LEAD SAVAGE PRIVACY POLICY
Last Updated: MARCH 2, 2023
1. Overview
Lead Savage, LLC ("Lead Savage," "we," "us," and "our") respects your privacy and is committed to protecting it through compliance with this Privacy Policy ("Privacy Policy"). This Privacy Policy describes the types of information we may collect from you when you visit the website at https://www.leadsavage.io or use the Services offered there (the "Platform"), and that you may provide in electronic messages to Lead Savage. It also describes our practices for collecting, using, maintaining, protecting, and disclosing that information.
Please read this Privacy Policy carefully to understand our policies and practices regarding your information and how we will handle it. If you do not agree with our policies and practices, do not use the Platform. By accessing or using the Platform, you agree to this Privacy Policy.
Lead Savage may change this Privacy Policy at any time, at its discretion. For material changes that substantially affect your privacy rights, we will provide at least thirty (30) days' advance notice via email to your registered email address. Your continued use of the Platform after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates.
This Privacy Policy is subject to and governed by the Lead Savage Terms of Service ("Terms of Service") available on the Platform at https://leadsavage.io/tos. The Services are part of the Platform and are described further in the Terms of Service. To the extent there is a conflict between this Privacy Policy and the Terms of Service, the Terms of Service control.
Table of Contents
Overview
Information We Collect and How We Collect It
How We Use Your Information
How We Share Your Information
Data Retention and Deletion
Third-Party Service Providers and Subprocessors
Cookies and Tracking Technologies
SMS/MMS Data Handling
How We Protect Your Information
Data Breach Notification
International Data Transfers
Automated Decision-Making and Profiling
Marketing Communications and Your Choices
Links to Other Websites and Services
Information From Children
Your Rights and Choices
California Privacy Rights
Rights of EEA and UK Residents
Other State Privacy Rights
Do Not Track
Changes to This Privacy Policy
How to Contact Us
2. Information We Collect and How We Collect It
Lead Savage may collect two types of information from you when you visit the Platform: Personal Information and Non-Personal Information (collectively "Information").
"Personal Information" refers to data by which you may be personally identified, such as name, email address, employer, job title and department, telephone number, physical address, payment information, and other information listed below.
"Non-Personal Information" means data that is about you but does not identify you specifically. If you do nothing during your visit to our Platform but browse, read pages, or view content, we will gather and store information about your visit that does not identify you personally.
We Collect Information:
Directly from you when you provide it to us
Through our communications with you
From third parties
Automatically as you navigate through the Platform
Automatically, on an aggregate level, when you utilize our Services
Through analytics tools and tracking technologies
A. Information You Provide Directly to Us
The information that you provide us directly through our Platform may include:
Account Information: Name, email address, phone number, company name, job title, billing address, and Login Credentials when you create an account
Payment Information: Credit card details, billing address, and other financial information necessary to process payments (processed securely through third-party payment processors)
Profile Information: Business details, preferences, and customization settings
Communication Information: Records and copies of your correspondence with us, including email addresses, phone numbers, and the content of communications
Transaction Information: Details of products or Services you purchase, including purchase history and billing records
Support Information: Information you provide when reporting problems, requesting technical support, or making inquiries
Survey and Feedback Information: Your responses to surveys, testimonials, reviews, or feedback forms
Client Data: Information about your clients that you upload to the Platform, including contact information, communication preferences, and interaction history
User Contributions: Any content, files, data, or materials you upload, post, or transmit through the Platform
B. Information Automatically Collected
When you visit or use the Platform, we automatically collect certain information:
Device Information: Type of device, operating system, browser type and version, device identifiers
Usage Information: Pages visited, features used, time spent on pages, click-through data, search queries, and navigation paths
Location Information: General geographic location based on IP address or precise location if you grant permission
IP Address and Domain Name: Internet Protocol address and domain name used to connect to the internet
Log Information: Date and time of visits, referring/exit pages, and website navigation patterns
Performance Data: Platform performance metrics, error reports, and diagnostic information
C. Information from Third-Party Sources
We may receive information about you from:
Third-Party Integrations: Data from platforms and services you connect to Lead Savage (such as GoHighLevel, email service providers, calendar applications)
Social Media: If you choose to link social media accounts to the Platform
Business Partners: Information from companies with whom we have business relationships
Public Sources: Publicly available information to supplement our records
Data Aggregators: Information from third-party data providers to enhance our Services
D. SMS/MMS Information
If you use our SMS/MMS communication features, we collect:
Phone Numbers: Mobile phone numbers of your contacts and clients
Message Content: Content of SMS/MMS messages you send through the Platform
Delivery Information: Message delivery status, timestamps, and carrier information
Consent Records: Records of consent obtained from recipients to receive communications
Opt-Out Data: Records of opt-out requests and do-not-contact preferences
For more details, see Section 8 (SMS/MMS Data Handling).
