Logs
12 months maximum
Marketing Data
3 years from last engagement (or until consent withdrawn)
Financial Records
7 years for tax and accounting compliance
Support Communications
3 years
Signal/AI-Generated Content
90 days after account termination
Security and Fraud Prevention Logs
12 months
Extended Retention: Data may be retained longer where required by law, to establish or defend legal claims, or with your consent.
10. Opt-Out Mechanisms
Marketing Emails
Unsubscribe link in each marketing email
Do Not Sell My Personal Information
Available at [insert link] (though we do not currently sell information)
Global Privacy Control
We recognize GPC browser signals where technically feasible
Cookie Preferences
Manage through browser settings or our cookie banner
11. Security
We implement appropriate technical and organizational measures to protect personal information against unauthorized access, alteration, disclosure, or destruction, including:
Important: However, no internet transmission or electronic storage is completely secure.
12. Updates to This Policy
We may update this Privacy Policy periodically. For material changes, we will provide notice by:
Email Notification
To the address in your account
Website Notice
Prominent notice on our website
Advance Notice: At least 30 days before the effective date. Your continued use after changes become effective constitutes acceptance.