LeadLock AI

Privacy Policy for LeadLock AI

Last Updated: April 23, 2026

Introduction

LeadLock AI Technologies LLC ("LeadLock AI," "LeadLock," "we," "us," or "our") respects your privacy and is committed to protecting personal information. This Privacy Policy explains how we collect, use, disclose, store, and protect personal information when you:

  • visit our websites, landing pages, and hosted pages;
  • use our products, software, applications, chat widgets, forms, calendars, portals, APIs, and services;
  • interact with us by email, SMS, phone, chat, events, or social media;
  • use customer-facing LeadLock assets such as forms, quote portals, booking pages, client portals, and widgets; or
  • otherwise interact with LeadLock AI in a business or professional context.

This Privacy Policy also explains your choices and rights regarding your information.

If you do not agree with this Privacy Policy, please do not use our services.

This Privacy Policy is a general informational document and does not constitute legal advice. You should consult with a licensed attorney to ensure your own use of LeadLock and related contracts comply with applicable law.

1. Scope of This Privacy Policy

This Privacy Policy applies to personal information we collect and process in connection with our business and services.

Depending on the situation, LeadLock may act as:

A. Controller

We act as a controller when we decide how and why to process your personal information, such as when you:

  • visit our website;
  • request a demo;
  • sign up for an account;
  • contact us;
  • subscribe to communications;
  • use our public tools, analyzers, forms, or demos;
  • attend an event;
  • otherwise interact directly with us.

B. Processor / Service Provider

We act as a processor or service provider when our customers use LeadLock to collect, store, manage, analyze, or automate personal information in their own accounts. In those cases, we process data on behalf of our customers according to their instructions and applicable agreements.

For example, our customers may use LeadLock to process personal information through: CRM records; chat widgets; contact forms; booking forms and calendars; quote portals; client portals; SMS/email workflows; AI-assisted conversations; automation workflows; analytics and reporting.

If you are a lead, customer, website visitor, or end user interacting with one of our customers through LeadLock, that customer is typically the party responsible for how your information is collected and used. In that case, please contact that customer directly for privacy requests related to their account.

2. Information We Collect

We may collect the following categories of information.

A. Information You Provide Directly

You may provide us with: name; email address; phone number; mailing address; business name; company website; job title; billing information; support request details; content of messages, chats, calls, form submissions, or bookings; uploaded documents, files, images, or attachments; and any other information you voluntarily submit.

B. Account and Subscription Information

When you create or use an account, we may collect: account owner and user details; workspace or organization information; user role and permissions; login and authentication details; preferences and settings; subscription and billing status; and plan and feature entitlement data.

When a subscription trial is offered, we may record trial status and dates; the trial length is three (3) calendar days unless a different period is disclosed at signup or checkout.

C. CRM, Forms, Widget, and Customer Data

When our customers use LeadLock, we may process and store the business data you put in the product, which may include: leads and contacts; email, SMS, chat, and in-app messages (content and related metadata where those channels are used); call recordings, voicemails, and call transcripts if you or your account settings enable capture and the feature is allowed in your jurisdiction; product and usage analytics (how features are used, performance, and error diagnostics); appointment and job details; quotes and proposal information; notes, tags, status, and tasks; files and attachments; form and booking responses; widget and website assistant conversations; and AI-generated summaries, classifications, or recommendations produced at your direction.

D. Usage and Device Data

We may automatically collect information such as: IP address; device identifiers; browser type and version; operating system; language settings; pages viewed; referring URLs; click activity; timestamps; access logs; app and feature usage metrics; and crash, diagnostic, and performance data.

For voice, SMS, and AI features, we may also process: call metadata and duration; routing and delivery records; message segments; AI request and response metadata necessary to provide summaries and automation; and usage metering tied to your plan (for example included Minutes, Credits, and billing periods). Transcripts or recordings may be generated where the product feature and applicable law allow.

E. Cookies and Similar Technologies

We and our service providers may use cookies, pixels, scripts, local storage, and similar technologies to: keep users signed in; remember preferences; measure site usage; improve performance; personalize user experience; understand campaign attribution; and support analytics and advertising.

