Privacy policy
How Leed/AI collects, uses, stores, shares, protects, and processes personal data across our website, dashboards, communication hubs, forms, chat flows, and notifications.
Effective & last updated · June 2026
01 · Introduction
LEED/AI (“LEED/AI,” “we,” “our,” or “us”) is an AI-Assisted Communication Operating System operated by Leed/AI, based in Hyderabad, India. It is designed to help business users and professionals manage communication, inquiries, opportunities, lead qualification, scheduling, and related business workflows.
This Privacy Policy explains how we collect, use, store, share, protect, and process personal data when a business user uses LEED/AI, when a lead or contact interacts with a LEED/AI-powered communication hub, or when a person accesses our website, dashboards, mobile experiences, forms, chat flows, notifications, or related services.
02 · Our role
Controller: LEED/AI acts as an independent data controller for its own website operations, account management, billing, security, abuse prevention, analytics, and support functions. We determine the purposes and means of processing for these activities.
Processor: When operating a creator’s communication hub — qualifying their leads, storing their knowledge base, or sending notifications on their behalf — LEED/AI acts as a data processor on behalf of that creator or business (the controller). The creator is responsible for the lawful basis of processing their leads’ personal data and for providing any required disclosures to those leads.
03 · Information we collect
A. Account and business information
- Name, email address, mobile number, and authentication credentials.
- Business name and business description.
- Pricing information provided by the creator.
- FAQs, documents, proposals, brochures, media kits, and business knowledge uploaded to the platform.
- Subscription and billing records; plan usage and quota data.
B. Lead, contact, and opportunity information
- Name, email, phone number, and preferred communication channel.
- Inquiry details, project scope, budget, timeline, urgency, and decision-making authority.
- Documents uploaded, meeting requests, follow-up information, and communication history.
- Status and relationship history.
C. Technical and security information
- IP address, browser type, device type, operating system, and approximate geolocation derived from IP.
- Device identifiers or fingerprinting signals, session information, and login logs.
- Spam and abuse signals, rate-limiting and verification logs, system event logs, error logs, and audit logs.
D. Communication and interaction data
- Form submissions, chat messages, and AI qualification transcripts.
- Emails, notification delivery logs, meeting activity, and calendar-related scheduling metadata.
- Support requests, feedback, and creator corrections / AI review inputs.
E. Analytics and performance data
- Source attribution, referral source, and UTM / campaign data.
- Engagement data, conversation completion data, and lead quality indicators.
- Conversion and funnel metrics, usage analytics, and product performance metrics.
04 · Information we do not use as AI training data
We do not use any of the following to train, fine-tune, or improve AI models: passwords, OTPs, API keys, payment card details, banking credentials, highly sensitive secrets, cross-client private data, restricted credentials, hidden system prompts, confidential security instructions, or the personal data of leads and contacts processed through a creator’s hub.
05 · How we use information
- Create and manage accounts and workspaces; operate communication hubs.
- Capture, verify, qualify, score, organize, and route opportunities.
- Generate summaries, suggested replies, meeting suggestions, and workflow recommendations.
- Maintain relationship memory and communication history; schedule meetings and send reminders.
- Send alerts, notifications, summaries, and reports; provide customer support.
- Improve product performance, security, and reliability; monitor abuse, fraud, bots, prompt injection attempts, data leakage, and unauthorized activity.
- Comply with legal obligations, enforce our Terms, and perform analytics and operational reporting.
06 · AI processing and safety
LEED/AI uses artificial intelligence to assist with communication workflows — qualifying inquiries, summarizing conversations, generating draft replies, suggesting next actions, organizing opportunities, assisting with scheduling, and generating internal analytics and operational reports.
AI does not replace human judgment. LEED/AI is designed under the principle: AI Assists. Humans Decide.
07 · Legal bases for processing
We process personal data on the following legal bases, mapped to the relevant activities:
- Performance of a contract — creating and managing your account, delivering the service, processing billing and payments, enforcing plan limits.
- Legitimate interests — operating, securing, and improving the platform; fraud and abuse prevention; anti-spam and rate limiting; security monitoring; internal analytics and operational reporting; relationship memory as a product feature.
- Consent — sending marketing communications; analytics cookies for EU/UK visitors; AI calling and recording features (where separate consent is required).
- Compliance with legal obligations — retaining billing and tax records; responding to lawful requests from authorities; data subject rights requests.
