Lead Friendly
PricingSign in

Privacy Policy

Effective date: May 17, 2026

1. Overview

This Privacy Policy describes how Lead Friendly (“we,” “us,” or “our”) handles personal information in two roles:

  • As a controller for visitors to our marketing site, prospective customers, signed-up users, and our own employees and contractors;
  • As a processorfor personal information that Customers upload, generate, or process through the platform (“Service Data”). Customers are the controllers of Service Data, and our processing of Service Data is governed by our agreement with the Customer (including, where applicable, a Data Processing Agreement).

2. Information we collect

Information you provide

  • Account information: name, email, password (hashed), organization name, role.
  • Customer Content: contacts, call recordings, transcripts, CRM records, agent configurations, and other content you create or upload.
  • Billing information: processed by our payment processor (Stripe). We do not store full card numbers.
  • Communications: emails and support messages you send us.

Information collected automatically

  • Usage data: pages viewed, features used, timestamps, browser, device.
  • Log data: IP address, error reports, performance metrics.
  • Cookies and similar technologies: see our Cookie Policy. We currently use only strictly-necessary cookies.

Information from third parties

We receive limited information from sub-processors (e.g., delivery status from our email provider) and from authentication providers (e.g., name and email if you sign in with Google).

3. How we use information

  • To provide, operate, maintain, and improve the Service;
  • To process AI voice calls (text-to-speech, speech-to-text, agent reasoning) using the sub-processors listed at /legal/subprocessors;
  • To process payments and manage subscriptions;
  • To communicate with you about the Service, including transactional email through our email provider;
  • To detect, investigate, and prevent fraud and abuse;
  • To comply with legal obligations.

4. AI voice processing — what we do and don't do

Voice calls placed or received through the Service are carried over encrypted connections and transcribed for your operational use. We do not use Customer Content (including call audio, transcripts, contact records, or messages) to train, fine-tune, or improve our artificial-intelligence models or any third-party model. We require contractual commitments from our AI sub-processors (text-to-speech, speech-to-text, large language model) that align with this position.

5. Voiceprints and biometric data

Lead Friendly’s default voice processing produces transcripts and audio recordings for operational use; it does not create or store mathematical voiceprints used to identify a specific individual. If you (as a Customer) configure features that involve voice biometrics, you are the controller of that biometric data and are responsible for obtaining all required written consents from your End Users under the Illinois Biometric Information Privacy Act (BIPA), Texas Capture or Use of Biometric Identifier Act (CUBI), Washington HB 1493, and any other applicable law.

6. Call recording and transcription

When recording is enabled, calls placed or received through the Service are recorded and transcribed. Customers using the Service must comply with all federal, state, and local call-recording laws, including the all-party consent laws of California, Connecticut, Delaware, Florida, Illinois, Maryland, Massachusetts, Montana, Nevada, New Hampshire, Pennsylvania, and Washington. The strictest law applicable to any party on a call applies; in cross-state calls the most restrictive jurisdiction governs.

7. How we share information

  • Sub-processors: see /legal/subprocessors.
  • Legal authorities: when we believe in good faith that disclosure is required by law, valid legal process, or to protect rights, property, or safety.
  • Business transfers: in connection with a merger, acquisition, or sale of assets, subject to confidentiality commitments.
  • With your direction: when you ask us to share your information with a third party (e.g., a calendar integration).

We do not sell, rent, or trade personal information, and we do not “sell” or “share” it for cross-context behavioral advertising or engage in “targeted advertising” or “profiling” as those terms are used in U.S. state privacy laws. The circumstances listed above are the only ones in which we disclose personal information.

Government and law-enforcement requests

We disclose personal information to government or law-enforcement authorities only when compelled by valid legal process (such as a subpoena, court order, or warrant) or where disclosure is required by applicable law. When we receive such a request we:

  • require that it be legally valid and disclose only the data the request specifically covers;
  • where legally permitted, notify the affected Customer before disclosing so they can seek to limit or challenge the request;
  • decline or move to narrow requests that are overbroad, legally defective, or unlawful; and
  • do not give any government direct, unfettered, or bulk access to Customer Data, and do not build “back doors” into the Service.

We may make a limited emergency disclosure without prior notice where we believe in good faith it is necessary to prevent imminent death or serious physical harm. Where Customer Data is processed under our Data Processing Addendum, the supplementary safeguards in DPA Annex C also apply.