F. Communications Data

If you communicate with us or through the platform, we may collect: message content; email metadata; SMS data; support conversation history; call recordings or transcripts, where applicable and lawful; and chatbot or AI interaction logs.

LeadLock may process communications through integrated third-party messaging and communication platforms used to transmit SMS messages, voice calls, call routing, notifications, and other communications initiated by customers through the LeadLock platform. These providers may process message content, message metadata, delivery status information, timestamps, sender and recipient phone numbers, and related routing data necessary to transmit communications. These communications providers act as service providers and process information only for the purpose of delivering communications and supporting platform functionality.

For SMS programs you operate through LeadLock, we may also process consent language shown to end users (where captured), opt-in and opt-out events, and compliance-related metadata required by carriers or regulators (for example fields associated with A2P 10DLC registration where you use applicable U.S. long-code messaging). Message delivery is not guaranteed; carriers, filters, and recipient devices may delay or block messages.

G. Publicly Available and Third-Party Data

We may receive information from: public websites and public business pages; social media profiles; integration partners; payment processors; analytics providers; advertising partners; anti-fraud vendors; enrichment or business data providers; referral partners; and customers who connect third-party applications. We do not knowingly collect information from private, access-restricted, or login-protected sources without authorization.

3. How We Use Information

We may use personal information for the following purposes:

A. To Provide and Operate the Services

Including to: create and manage accounts; host, maintain, and secure the platform; process form submissions, chats, leads, bookings, quotes, and other records; power automations, workflows, and customer-configured functionality; and provide reports, dashboards, analytics, and account features.

B. To Communicate With You

Including to: respond to inquiries; send support messages; deliver transactional notices; send security alerts; provide billing notices; and send administrative updates.

C. To Improve and Develop Our Services

Including to: troubleshoot and debug; monitor performance; evaluate feature usage; improve workflows and reliability; develop new products and functionality; and improve AI-assisted features.

D. To Personalize the Experience

Including to: suggest templates, playbooks, or workflows; recommend product features; tailor educational content; and improve onboarding experiences.

E. To Support AI and Automation Features

Where applicable, we may use information to support features such as: lead summaries; AI-generated replies; qualification scoring; booking suggestions; conversation analysis; follow-up recommendations; workflow recommendations; and website analysis results. We may use customer data to provide customer-requested AI and automation outputs. We do not use customer content to train generalized models for third parties unless expressly disclosed and agreed.

F. For Security and Fraud Prevention

Including to: verify users and sessions; detect abuse, spam, fraud, scraping, or unauthorized access; enforce rate limits and security controls; investigate incidents; and protect our services, users, and the public.

G. For Marketing and Promotion

Where permitted by law, we may use information to: send product updates, newsletters, or promotional emails; provide content and educational resources; measure campaign performance; and advertise our services. You may opt out of marketing communications at any time.

H. To Comply With Law and Enforce Rights

Including to: comply with legal obligations; respond to lawful requests; protect our rights, property, and safety; and enforce our Terms, contracts, and policies.

Business Communications and Workflow Data

LeadLock may process operational communication and workflow data when customers use service workflows in the platform. This may include call data, SMS communication, appointment details, job assignments, technician updates, and customer interactions.

We process this information to:

  • provide AI responses and communication support;
  • automate customer and team workflows; and
  • improve service performance, reliability, and workflow outcomes.

Technician and Customer Data

Technician activity data (for example assignment status updates and job workflow updates) may be stored to support dispatching and team coordination features.

Customer interaction data is processed to provide requested services, including communication history, scheduling, and workflow-related updates.

This information is handled using security safeguards and is not sold to third parties for marketing resale.

Location and GPS (Field and Staff)

Depending on the features you enable, the Platform may process location or presence-related data to support dispatch, technician visibility, ETAs, and maps—for example when a mobile user shares location, checks in, or when address-based routing is used. Location is used to run the product features you turn on, not for unrelated advertising.

