1. Definitions

• Personal Data: Information about an individual who can be identified directly or indirectly.
• Processing: Any operation performed on Personal Data like collection, use, storage, etc.
• Data Controller: Entity determining the purpose and means of processing Personal Data.
• Data Processor: Entity processing Personal Data on behalf of the Data Controller.

2. Scope

• This policy applies to Personal Data collected to provide LeadGPT services.
• It also covers data processed about individuals during lead generation services.

3. Legal Basis for Processing

• Consent: Where required, consent is obtained for data processing.
• Legitimate Interests: Processing for business purposes unless overridden by individual rights.
• Contractual Necessity: Processing to fulfill contracts or pre-contractual obligations.

4. Personal Data We Collect

4.1. Client Data

• Contact, account, billing, and communication data.

4.2. Lead Data

• Professional details (e.g., name, title, company).
• Publicly available data from web and social platforms.
• Interaction data (e.g., campaign responses).

5. How We Collect Data

• Information from clients during onboarding or platform use.
• Automated collection (e.g., cookies).
• Third-party sources and publicly available information.

6. Purposes of Processing

• To provide, improve, and maintain services.
• For billing, marketing, and compliance purposes.
• To generate and personalize outreach activities for clients.

7. Disclosure of Personal Data

• To clients, third-party service providers, or law enforcement (as required).
• As part of business transfers such as mergers.

8. International Data Transfers

• Data may be transferred and processed outside the user's country of residence.
• Appropriate safeguards like Standard Contractual Clauses are used.

9. Data Security

• Implementation of technical and organizational measures to protect data.
• Includes encryption, access controls, and regular security assessments.

10. Data Retention

• Retention only for as long as necessary to fulfill purposes or legal requirements.
• Secure deletion or anonymization when no longer needed.

11. Data Subject Rights

• Right to access, correct, delete, or restrict Personal Data.
• Right to object to processing for marketing or other legitimate interests.
• Right to withdraw consent where applicable.

12. Cookies and Tracking Technologies

• Use of cookies to enhance user experience, analytics, and advertising.
• Options available to manage cookies through browser settings.

13. Third-Party Links

• We are not responsible for the privacy practices of external websites or services.

14. Children’s Privacy

• Services are not directed to individuals under 18.
• No intentional collection of children’s data.

15. Changes to This Privacy Policy

• Updates will be posted with the effective date modified.
• Significant changes will be communicated to users.

16. Data Protection Officer

• Contact our DPO at info@leadgpt.org for inquiries or concerns.

17. Data Protection in Specific Jurisdictions

17.1. European Economic Area (EEA) and UK

• GDPR Compliance: We adhere to the General Data Protection Regulation (GDPR) for individuals in the EEA and UK.
• Legal Bases for Processing: Processing is based on consent, legitimate interests, or contractual necessity.
• International Transfers: Personal Data transferred outside the EEA or UK is protected through safeguards such as Standard Contractual Clauses.

17.2. California Consumer Privacy Act (CCPA)

• Applicability: For California residents, we comply with the CCPA for the collection and use of Personal Data.
• Rights Under CCPA: Includes the right to know, delete, and opt-out of the sale of Personal Data, and protection from discrimination.
• No Sale of Data: We do not sell Personal Data as defined under the CCPA.

17.3. Other Jurisdictions

• Local Compliance: We comply with applicable data protection laws in other jurisdictions where we operate.

18. Security Incident Response

• Breach Notification: In the event of a data breach, we will notify affected Clients and Data Subjects as required by applicable laws.
• Incident Management: Procedures are in place to identify, assess, and respond to security incidents to minimize their impact.

19. Client Responsibilities

• Compliance: Clients are responsible for ensuring their use of our services complies with applicable law.
• Data Accuracy: Clients must provide accurate and up-to-date Personal Data.
• Lawful Basis: Clients must ensure a lawful basis for us to process Personal Data on their behalf.

20. Employee and Contractor Confidentiality

• Access Control: Only authorized personnel with a legitimate business need have access to Personal Data.
• Confidentiality Agreements: Employees and contractors are bound by confidentiality obligations regarding Personal Data.
• Training: Employees receive regular training on data protection and privacy practices.

21. Subprocessors

• Third-Party Processors: We may engage subprocessors to assist in providing our services.
• Due Diligence: We conduct due diligence to ensure subprocessors have appropriate security measures.
• Subprocessor Agreements: Subprocessors are bound by data protection obligations consistent with this Privacy Policy.

22. Record of Processing Activities

• Documentation: We maintain records of our processing activities as required by applicable laws.

23. Monitoring and Enforcement

• Internal Audits: We conduct regular audits to ensure compliance with this Privacy Policy and applicable laws.
• Non-Compliance Consequences: Violations may result in disciplinary action, including termination of employment or contracts.

24. Complaints and Dispute Resolution

• Filing a Complaint: Data Subjects can file complaints with our Data Protection Officer.
• Regulatory Authorities: Data Subjects have the right to lodge a complaint with a supervisory authority or data protection regulator in their jurisdiction.

Contact Us

• Email: info@leadgpt.org
• Phone: +852 8490 0225 / +91 86040 76294
• Website: www.leadgpt.org
• Address: Suite-C, Level 7, World Trust Tower, 50 Stanley Street, Central, Hong Kong