LeadManagement
Legal

Privacy policy

Effective: April 1, 2026

This policy explains what information LeadManagement ("we", "us", "the Service") collects, why we collect it, how we store it, and the choices you have. We have written it in plain English so you can actually read it.

Two roles, two kinds of data

LeadManagement plays two different roles depending on how you interact with us:

  • Website visitor / contact form: we are the data controller for the information you send us through this website.
  • CRM workspace user: we are the data processor for the leads, contacts, and notes that you (the account holder) put into your workspace. You remain the data controller of that information.

What we collect from website visitors

  • Contact / enquiry form: name, email, mobile number, message, and the IP address of the submission.
  • Server logs: standard request metadata (IP, user agent, timestamp) for security and debugging.
  • No advertising trackers. We do not embed Google Ads, Meta Pixel, LinkedIn Insight, or similar third-party trackers.

What we collect from account holders

  • Account details: your name, work email, mobile number, company name, address, and a password we store as a salted hash (we never store your raw password).
  • Email verification: we mark your email as verified after you click the activation link.
  • Login activity: last login timestamp and IP address, plus an activity log of important actions in your workspace, used for security and audit.
  • Subscription & billing: the plan you chose, validity dates, the amount paid, transaction reference, and the GST invoice we issue. Card and UPI details are handled by the payment gateway — we never see or store them.

Data inside your CRM workspace

While using LeadManagement, you and your team will add information about your own leads and customers — names, emails, phone numbers, company details, notes, follow-ups, products, and any custom fields you create. You are responsible for the lawful basis on which you collect and store this data. We act only as a processor: we keep it private to your workspace, encrypt it in transit and at rest, and never use it for our own marketing, advertising, or model training.

Cookies & local storage

  • Authentication: after you sign in, we store a JSON Web Token in your browser's local storage so you stay logged in. Clearing your browser data signs you out.
  • Essential cookies only. We do not set advertising or analytics cookies on the marketing website.

How we use your information

  • To provide the Service — sign you in, render your workspace, run your follow-ups, send your notifications.
  • To reply to enquiries and support requests.
  • To send transactional emails: account activation, password reset, payment receipt / invoice, subscription expiry, and lead-related notifications you have enabled.
  • To detect abuse, prevent fraud, and keep the Service running reliably.
  • To comply with applicable laws (for example, retaining tax-related records).

We do not sell, rent, or trade your information, and we do not share it with advertisers.

Sub-processors we rely on

To run the Service we use a small set of trusted vendors. Each is contractually required to keep your data confidential:

  • Cloud hosting & database: stores your account data and workspace contents.
  • Payment gateway: processes plan payments. They handle card / UPI / net-banking details directly; we only receive a transaction reference and amount.
  • Transactional email provider: delivers system emails such as activation, password reset, and notifications.

Email logging

For deliverability and audit, we keep a log of system emails sent from LeadManagement (recipient, subject, status). We do not log the contents of emails you compose to leads outside the Service.

How long we keep data

  • Enquiry / contact-form messages: up to 24 months from your last interaction.
  • Active accounts & workspaces: for as long as your subscription is active.
  • After cancellation: your workspace becomes read-only at expiry, and is retained for a reasonable grace period before deletion. You may request earlier deletion (see "Your rights" below).
  • Tax & billing records: retained for the period required by Indian tax law, even if your account is deleted.

Security

Connections to LeadManagement use HTTPS. Passwords are stored as salted hashes. Workspace data is isolated per account so one account holder cannot read another's data. We apply rate limits and standard hardening at the API layer. No system is perfect, but we treat security as a continuous responsibility.

Your rights

You can ask us to access, correct, export, or delete your personal data at any time by emailing leadmanagement513@gmail.com from your registered email address. We respond within 30 days.

For lead/contact data inside a workspace, the account holder is the data controller — please ask them directly. If you cannot reach them, contact us and we will route the request.

Children

LeadManagement is a B2B product and is not directed at people under 18. We do not knowingly collect personal information from children.

Cross-border data

Your data is primarily stored on infrastructure located in India. Some sub-processors (for example, the email provider) may process data in other jurisdictions; in those cases data is transferred under appropriate safeguards.

Changes to this policy

If we update this policy, we will change the effective date at the top and post the new version here. Significant changes will be emailed to active subscribers.

Contact

Questions, requests, or concerns? Email leadmanagement513@gmail.com. We read every message.