You should only enable location features where you have a lawful basis and, where required, consent from the individuals involved (for example your employees or contractors), consistent with your internal policies and applicable law. LeadLock is a processor for this data in your workspace; you remain responsible for notices and permissions you give your team and customers. The Terms of Service include additional context on staff tracking responsibilities.

Automation and AI Processing

AI and automation features may process conversations and related business context to generate replies, summaries, and workflow actions.

Data processing for these features is used to improve functionality, automation quality, and platform performance.

Account owners and authorized users control workflow configuration and how automation operates within their account.

5. How We Share Information

We do not sell personal information in the ordinary meaning of "sell." We may share information in the following circumstances:

A. Service Providers and Subprocessors

We may share information with trusted service providers and subprocessors that help us operate, maintain, and deliver our services. These providers perform services on our behalf and are contractually required to protect personal information and use it only as necessary to provide services to LeadLock.

These service providers may include companies that provide:

  • cloud hosting and infrastructure
  • database and storage services
  • authentication and identity management
  • payment processing and billing systems
  • email delivery and notification services
  • SMS messaging and telecommunications infrastructure
  • voice calling and call routing systems
  • automation and workflow orchestration services
  • artificial intelligence and machine learning services
  • analytics, monitoring, and diagnostic tools
  • logging, error tracking, and performance monitoring
  • fraud prevention and security tools
  • customer support and ticketing platforms

For example, LeadLock may utilize third-party providers to support messaging delivery (such as SMS and voice call infrastructure), workflow automation systems, payment processing, AI model services, and infrastructure hosting. These providers process limited information necessary to perform their services and do not have permission to use the data for their own independent purposes.

B. Customer-Directed Integrations

If a customer enables integrations or connected services, we may share data as required to fulfill the integration, based on that customer's instructions.

C. Business Transfers

If we are involved in a merger, acquisition, financing, restructuring, asset sale, bankruptcy, or similar event, personal information may be transferred as part of that transaction, subject to applicable protections.

D. Legal and Safety Reasons

We may disclose information if we believe disclosure is reasonably necessary to: comply with law, regulation, legal process, or court order; protect rights, safety, and property; investigate fraud or security issues; or enforce our agreements.

E. With Your Consent or at Your Direction

We may share information with third parties when you or our customer instruct us to do so.

6. Customer Data and Customer Responsibility

When our customers use LeadLock to collect and process personal information, they are generally responsible for: providing legally required notices; obtaining necessary consents; honoring user rights requests; configuring the service lawfully; and determining retention periods and lawful bases.

Customers are responsible for their own use of: forms; widgets; booking links; portals; quotes; messages; campaigns; workflows; integrations; and AI-generated outputs they choose to use.

If you submit information to a business using LeadLock, please contact that business directly for questions about how they handle your information.

7. LedgerAI (Finance & Billing Data)

LeadLock AI includes a built-in finance system called LedgerAI. This feature allows users to create invoices, track payments, and manage financial activity.

The following data may be stored when using LedgerAI:

  • client contact information
  • invoice details (amounts, descriptions, due dates)
  • payment records
  • transaction history
  • account-related billing activity

This data is securely stored and is only accessible to the account owner and authorized users.

LeadLock AI does not sell, share, or distribute your financial data to third parties.

Limited processing by payment processors, fraud-prevention tools, or other subprocessors may occur solely as needed to operate LedgerAI and the services you enable, as described in Section 5 (How We Share Information); such processing is not for third-party marketing or unrelated resale of your financial information.

Customer card payments and payouts (for example when you send a payment link or use a connected account) are typically handled by a third-party payment provider such as Stripe. That provider collects and processes card data in accordance with its own terms and security standards. LeadLock generally receives transaction metadata (such as amount, status, and identifiers) so you can reconcile invoices—not full payment card numbers in the clear. For disputes between you and your customers over a charge, the processor's and your own policies usually apply, as further described in our Terms of Service.

8. Your Data Ownership

You retain full ownership of your data.

All data entered into LeadLock AI — including leads, clients, invoices, and payments — belongs to you.

We do not claim ownership of your business data.