Reseller and white-label billing

When an agency uses Lead Friendly in reseller or white-label mode, Lead Friendly may act as the merchant of record and charge that agency’s end clients directly. For those transactions Lead Friendly is the controller of the related payment and transaction data (card payments processed through Stripe; agency commission payouts processed through PayPal), and processes the agency’s and its end clients’ other personal data as a processor on the agency’s instructions under our Data Processing Addendum. The agency remains responsible for its own relationship with, and for publishing its own privacy notice and obtaining all required consents from, its end clients. End clients should direct product and data questions to the agency they purchased from; billing inquiries for Lead Friendly–charged transactions may also be sent to hello@leadfriendly.com. Reseller arrangements are further governed by the Reseller Agreement.

8. Data retention

We retain account information and Customer Content for as long as your account is active. After account closure we delete or de-identify general Customer Content within 30 days, except where we are required or permitted by law to keep specific records longer: identity-verification (KYC) records for up to 7 years, telephone-consent records for up to 7 years, and call/message metadata and compliance audit logs for up to 3 years — for tax, anti-fraud, telecommunications-compliance, and dispute-defense purposes. We retain records of your acceptance of our terms for as long as they may be needed as evidence of our agreement. Backups cycle on a rolling 90-day basis. You can request deletion of specific Customer Content at any time through the Service or by contacting us; we honor such requests except where applicable law or an active legal hold requires retention.

9. Security

We use industry-standard safeguards including TLS encryption in transit, encryption at rest for sensitive data, principle-of-least- privilege access controls, and audit logging. No system is perfectly secure; please use a strong, unique password and enable any available multi-factor authentication.

10. Your privacy rights — United States

Depending on your state of residence, you may have the right to: (i) confirm whether we process personal information about you; (ii) access the personal information; (iii) correct inaccurate personal information; (iv) delete personal information; (v) port personal information in a portable format; (vi) opt out of targeted advertising, the sale of personal information, and profiling in furtherance of decisions producing legal or similarly significant effects (we don't engage in any of these today, but we honor opt-outs as a matter of policy); and (vii) appeal a denial of any of the above. These rights, where applicable, arise under (without limitation): California (CCPA/CPRA), Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), Utah (UCPA), Iowa (ICDPA), Indiana, Tennessee (TIPA), Texas (TDPSA), Oregon (OCPA), Montana (MCDPA), Delaware, New Hampshire, New Jersey, Kentucky, Maryland (MODPA), Minnesota, Nebraska, and Rhode Island.

To exercise a right, email hello@leadfriendly.com from the email address associated with your account or include enough information for us to verify your identity. We will respond within the period required by your state’s law (generally 45 days, extendable in some cases). You may authorize an agent to submit a request on your behalf.

California “Notice at Collection.” The categories of personal information we collect, the purposes for which we collect them, and the categories of sources are described in Sections 2 and 3. We retain personal information for the periods described in Section 8.

Universal opt-out signals. Where required by law (currently California, Colorado, Connecticut, and Texas), we will honor recognized universal opt-out signals such as the Global Privacy Control. Today there is nothing for those signals to opt out of because we do not sell personal information or use it for targeted advertising; if that changes we will update this policy and honor signals at that time.

11. Privacy rights — Europe and the UK

If you are in the European Economic Area, the United Kingdom, or Switzerland, you have the rights granted by the GDPR / UK GDPR, including access, rectification, erasure, restriction, portability, and objection. Our legal bases for processing are: (a) performance of a contract; (b) compliance with a legal obligation; and (c) our legitimate interests in operating and improving the Service, except where overridden by your interests and rights. You may lodge a complaint with your local supervisory authority.

12. International transfers

We are headquartered in the United States and store information there. Where personal information is transferred from outside the U.S., we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses, the UK International Data Transfer Addendum, and equivalent mechanisms.

13. Children’s privacy

The Service is intended for business use and is not directed to children under 13. We do not knowingly collect personal information from children. If you believe we have, please contact us so we can delete it.

14. Sub-processors

See /legal/subprocessors for the current list. We notify Customers of changes as described there.

15. Changes to this policy

We may update this Privacy Policy from time to time. Material changes will be communicated by email or in-product notice. The “Effective date” above reflects the most recent substantive update.

16. Contact

Questions about this Privacy Policy or our data practices? hello@leadfriendly.com.

© 2026 Lead Friendly LLC. All rights reserved.Lead Friendly LLC, PO Box 88413, Tukwila, WA 98138
PricingAboutSecurityComplianceCompareFor AgenciesGuidesFAQContactTermsPrivacyAcceptable UseRefund PolicyCookiesSub-processorsLimit Use of Sensitive PIPrivacy Rights
XGitHubYouTubeInstagramFacebookTikTokBlueskyReddit