3. How We Use Your Information
We use information that we collect about you or that you provide to us, including any Personal Information, for the following purposes:
A. Service Delivery and Platform Operations
To present our Platform and content to you
To provide you with the products or Services you request from us
To create and manage your account
To process transactions and send transaction confirmations
To provide customer support and respond to your inquiries
To maintain, improve, and optimize Platform performance
To develop new features, products, and Services
To personalize your experience on the Platform
B. Communications
To communicate with you about your account, transactions, or Services
To send you technical notices, updates, security alerts, and administrative messages
To respond to your comments, questions, and requests
To notify you about changes to our Platform or any products or Services we offer
To send marketing and promotional communications (with your consent where required)
To facilitate communications between you and your clients through the Platform
C. Business Operations and Analytics
To carry out our obligations and enforce our rights arising from contracts
To process billing, payments, and collections
To detect, prevent, and address fraud, security issues, and technical problems
To analyze how our Platform and Services are used
To compile aggregate statistics and analytics about Platform usage
To conduct research and development
To improve our marketing and advertising efforts
D. Legal and Compliance
To comply with legal obligations, court orders, and regulatory requirements
To enforce our Terms of Service and other agreements
To protect the rights, property, and safety of Lead Savage, our users, and others
To resolve disputes and enforce our policies
E. Other Purposes
For any other purpose with your consent
For any purpose disclosed to you when you provide the information
As otherwise described in this Privacy Policy
4. How We Share Your Information
We do not sell, rent, or trade your Personal Information to third parties for their marketing purposes.
We may share or disclose your information in the following circumstances:
A. Service Providers and Subprocessors
We share information with third-party service providers who perform services on our behalf. See Section 6 for detailed information about our service providers.
B. Business Transfers
We may share or transfer your information in connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition, divestiture, restructuring, reorganization, dissolution, bankruptcy, or other business transaction or proceeding.
C. Legal Requirements and Protection
We may disclose your information:
To comply with any court order, law, legal process, or governmental or regulatory request
To enforce or apply our Terms of Service and other agreements
To protect the rights, property, or safety of Lead Savage, our users, or others
To investigate or prevent fraud, security issues, or illegal activities
To protect against legal liability
D. With Your Consent
We may share your information with third parties when you provide explicit consent or direction to do so.
E. Aggregated and De-Identified Information
We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you, without restriction.
F. Your Clients
When you use our Services to communicate with your clients, we facilitate the transmission of that information on your behalf. We do not control how your clients use the information you send them.
5. Data Retention and Deletion
A. General Retention Principles
We retain your Personal Information for as long as reasonably necessary to:
Fulfill the purposes for which it was collected
Provide you with Services
Comply with legal, regulatory, tax, accounting, or reporting requirements
Resolve disputes and enforce our agreements
Maintain security and prevent fraud
B. Retention Periods by Data Type
Account Information: Retained while your account is active and for a reasonable period after cancellation to resolve disputes or comply with legal obligations
Transaction and Billing Records: Retained for at least 7 years to comply with tax and accounting requirements
Communications Records: Retained for 3-7 years depending on the nature of the communication
Technical Logs: Retained for 90 days to 2 years for security and troubleshooting purposes
Marketing Data: Retained until you opt-out or we no longer have a legitimate business need
C. Account Cancellation and Immediate Data Deletion
IMPORTANT: When you cancel your account through https://account.leadsavage.io/bye, all user-accessible account data is immediately and permanently deleted.