You may:

  • access your data at any time
  • export your data
  • request deletion of your data

LeadLock AI acts only as a secure platform for storing and managing your information.

9. Cookies and Tracking Technologies

We may use cookies and similar technologies for: authentication; security; remembering preferences; analytics; performance; attribution; product improvement; and advertising, where applicable.

Some cookies are necessary for our website and services to function. Others are optional. You may manage cookie preferences through your browser or any cookie preference tools we make available. Blocking some cookies may affect functionality.

We may also use technologies such as: pixels; event tags; local storage; session storage; and analytics scripts.

For a description of how we treat CRM workspace and UI layout preferences stored in your browser (such as panel sizes and collapsed sections), see Local UI and workspace preferences.

Local UI and workspace preferences

When you use LeadLock web applications (including the CRM and operator-facing workspaces such as Control Tower), your browser may store interface preferences on your device using local storage or similar client-side mechanisms. These preferences may include: panel widths; whether sidebars or sections are collapsed or expanded; “focus” or full-width viewing modes; and other non-content layout state used to customize your workspace.

This information is stored locally in your browser profile. It is used only to restore your layout between sessions on that browser and is not used for targeted advertising, is not sold, and does not replace authentication or server-side account settings. Clearing site data, using private browsing, or switching browsers or devices will reset these preferences. In the future, we may optionally sync some preferences to your account on our servers; if we do, we will update this Privacy Policy and, where required, provide appropriate notice or consent mechanisms.

Product analytics, credits, and Control Tower (internal admin)

We may record product analytics events (for example: pages viewed, features used, onboarding steps, errors, performance timings, and high-level usage patterns) to operate, secure, debug, and improve LeadLock. These events are used for product improvement, reliability, and support—not for selling personal information as a data broker. We avoid collecting secrets, passwords, full payment card numbers, or sensitive authentication material in analytics metadata.

Accounts may have a credit balance or similar usage allowances with an append-only ledger or usage history where we provide it for transparency. Credits may be granted by authorized LeadLock operators for promotions, goodwill, or adjustments, and may be consumed when you use metered features according to your plan and in-product rules. Customers can review balance and history in the app where available.

Control Tower and operator access: A limited set of authorized LeadLock personnel may access internal administrative tools (we refer to this operational workspace as "Control Tower" or similar) to support customers, investigate abuse, configure accounts, perform billing operations, and keep the service running. Access is role-restricted and purpose-limited (for example support, security, fraud prevention, and system health). Sensitive actions may require additional verification (such as operator multi-factor authentication). We maintain audit-style logging for many operator actions to promote accountability. We do not use this access to browse customer CRM data for unrelated marketing purposes.

10. AI Features and Automated Processing

LeadLock includes AI-powered and automated features that may analyze your data and produce or suggest AI-generated text, audio, or actions (for example suggested replies, call handling, or workflow steps). The account owner and authorized users control which automations are enabled, subject to plan limits and law.

We may use AI to:

  • summarize communications;
  • classify leads;
  • generate or suggest replies and scripts;
  • recommend follow-up actions;
  • suggest booking or scheduling actions;
  • analyze websites or public business information;
  • assist with reports and automation.

Important:

  • Many user-facing or customer-facing lines may be AI-generated when you enable that behavior.
  • AI outputs may be imperfect, incomplete, or inaccurate.
  • You are responsible for reviewing outputs before you rely on them, send them to customers, or use them for legal, financial, medical, or safety-affecting decisions. See also our AI Automation Disclaimer in the Terms of Service.

We may use third-party AI providers to support these features under appropriate contractual protections.

