At Leadron, we take your privacy seriously. This policy describes how we collect, use, and protect your personal information when you use our platform and services.
We collect information you provide directly to us when you create an account, use our services, or communicate with us. This includes:
Account Information — name, email address, company name, phone number, and billing details when you register for a Leadron account.
Lead & Contact Data — information you or your team upload, import, or create within the platform, including names, email addresses, phone numbers, company details, and custom fields.
Usage Data — information about how you interact with our services, including pages viewed, features used, timestamps, IP addresses, device information, and browser type.
Communications — records of your communications with us, including support requests, feedback, and survey responses.
Integration Data — data synced from third-party services you connect, such as CRM systems, email providers, and marketing tools.
Telephony & Messaging Data — when you use our voice, SMS, or messaging features, we collect phone numbers, call metadata (duration, timestamps, direction), message content, delivery status, and consent records. This data is processed through our telecommunications partner, Twilio, Inc.
We use the information we collect to:
• Provide, maintain, and improve our services, including lead management, partner tracking, and analytics features.
• Process transactions and send related information, including purchase confirmations and invoices.
• Send technical notices, updates, security alerts, and administrative messages.
• Respond to your comments, questions, and customer service requests.
• Monitor and analyze trends, usage, and activities in connection with our services.
• Detect, investigate, and prevent fraudulent transactions, abuse, and other illegal activities.
• Personalize and improve your experience, including providing content and features that match your interests.
• Facilitate SMS, voice calls, and other telecommunications on your behalf through our third-party telephony provider (Twilio).
• Comply with legal obligations, including GDPR, CCPA, HIPAA, TCPA, and other applicable telecommunications regulations.
Leadron enables businesses to communicate with their leads, partners, and marketers via SMS and voice through the platform. The following applies to all messaging features:
Consent — our platform requires that you, as the account holder, obtain proper prior express written consent from each recipient before sending any SMS or voice messages. Leadron provides consent management tools, including opt-in tracking and timestamped consent records, to help you maintain compliance.
Message Content — SMS and voice message content, delivery receipts, and metadata are stored to provide the service and maintain audit trails. We do not use message content for advertising or marketing purposes unrelated to providing the Services.
Opt-Out Handling — all SMS messages sent through Leadron include opt-out instructions (e.g., reply STOP). Opt-out requests are processed automatically and immediately. Once a recipient opts out, no further messages will be sent to that number unless they re-consent.
Data Sharing — phone numbers and message data are shared with Twilio, Inc. solely for the purpose of transmitting messages. Twilio processes this data under their own privacy policy and in compliance with applicable telecommunications regulations. We do not sell, share, or disclose phone numbers or message content to any third party for marketing or advertising purposes.
Message Frequency — message frequency varies based on the workflows and campaigns configured by the account holder. Standard message and data rates may apply to recipients.
Data Retention — messaging logs and consent records are retained for the duration of your account and for a minimum of 5 years after the last message is sent to comply with TCPA record-keeping requirements.
We do not sell your personal information. We may share information in the following circumstances:
Service Providers — we engage trusted third-party companies to perform services on our behalf, such as hosting, analytics, payment processing, telecommunications (Twilio), and customer support. These providers are contractually obligated to protect your data and process it only as directed by us.
Business Transfers — if Leadron is involved in a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction.
Legal Requirements — we may disclose information if required by law, regulation, legal process, or governmental request.
Consent — we may share information with your consent or at your direction.
Aggregated Data — we may share aggregated or de-identified information that cannot reasonably be used to identify you.
We implement industry-standard security measures to protect your data:
• Encryption — all data is encrypted in transit (TLS 1.3) and at rest (AES-256-GCM).
• Access Controls — role-based access control (RBAC) with multi-factor authentication (MFA) enforcement.
• Infrastructure — our services run on SOC 2 Type II certified cloud infrastructure with regular penetration testing.
• Monitoring — continuous security monitoring, anomaly detection, and automated breach scanning.
• Backups — regular encrypted backups with tested disaster recovery procedures.
• Telephony Security — all voice and messaging traffic is encrypted end-to-end. Access to telephony credentials and phone numbers is restricted to authorized personnel only.
While no method of transmission or storage is 100% secure, we strive to use commercially acceptable means to protect your personal information.
We retain your personal information for as long as your account is active or as needed to provide services. Specific retention periods include:
• Account Data — retained for the duration of your account plus 30 days after deletion for recovery purposes.
• Lead & Contact Data — retained according to your configured data retention policies. Defaults: auto-archive after 24 months, auto-delete activities after 36 months, auto-purge deleted records after 60 days.
• SMS & Voice Records — messaging logs, consent records, and opt-out records are retained for a minimum of 5 years after the last communication to comply with TCPA requirements.
• Audit Logs — retained for a minimum of 6 years to comply with HIPAA and SOC 2 requirements.
• Billing Records — retained for 7 years as required by applicable tax laws.
You can request data deletion at any time through the Data Subject Request feature in your compliance settings. Note that certain telephony records must be retained for the minimum periods required by law.
Depending on your location, you may have the following rights regarding your personal data:
• Access (GDPR Art. 15) — request a copy of all personal data we hold about you.
• Rectification (GDPR Art. 16) — request correction of inaccurate or incomplete data.
• Erasure (GDPR Art. 17) — request deletion of your personal data (Right to be Forgotten).
• Portability (GDPR Art. 20) — request your data in a structured, machine-readable format.
• Restriction — request that we limit processing of your data in certain circumstances.
• Objection — object to processing of your data for direct marketing or legitimate interests.
• Non-Discrimination (CCPA) — we will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at privacy@leadron.io or use the Data Subject Request feature in your account settings.
Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place, including:
• Standard Contractual Clauses (SCCs) approved by the European Commission.
• Data Processing Agreements (DPAs) with all sub-processors.
• Adequacy decisions where available.
Our services are not directed to individuals under 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete such information.
We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the 'Last Updated' date. We encourage you to review this policy periodically.
If you have questions about this Privacy Policy, our data practices, or our SMS and messaging practices, please contact us at:
Email: privacy@leadron.io
Address: Leadron, Inc.
To opt out of SMS messages, reply STOP to any message received from a Leadron-powered number, or contact us at the email above.