Privacy Policy

Table of Contents

Effective Date: June 2026 Last Updated: June 2026

Leadnest.ai (“we,” “our,” “us”) is committed to protecting your privacy and ensuring that your personal data is processed lawfully, fairly, and transparently. This Privacy Policy explains how we collect, use, store, share, and protect your personal data across our services, in compliance with the applicable data protection and messaging regulations, including the Digital Personal Data Protection Act (DPDPA 2023 – India), the General Data Protection Regulation (GDPR – EU) where applicable, and CTIA/TCPA/10DLC messaging requirements.

Our mission is to provide customer engagement and communication solutions while maintaining the highest standards of privacy and data protection.

Google Calendar Data Usage

Leadnest.ai allows users to connect their Google Calendar account to enable calendar synchronization, scheduling, availability checking, and event management features.

Google Calendar data is protected using industry-standard security measures, including encryption in transit, access controls, monitoring, and data protection safeguards described in this Privacy Policy.

When authorized by the user, Leadnest.ai may access Google Calendar data through the following Google Calendar API permissions:

  • View calendar settings (calendar.settings.readonly)
  • View calendar availability and free/busy information (calendar.freebusy)
  • View calendars and calendar events (calendar.readonly)
  • Create, modify, and manage calendar events (calendar.events)

Google user data is accessed only with the user's explicit authorization and solely for providing calendar-related functionality within the Leadnest.ai platform.

Leadnest.ai requests only the minimum Google Calendar permissions necessary to provide calendar synchronization, availability checking, scheduling, and event management features.

Google user data is not sold, rented, shared, or disclosed to third parties for advertising, marketing, profiling, or any unrelated purposes.

Access to Google user data is restricted to authorized systems and personnel who require access for the operation, maintenance, security, and support of the services provided to users.

Google Workspace API Data Usage Disclosure

Leadnest.ai's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Google Workspace API data is used exclusively to provide user-requested calendar functionality and is not used for advertising purposes.

Leadnest.ai does not use Google Workspace API data to develop, improve, or train generalized artificial intelligence (AI) models, machine learning (ML) models, or similar technologies.

Users may revoke Google account access at any time through their Google Account permissions page or through Leadnest.ai account settings where available.

Scope & Applicability

This Privacy Policy applies to:

  • Users of the Leadnest.ai platform, including free and paid accounts.
  • Organizational customers who create campaigns, send notifications, and manage apps through Leadnest.ai.
  • End users who receive notifications, campaigns, or messages sent via Leadnest.ai.
  • Visitors to our websites, subdomains, and mobile applications.
  • Healthcare clients and their patients (when Leadnest.ai acts as a HIPAA Business Associate).

This policy does not apply to third-party websites or services not controlled by Leadnest.ai.

Information We Collect

Account & Identity Data

  • Name, email, phone number, company, job role.
  • Authentication credentials (hashed passwords, API tokens).

Customer & Lead Data

  • Contacts uploaded by customers (names, emails, phone numbers).
  • Campaign metadata (delivery status, open/click rates, engagement history).
  • Preferences and opt-in/opt-out status (including timestamp, IP address, and consent record for SMS/WhatsApp).

Technical & Device Data

  • IP addresses, device identifiers, browser types, operating systems.
  • Log data (usage timestamps, session activity, crash reports).

Payment & Billing Data

  • Payment method details (processed via PCI-DSS compliant providers).
  • Billing address and transaction history.

Special Category Data (GDPR & HIPAA)

  • Protected Health Information (PHI) when acting as a HIPAA Business Associate.
  • Sensitive personal data processed under explicit consent or contractual necessity.

How We Use Your Information

We process your data to:

  • Provide platform functionality (sending messages, managing leads, reporting analytics).

  • Deliver transactional and promotional communications via email, SMS, MMS, WhatsApp, and push notifications.

  • Personalize user experience and campaign targeting (within legal limits).
  • Ensure platform security and prevent fraud.
  • Fulfill legal obligations (tax, data protection, audit trails).
  • Conduct research and development to improve platform functionality, performance, and customer engagement services.
  • Support healthcare organizations with HIPAA-compliant data processing.

SMS, WhatsApp & Messaging Compliance

We follow CTIA, TCPA, and 10DLC guidelines for all messaging services:

  • Explicit Consent: Users must opt-in during signup or campaign subscription (via checkbox). Consent records (IP, timestamp) are stored.
  • Message & Data Rates Notice: All messaging consents clearly state “Message & data rates may apply.”

  • Opt-Out Handling: Users can opt out anytime by replying STOP. We immediately unsubscribe the number and stop sending both promotional and transactional messages, and send confirmation (“You have successfully unsubscribed. No further messages will be sent.”) leadnest_sms_compliance_changes

  • Help Handling: Users can reply HELP to receive support contact details: “Leadnest.ai Support: Contact support@leadnest.ai or call +1-XXX-XXX-XXXX. Msg & Data rates may apply.” leadnest_sms_compliance_changes

  • Brand Identification: All messages include “Leadnest.ai” at the start.
  • Promotional Messages: Clearly identify sender and include opt-out instructions (e.g., “Reply STOP to unsubscribe”).

Lawful Bases for Processing

We rely on:

  • Consent: Freely given, informed, revocable at any time (for marketing, messaging).
  • Contractual Necessity: To fulfill service agreements.
  • Legitimate Interest: Product improvement, fraud prevention.
  • Legal Obligation: Tax, data protection compliance.
  • HIPAA: PHI processed only under signed BAAs.

Data Sharing & Sub-Processors

Leadnest.ai does not share, sell, rent, or disclose users mobile numbers, SMS consent data, or opt-in information with any third parties or affiliates for marketing or unrelated purposes. SMS opt-in data is used solely to deliver account-related transactional notifications.

Data Retention

  • Account Data: Retained for account lifetime + 90 days unless deletion is requested.
  • Consent Records: Retained for compliance (minimum 4 years or per carrier requirement).
  • Lead & Campaign Data: Deleted promptly after contract termination or per customer settings.
  • Healthcare Data: Retained for 6 years (HIPAA).
  • Log Data: Retained for up to 12 months for security auditing.

Your Rights

You may request access, rectification, deletion, restriction, portability, or withdrawal of consent at any time. You may also manage message preferences and opt out of non-essential communications via account settings or by replying STOP to any message.

Cookies & Similar Technologies

Used for session management, fraud detection, and personalization.

Breach Notification

We notify users and authorities per GDPR (72h), HIPAA (60 days), and DPDPA guidance.

Contact Us

Leadnest.ai Privacy Office