Calls, recordings, AI voice processing, and synthesized speech

Voice & AI calls policy detail (updated April 7, 2026)When you enable AI phone answering, softphone or browser calling features, call recording (where you turn it on and law allows), or related voice tools, LeadLock AI and our telecommunications subprocessors (including Twilio) may process voice audio, transcriptions, call metadata, routing events, and playback of audio prompts or AI-generated speech to operate the service. Calls may be transcribed and analyzed by automated systems (including AI) to capture lead information, route or forward calls, support quality review, and generate summaries or notes in your CRM. When you enable human-like or premium text-to-speech for voice experiences (for example on phone flows or the embeddable website assistant), audio may be generated through additional subprocessors (such as ElevenLabs or other TTS providers we support) in addition to our core AI model providers. Only content needed to produce the requested audio is sent to those providers, subject to our agreements with them. We may retain call records, recordings (where applicable), transcripts, and related logs for as long as your account is active and as needed for security, billing disputes, legal compliance, product improvement, or as described in our retention practices. You are responsible for complying with applicable laws regarding call recording, monitoring, and consent in each jurisdiction where you operate, and for configuring disclosures to your callers, website visitors, and staff where required. Twilio and other listed subprocessors act as service providers for their respective functions; their processing is subject to their own terms and privacy policies.

10A. Website Voice Agent Data

If customers enable the AI Voice Website Agent, LeadLock may process visitor voice input (microphone audio converted to text), generated replies, transcript events, and related lead capture fields such as name, phone number, email, service request, urgency, and booking intent.

This processing supports requested platform functionality: voice conversations, text fallback, CRM timeline storage, lead qualification, booking handoff, and reporting. Customers are responsible for publishing consent and disclosure language required by their jurisdiction.

11. Data Retention

We retain information for as long as reasonably necessary for the purposes described in this Privacy Policy, including to: provide the services; maintain account records; comply with law; resolve disputes; enforce agreements; and support legitimate business operations.

Retention periods may vary depending on: the type of data; account settings; legal obligations; customer instructions; and system backups and archival requirements. When we no longer need information, we will delete, anonymize, or securely de-identify it, unless retention is required by law.

12. Data Security

We take data security seriously and implement industry-standard practices designed to protect your information.

This includes:

  • secure database storage
  • encrypted data transmission
  • access control per account
  • regular monitoring and protection measures

We also use reasonable administrative, technical, and organizational safeguards. These may include: access controls; encryption in transit; secure hosting environments; monitoring and logging; authentication controls; rate limiting; environment variable and secret management; and incident response processes.

However, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for keeping your account credentials confidential and using strong security practices.

13. International Data Transfers

We may process and store information in the United States and other countries where we or our providers operate. Where required, we take reasonable steps to provide appropriate protections for international data transfers, which may include contractual safeguards and other legally recognized mechanisms.

By using the services, where permitted by law, you acknowledge that your information may be processed outside your jurisdiction.

14. Your Privacy Rights and Choices

Depending on where you live, you may have rights regarding your personal information, such as: access; correction; deletion; portability; restriction; objection to certain processing; withdrawal of consent; appeal of certain decisions; and opt-out of certain targeted advertising or sharing.

To exercise applicable rights, contact us using the information below. We may need to verify your identity before processing your request. If we process your information as a processor/service provider for one of our customers, you should direct your request to that customer first.

Marketing Communications

You may opt out of marketing emails by using the unsubscribe link in the message or by contacting us. You may still receive transactional or service-related communications.

15. U.S. State Privacy Rights

Residents of certain U.S. states may have specific rights under applicable state privacy laws. These may include rights to: know what personal information we collect; access and obtain a copy; delete personal information; correct inaccurate information; opt out of targeted advertising, profiling, or certain sharing; and appeal a denied request. We will not unlawfully discriminate against you for exercising applicable rights. Where required, we will honor valid requests consistent with applicable law.

16. California Privacy Notice

If you are a California resident, you may have rights under California law, including rights to know, delete, correct, and opt out of certain processing or sharing. We may collect categories of information such as: identifiers; commercial information; internet or network activity; geolocation data; professional information; communications; and inferences. We use and disclose this information for the business and commercial purposes described in this Privacy Policy. If required by law, we will honor requests to opt out of certain sharing or targeted advertising.

17. Children's Privacy

LeadLock is not directed to children under 16, and we do not knowingly collect personal information from children under 16 for our own purposes. If you believe a child has provided us information in violation of this section, contact us and we will take appropriate steps. Customers are responsible for ensuring their own use of LeadLock complies with laws applicable to children's data.

