Privacy Policy

Effective as of June 9, 2026

Introduction

Protecting your data and that of your clients is an absolute priority for Leadsia. The purpose of this Privacy Policy is to explain in all transparency what data is collected, how it is processed, and what measures are implemented to ensure its security and confidentiality, in compliance with the General Data Protection Regulation (GDPR).

1. Data Collected

Within the scope of the integration and operation of Leadsia's conversational AI agents, we collect and process the following categories of data:

  • Lead contact and identification data: First name, last name, professional email address, phone number, company, job title, as well as any other information voluntarily provided by the prospect.
  • Conversation data: Text or audio content of exchanges between prospects/clients and the AI agent (emails, website chats, instant messaging, etc.).
  • Metadata and technical logs: IP addresses, browser or device information (user-agent), precise timestamps of messages, and communication channel identifiers (e.g., chat ID, webhook payloads).

2. Purposes and Legal Basis of Processing

Personal data processing is carried out on the basis of the execution of the service agreement or the legitimate interest of Leadsia to provide an optimal customer relationship management service:

  • AI Agent Deployment and Execution: Configuring, connecting, and running the custom autonomous agent within your business tools (CRM, mailboxes, instant messaging).
  • Processing and Drafting under Human Control: Generating email response drafts and action suggestions, which remain subject to the final validation or calibration of a human operator before sending.
  • Lead Scoring and Qualification: Analyzing inquiry content to qualify the prospect and syncing the information with your internal tools.

3. Data Hosting and Transfer

All data on our infrastructure and databases is stored highly securely:

  • Main Hosting: Servers located within the European Union, operated by the German company Hetzner Online GmbH.
  • AI Model Calls (LLMs): Depending on the configured models, certain API requests may be transmitted in encrypted form to secure APIs of OpenAI, Groq, or Moonshot AI, applying standard contractual clauses (SCCs) and strict pseudonymization where possible.

4. Retention Period and Automatic Purge (30-Day Rule)

We apply a minimal retention policy to limit data exposure:

The 30-day automatic purge rule:

In order to guarantee confidentiality and minimize storage, **all conversation data, transcripts, and activity metadata processed by our AI agents are automatically purged and permanently deleted from our servers within 30 days** after the end of the commercial relationship or at the user's request.

5. Your Rights (GDPR)

In accordance with applicable personal data protection laws, you have the following rights:

  • Right of Access: Obtain a copy of the processed data.
  • Right of Rectification: Request the correction of inaccurate information.
  • Right of Erasure (Right to be Forgotten): Request permanent deletion of data before the 30-day automatic purge.
  • Right to Restrict Processing and Object: Object to certain processing activities or ask that they be restricted temporarily.

To exercise any of these rights, you can contact the publisher directly at: contact@leadsia.io.