Privacy Policy

LeadGen AI ("Company," "we," "us," or "our") is an AI-powered lead generation and advertising management service helping businesses automate and target customers in their language. We specialize in bilingual (English/Spanish) lead generation for US businesses.

Contact: privacy@leadgenai.com

From Advertisers and Publishers (platform users):

• Name, email address, phone number, and company information provided at registration
• Billing information (processed securely by Stripe — we do not store card numbers)
• Account activity, campaign settings, and platform usage data
• Communication preferences and notification settings
• OAuth tokens when you connect your advertising accounts (stored encrypted)

From Leads (third-party individuals whose data we process on behalf of advertisers):

• Name, email address, phone number, and mailing address
• Demographics: age, income range, state/zip code
• Insurance or service interest (insurance type, industry-specific responses)
• IP address, device information, and browser type (for fraud detection)
• TCPA consent timestamp, consent source, and consent language

Automatically collected:

• Log data: IP addresses, access times, pages viewed, API calls made
• Cookies and similar tracking technologies for session management

We use collected information to:

• Provide, operate, and improve the LeadGen AI platform
• Process payments and manage your wallet balance
• Match leads to advertisers based on campaign criteria
• Send lead delivery notifications via email and WhatsApp
• Score and verify leads for quality and fraud prevention
• Generate AI-powered ad copy and video creatives for your campaigns
• Publish advertising campaigns on connected ad platforms on your behalf
• Send transactional communications (receipts, alerts, account notifications)
• Comply with legal obligations (TCPA, CAN-SPAM, CCPA)
• Enforce our Terms of Service and protect against fraudulent activity

We do not sell your personal information to third parties for their own independent marketing purposes.

LeadGen AI operates in strict compliance with the Telephone Consumer Protection Act (TCPA). We only contact leads by WhatsApp or phone when:

• The lead has provided prior express written consent to be contacted
• The consent was obtained on a compliant lead capture form that clearly disclosed the contact method, frequency, and opt-out instructions
• Contact occurs between 8:00 AM and 9:00 PM in the lead's local timezone
• Every message includes opt-out instructions ("Reply STOP to unsubscribe")

Advertisers using our platform are responsible for ensuring that leads delivered to them were obtained with proper TCPA-compliant consent. We log consent timestamps, source URLs, and consent language for every lead processed through our system.

If you are a lead and wish to opt out of communications, reply STOP to any WhatsApp message, or contact us at privacy@leadgenai.com.

We share personal information only in the following circumstances:

• With advertisers: Lead contact information and details are shared only after an advertiser accepts or is matched to a lead through our platform
• With publishers: Aggregate performance data only — no end-consumer PII shared back to publishers beyond what is contractually required
• Service providers: We use Stripe (payments), Twilio (WhatsApp), Resend (email), Anthropic (AI processing), and Railway (infrastructure). Each is bound by their own privacy policies and data processing agreements
• Legal requirements: We may disclose information when required by law, court order, or government authority
• Business transfers: In the event of a merger, acquisition, or sale of assets, user data may be transferred as part of that transaction

LeadGen AI's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

What Google data we receive: When an advertiser connects their Google Ads account through LeadGen AI, we request OAuth access to the following scopes:

• https://www.googleapis.com/auth/adwords — to manage Google Ads campaigns on the advertiser's behalf
• https://www.googleapis.com/auth/userinfo.email — to identify the connected Google account
• https://www.googleapis.com/auth/userinfo.profile — to display the connected user's name in our dashboard

How we use this data — strictly limited to:

• Creating, updating, pausing, and resuming Google Ads campaigns the advertiser configures in our platform
• Reading campaign performance metrics (clicks, impressions, conversions, cost) to display in the advertiser's LeadGen AI dashboard
• Adjusting daily budgets when wallet balance or daily lead caps require it
• Uploading offline conversion data so Smart Bidding can optimize against real closed deals from the advertiser's CRM

How we do NOT use this data:

• We do not transfer Google user data to any third party except as necessary to provide the platform service to the user (e.g., infrastructure providers like Railway)
• We do not use Google user data for advertising of any kind beyond the campaigns the advertiser explicitly authorizes
• We do not sell Google user data
• We do not allow humans to read Google user data unless required for security investigations, to comply with applicable law, or with the advertiser's affirmative agreement
• We do not use Google user data to build, develop, train, or improve generalized or non-personalized AI/ML models

Storage: OAuth refresh tokens are encrypted at rest using AES-256. Access tokens are short-lived (1 hour) and held in memory only. We never log access or refresh tokens.

Retention: OAuth tokens are retained while the connection is active. When the advertiser disconnects the integration in our dashboard or revokes access from their Google Account, we delete the tokens immediately and stop calling the Google APIs on their behalf.

Revoking access: Advertisers can revoke LeadGen AI's access at any time from myaccount.google.com/permissions, or directly inside our dashboard at Settings → Connected Accounts → Disconnect Google Ads.

If you are a California resident, you have the following rights:

• Right to Know: Request information about the categories and specific pieces of personal information we collect, use, and disclose
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out: We do not sell personal information. You may still submit an opt-out request at privacy@leadgenai.com
• Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights

To submit a CCPA request, email privacy@leadgenai.com with subject line "CCPA Request" and include your full name and email address associated with your account. We will respond within 45 days.

• Account data: Retained for the duration of your account plus 3 years after closure for legal compliance
• Lead data: Retained for 2 years from the date of capture, then anonymized or deleted
• TCPA consent records: Retained for 5 years as required for legal compliance
• Transaction records: Retained for 7 years for tax and accounting purposes
• AI processing logs: Retained for 90 days then deleted

We implement industry-standard security measures including:

• TLS/SSL encryption for all data in transit
• AES-256 encryption for sensitive data at rest (OAuth tokens, API keys)
• JWT-based authentication with secure token expiration
• Rate limiting and IP-based fraud detection on all API endpoints
• Access controls limiting employee access to data on a need-to-know basis

No method of transmission over the internet is 100% secure. We cannot guarantee absolute security but commit to promptly notifying affected users of any data breach as required by applicable law.

We use essential cookies for session management and authentication. We do not use third-party advertising cookies or cross-site tracking cookies. You may disable cookies in your browser settings, but this may affect platform functionality.

Our platform is intended for business use only and is not directed at individuals under 18 years of age. We do not knowingly collect personal information from minors. If you believe we have inadvertently collected such information, contact us immediately at privacy@leadgenai.com.

We may update this Privacy Policy from time to time. We will notify registered users of material changes by email at least 14 days before the change takes effect. Continued use of the platform after the effective date constitutes acceptance of the updated policy.

For privacy-related questions, requests, or complaints: