Privacy Policy

This Privacy Policy explains how The iCentric Agency Ltd ("Leadmeister", "we", "us", "our") collects, uses, shares and protects personal data in connection with the Leadmeister website and service at https://www.leadmeister.ai (the "Service").

We are a company incorporated in England and Wales with company number 09873359, with our registered office at:

The iCentric Agency Ltd Colworth House, Colworth Park Sharnbrook, Bedfordshire England, MK44 1LQ

We are the data controller in respect of personal data we collect about you (our users) for the operation of our Service. We are typically a data processor in respect of personal data of third-party business contacts that you process through the Service — see section 4.

For privacy questions or to exercise your rights, contact us at privacy@leadmeister.ai.

1. Scope

This Policy applies to:

• visitors to our website;
• users who create an account and use the Service (whether on the Free Tier or a paid Subscription); and
• third-party business contacts whose data is processed through the Service ("Contact Data").

This Policy should be read together with our Terms and Conditions and Cookie Notice (where provided).

2. Personal Data We Collect About You (Our Users)

When you use the Service, we collect:

2.1 Account and Identity Data

Provided to us via our authentication provider, Clerk: your name, email address, password (managed by Clerk; we do not store passwords), and any profile information you choose to add. If you sign in with a third-party identity provider (e.g. Google, Microsoft), we receive basic profile information from that provider through Clerk.

2.2 Subscription and Payment Data

When you subscribe, payments are processed by Stripe. Stripe collects your payment card details directly; we do not see or store full card numbers. We receive limited transaction data (e.g. last four digits, card brand, billing country, transaction reference, status) for billing and accounting purposes.

2.3 Usage Data

Information about how you use the Service: features used, pages viewed, search queries, session timestamps, IP address, device and browser information, and approximate location derived from IP.

2.4 Communications Data

Records of your correspondence with us (e.g. support emails, in-app messages), and feedback you provide.

2.5 Configuration and Content Data

Settings you configure, URLs and product descriptions you submit, prompts and other inputs to AI features, and metadata about Outreach Communications you generate.

2.6 Cookies and Similar Technologies

See our Cookie Notice (where provided) and section 11 below.

3. How We Use Your Personal Data and Lawful Bases

We process your personal data for the following purposes and on the following lawful bases under the UK GDPR / EU GDPR:

PurposeLawful basisCreating and managing your Account; providing the ServiceContract — performance of our Terms with youProcessing payments and managing SubscriptionsContract; Legal obligation (tax, accounting)Providing customer supportContract; Legitimate interests (resolving issues)Securing the Service, preventing fraud and abuseLegitimate interests (security); Legal obligationImproving and developing the Service (analytics, debugging)Legitimate interests (improving our product)Sending service announcements (e.g. changes to Terms, security alerts)Contract; Legitimate interestsSending marketing about our own similar servicesLegitimate interests (soft opt-in) or Consent, as applicable; you can opt out at any timeComplying with legal obligations and responding to lawful requestsLegal obligationEstablishing, exercising or defending legal claimsLegitimate interests; Legal obligation

Where we rely on legitimate interests, we have carried out a balancing assessment. You can request more information at privacy@leadmeister.ai.

4. Contact Data: Our Role When You Use the Service

4.1 Leadmeister enables you to search third-party databases of business information, retrieve professional contact details, and generate Outreach Communications based on that data, public profile information, and your inputs.

4.2 You are the data controller of Contact Data you process through the Service. You decide which contacts to retrieve, what messages to generate, and whether and when to send them. You are responsible for the lawful basis for that processing, for providing privacy information to recipients where required, and for honouring data subject rights.

4.3 We are a data processor acting on your instructions when we host, retrieve, generate or transmit Contact Data on your behalf. Our processing is governed by the Data Processing Agreement included in our Terms and Conditions.

4.4 We do not store your CRM contact data. When you push contacts to your CRM (currently Zoho), the data is transferred to your CRM and we do not retain copies of contact records in our systems beyond what is necessary to operate the Service (e.g. transient processing to generate a draft message, or short-lived caches and logs for security and debugging).

4.5 We may also act as an independent controller in limited respects — for example, when we process Contact Data to maintain the security and integrity of the Service, to detect abuse, or to comply with legal obligations.

5. AI Processing

5.1 The Service uses AI to draft personalised emails and LinkedIn messages. This involves automated processing of Contact Data, public professional profile and activity information, and User Materials you provide.

5.2 AI-generated drafts are produced for your review and approval. The Service does not, by default, send communications without your action. You are responsible for reviewing and approving Generated Content before any communication is sent.

5.3 AI processing may take place via third-party AI providers acting as our sub-processors. We have contractual safeguards in place; in particular, we select providers that contractually agree not to use customer inputs to train their general models.

5.4 Where AI processing involves personal data of recipients, you (as controller) are responsible for any disclosures or assessments required (for example, providing privacy information and considering whether a Data Protection Impact Assessment is needed).