18. Third-Party Services and Links

Our services may contain links to third-party websites, embedded content, and integrations. We are not responsible for the privacy, security, or content practices of third parties. If you connect third-party services to LeadLock, your information may be processed by those providers according to their own terms and privacy notices. You are responsible for reviewing those third-party policies.

LeadLock integrates with various third-party service providers that enable core platform functionality such as communications delivery, automation workflows, AI features, payment processing, and infrastructure hosting. When customers enable these integrations or features, information necessary to operate those services may be transmitted to those providers according to customer configuration. These providers operate under their own privacy policies and contractual data protection obligations.

Examples include: Twilio (voice and SMS transport), Stripe (subscription and Credit purchases), Resend or similar transactional email providers for account, billing, and product notifications, OpenAI or other model providers when AI features are enabled, and cloud infrastructure vendors for hosting and backups. We do not sell user data to data brokers; we use these services to operate the product you subscribed to.

19. Public Content and User Responsibility

If you submit or publish content in public-facing areas, including public portals, testimonials, or community-style features, that information may be visible to others. Please use caution when submitting information in publicly accessible areas. Customers are responsible for configuring public pages, portals, forms, widgets, and content appropriately.

20. Data Accuracy and Customer Instructions

We rely on customers and users to provide accurate information and lawful instructions. LeadLock is not responsible for inaccurate, outdated, unlawful, or misleading data entered by customers or users. Customers remain responsible for their own compliance obligations regarding the personal information they collect and process through LeadLock.

21. Sensitive Information

Unless expressly required for an enabled feature and lawful purpose, please do not submit highly sensitive personal information through our public forms, widgets, or communications, including: government ID numbers; full payment card numbers; full financial account credentials; highly sensitive health information; biometric identifiers; or other data restricted by law. If customers choose to collect sensitive information, they are responsible for lawful collection, handling, and disclosure.

22. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we may notify users by posting the updated policy, updating the effective date, or by other appropriate means. Your continued use of the services after an update means the updated policy will apply, subject to applicable law.

23. Contact Us

If you have questions, requests, or privacy concerns, contact us at:

LeadLock AI Technologies LLC
Attn: Privacy

Email: privacy@leadlockai.ai
Support: support@leadlockai.ai
Website: https://www.leadlockai.ai

Your data is yours — we simply help you manage it.

24. SMS Data Handling

LeadLock AI may process SMS communication data when customers enable messaging features. This may include sender and recipient phone numbers, message content, timestamps, delivery status, opt-in context, consent language versions shown to end users where applicable, append-only consent history for audit purposes, and opt-out events required to support compliant messaging workflows.

SMS communication through LeadLock is intended for consent-based use cases such as lead confirmations, appointment-related updates, inquiry follow-ups, and support responses. Users may opt out by replying STOP and may request assistance by replying HELP.

25. AI Interaction Data Processing

When AI features are enabled, LeadLock AI may process chat, voice, and message interaction data to generate summaries, recommended responses, lead qualification signals, and communication assistance.

AI interaction processing is performed to provide requested functionality and improve product performance. AI outputs may be reviewed for quality, safety, and reliability in accordance with contractual and legal requirements.

26. Data Retention Detail

Retention periods vary based on data category, legal obligations, customer account settings, support requirements, and operational needs. Communication records and AI interaction logs may be retained for service continuity, troubleshooting, compliance, and security review.

Where feasible and legally permitted, data is deleted, de-identified, or anonymized after retention periods expire or upon verified deletion requests.

27. Third-Party Processors

LeadLock AI uses third-party processors to provide core services. Depending on enabled features, this may include providers for telecommunications delivery (such as Twilio), AI processing (such as OpenAI), billing and payments, cloud infrastructure, and monitoring services.

These processors are used to operate the platform and are contractually required to process data only for authorized service-related purposes.

28. No Sale of Personal Data

LeadLock AI does not sell, rent, or trade personal information to third parties for marketing purposes.