- Vital interests / public interest — where required to protect against serious harm or safety threats.
08 · Verification, trust, and abuse prevention
We use OTP verification, email verification, phone verification, rate limiting, anti-spam systems, device and network analysis, trust scoring, abuse detection, prompt injection defense, tenant isolation controls, audit logging, and malware scanning for uploaded files.
09 · Data sharing
We do not sell personal data. We may share data only as reasonably necessary with service providers who process data on our behalf, and with the creator or business that a lead intended to reach through LEED/AI. Our current sub-processors include:
- Supabase — database, authentication, and file storage
- Twilio — SMS and voice calling
- Razorpay — payment processing and billing
- Resend — transactional email delivery
- AI model providers (Google, OpenAI, or Anthropic, depending on configuration) — processing conversation content to generate AI responses
- Vercel — application hosting
- Sentry — error monitoring
Each provider is bound by its own data processing terms and only receives the data necessary to perform its function. This list may change as our infrastructure evolves; the current list is always available on this page.
10 · Cross-client isolation
LEED/AI is designed to protect each client workspace separately through controls intended to prevent one client’s leads, documents, or knowledge base from being exposed to another client.
11 · Data retention
We retain data for as long as reasonably necessary to provide the service, support relationship history, comply with legal obligations, resolve disputes, enforce agreements, and protect against abuse and fraud. Specific retention periods by plan and data category are set out in our Data Retention Policy.
12 · Data security
We protect personal data through a combination of technical and organisational measures, including:
- Access control and role-based permissions — only authorised personnel and systems can access account data.
- Tenant isolation — each account’s data is logically separated at the database level; cross-account access is structurally prevented, not merely policy.
- Transport and storage protections — data in transit is encrypted (TLS); data at rest is encrypted.
- Malware scanning — files uploaded to the platform are scanned before being stored or processed.
- Audit logging — sensitive actions are logged with timestamps and actor identity.
- Monitoring and incident response — we monitor for anomalies and maintain a process for identifying, containing, and notifying affected users of security incidents where required by law.
No security system is infallible. If you discover a potential vulnerability, please contact us at Support@leed-ai.com.
13 · Your rights
Depending on your location, you may have the right to:
- Access — request a copy of the personal data we hold about you.
- Rectification — correct inaccurate or incomplete data.
- Erasure — request deletion of your personal data (“right to be forgotten”).
- Restriction — ask us to pause processing in certain circumstances.
- Portability — receive your data in a structured, machine-readable format.
- Objection — object to processing based on legitimate interests or for direct marketing.
- Withdraw consent — where processing is based on consent, withdraw it at any time without affecting prior processing.
- Complain to a regulator — lodge a complaint with the supervisory authority in your country of residence or establishment (for example, your national data protection authority or, in India, the Data Protection Board once constituted under the DPDP Act 2023).
We will acknowledge rights requests within 5 business days and respond substantively within 30 days. For complex requests we may extend by a further 30 days with prior notification.
You can also revoke permissions, disconnect channels, or close your account directly from Settings.
14 · Children
LEED/AI is not intended for persons under 18 years of age. We do not knowingly collect personal data from minors. If we become aware that a person under 18 has created an account, we will take steps to delete that account and its associated data promptly.
15 · International data transfers
LEED/AI is operated from India. Your data may be processed in other countries where our service providers operate, including the United States and the European Union. Where we transfer personal data outside India or the European Economic Area, we rely on one or more of the following lawful mechanisms: Standard Contractual Clauses (SCCs) adopted by the European Commission, adequacy decisions, binding corporate rules, or other applicable lawful transfer mechanisms under relevant data protection law. Copies of applicable SCCs are available on request.
16 · Changes to this policy
We may update this Privacy Policy from time to time. We will update the “Last Updated” date and may provide additional notice where required.
17 · Contact us
For privacy questions, data subject rights requests, or complaints:
Leed/AI
Hyderabad, India
Email: Support@leed-ai.com
Website: leed-ai.com
If you are unsatisfied with our response, you have the right to escalate your complaint to the relevant supervisory authority or data protection regulator in your jurisdiction.
18 · Short AI disclosure
When a person interacts with a LEED/AI-powered communication hub, they may be communicating with an AI-assisted system operating on behalf of a creator or business. Important decisions remain subject to human review where applicable.