6. How We Share Personal Data

We share personal data with:

6.1 Service Providers (Sub-processors)

We engage third-party providers to operate the Service. Each is bound by contractual data protection obligations. They include:

• Clerk — authentication and identity management
• Stripe — payment processing
• Zoho — CRM integration (only where you connect a Zoho account; data flows to your Zoho instance)
• Cloud hosting providers — to host the Service
• AI model providers — to generate drafts of Outreach Communications
• Email and delivery providers — to send transactional emails (and, where you authorise, Outreach Communications)
• Data providers — for company and contact information lookups
• Analytics, error monitoring and customer support tools

A current list of sub-processors is available on request from privacy@leadmeister.ai.

6.2 Professional Advisers

Lawyers, accountants, auditors and insurers, where necessary.

6.3 Authorities and Legal Requirements

We may disclose personal data where required to comply with a legal obligation, court order, or lawful regulatory request, or to protect our rights, property or safety, or those of our users or others.

6.4 Corporate Transactions

If we are involved in a merger, acquisition, or sale of assets, personal data may be transferred. We will notify you if such a transaction takes place and your data becomes subject to a different privacy policy.

6.5 With Your Direction

We share data with platforms you connect or instruct us to send to (for example, your CRM, your email provider, or LinkedIn).

We do not sell your personal data.

7. International Transfers

Some of our service providers are based outside the UK and EEA (including in the United States). Where personal data is transferred internationally, we use appropriate safeguards, such as:

• transfers to jurisdictions covered by a UK or EU adequacy decision;
• the UK International Data Transfer Agreement or the UK Addendum to the EU Standard Contractual Clauses; or
• the EU Standard Contractual Clauses.

You can request copies of relevant transfer safeguards from privacy@leadmeister.ai.

8. Data Retention

We keep personal data only for as long as necessary for the purposes for which it was collected:

• Account data: for the life of your account, plus a limited period after closure for legal, tax, security and dispute-resolution purposes (typically up to 7 years for accounting records).
• Subscription and payment records: as required by tax and accounting law (typically 6–7 years).
• Usage logs and security logs: typically up to 12 months, longer where required for fraud prevention or legal claims.
• Support correspondence: up to 3 years after resolution.
• Contact Data processed on your behalf: retained only as long as necessary to perform the requested processing, in line with the Data Processing Agreement and your instructions.
• Marketing data: until you opt out, or after a period of inactivity.

When personal data is no longer needed, we delete or anonymise it.

9. Security

We implement appropriate technical and organisational measures to protect personal data, including:

• encryption of data in transit (TLS) and at rest where applicable;
• authentication and access controls (including via Clerk);
• least-privilege permissions and segregation of duties;
• monitoring, logging and intrusion detection;
• secure software development practices;
• regular backups and incident response procedures; and
• vendor due diligence on sub-processors.

No system is fully secure; however, we work to protect your data and notify you and regulators of any qualifying personal data breach as required by law.

10. Your Rights

Subject to applicable law, you have the following rights in respect of your personal data:

• Access — request a copy of personal data we hold about you;
• Rectification — ask us to correct inaccurate or incomplete data;
• Erasure — ask us to delete your data in certain circumstances;
• Restriction — ask us to limit processing in certain circumstances;
• Portability — receive certain data in a structured, commonly used format;
• Objection — object to processing based on legitimate interests, including for direct marketing;
• Withdraw consent — where we rely on consent, you may withdraw it at any time;
• Not to be subject to solely automated decisions — that produce legal or similarly significant effects (we do not use such decision-making in respect of you);
• Complain to a supervisory authority — see section 14.

To exercise your rights, contact privacy@leadmeister.ai. We may need to verify your identity before responding. We will respond within the time required by law (generally one month, extendable in complex cases).

If you are a recipient of an Outreach Communication and wish to exercise rights in respect of Contact Data, you should contact the sender of that communication (our user), who is the data controller. We will assist them in fulfilling your request as required.

11. Cookies and Similar Technologies

We use cookies and similar technologies (such as local storage) to operate the Service, remember your preferences, secure your session, measure usage, and improve the Service.

We use:

• Strictly necessary cookies — required for authentication (via Clerk), security and core functionality.
• Functional cookies — to remember your settings.
• Analytics cookies — to understand how the Service is used (deployed only with your consent where required).

Where required by law, we present a cookie banner that allows you to accept or reject non-essential cookies. You can also manage cookies via your browser settings; disabling cookies may affect functionality.

12. Children

The Service is intended for business use by adults aged 18 or over. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact privacy@leadmeister.ai and we will take appropriate steps to delete it.

13. Changes to this Policy

We may update this Policy from time to time. The "Last updated" date at the top indicates the latest revision. Material changes will be communicated by email or in-Service notice. Continued use of the Service after changes take effect constitutes acceptance.

14. Complaints

If you believe we have not handled your personal data in accordance with the law, please contact us first at privacy@leadmeister.ai and we will try to resolve your concern.

You also have the right to lodge a complaint with a supervisory authority. In the UK, this is the Information Commissioner's Office (ICO):

• Website: https://ico.org.uk
• Helpline: 0303 123 1113

If you are in the EEA, you may complain to the supervisory authority in your country of residence, place of work, or place of the alleged infringement.

15. Contact

The iCentric Agency Ltd Colworth House, Colworth Park Sharnbrook, Bedfordshire England, MK44 1LQ

Email (privacy): privacy@leadmeister.ai Email (general): support@leadmeister.ai