This includes:
Client contact information and databases
Communication history and message content
Files, documents, and uploaded content
Workflows, automations, and configurations
Forms, surveys, and user-generated content
Analytics and reporting data
Once your account is cancelled, this data CANNOT be recovered. You must export any data you wish to retain BEFORE cancelling your account. Lead Savage is not responsible for data loss resulting from account cancellation.
D. Data Retained After Cancellation
Even after account cancellation and immediate deletion of user-accessible data, Lead Savage may retain certain limited information as required by law or for legitimate business purposes:
Financial Records: Transaction history, invoices, payment records, and billing information (retained for 7 years for tax compliance)
Legal Compliance Records: Information necessary to comply with legal obligations, court orders, or regulatory requirements
Dispute Resolution: Records necessary for pending disputes, claims, or legal proceedings
Fraud Prevention: Information necessary to prevent fraud and maintain platform security
Aggregated Data: De-identified, anonymized, or aggregated data that cannot be traced back to you
Such retained information:
Will not be accessible to you after cancellation
Will not be used for marketing purposes
Will be maintained securely in accordance with this Privacy Policy
Will be deleted when no longer required by law or legitimate business need
E. Your Deletion Rights
Subject to applicable law and the limitations described above, you may request deletion of your Personal Information by:
Cancelling your account at https://account.leadsavage.io/bye (immediate deletion)
Contacting us at [email protected] (deletion within 45 days, subject to legal retention requirements)
See Section 16 for more information about your rights.
6. Third-Party Service Providers and Subprocessors
We use third-party service providers and subprocessors to help us deliver, maintain, and improve the Platform and Services. These providers have access to your information only to perform specific tasks on our behalf and are obligated to protect your information and use it only for the purposes for which it was disclosed.
A. Categories of Service Providers
Platform Infrastructure and Hosting:
GoHighLevel (primary platform infrastructure and CRM services)
Cloud hosting and server providers
Content delivery networks (CDNs)
Database management services
Communication Services:
SMS/MMS carrier providers and aggregators
Email delivery services (SMTP providers)
Voice and telephony services
Communication API providers
Payment Processing:
Payment gateway providers
Credit card processors
Billing and subscription management services
Fraud detection and prevention services
Analytics and Performance:
Google Analytics (website analytics and user behavior tracking)
Performance monitoring and error tracking services
A/B testing and optimization tools
Heat mapping and user experience tools
Customer Support:
Help desk and ticketing systems
Live chat providers
Customer relationship management tools
Security and Compliance:
Security monitoring and threat detection services
Data encryption providers
Backup and disaster recovery services
Compliance and audit tools
Marketing and Advertising:
Email marketing platforms
Advertising networks and platforms
Marketing automation tools
Social media integration services
B. Data Sharing with Service Providers
When we share your information with service providers:
We share only the minimum information necessary for them to perform their services
They are contractually bound to confidentiality and security obligations
They must comply with applicable data protection laws
They may only use your information as directed by Lead Savage
They must implement appropriate security measures
C. International Service Providers
Some of our service providers may be located outside the United States. When we transfer your information internationally, we ensure appropriate safeguards are in place. See Section 11 for more information about international data transfers.
D. Changes to Service Providers
We may add, remove, or replace service providers as necessary to deliver the Services. We maintain oversight of our service providers to ensure they meet our privacy and security standards.
7. Cookies and Tracking Technologies
A. What Are Cookies?
Cookies are small text files that are placed on your device when you visit a website. We use cookies and similar tracking technologies to collect and store information about your preferences, usage patterns, and interactions with the Platform.
B. Types of Cookies We Use
Essential Cookies (Required): These cookies are necessary for the Platform to function properly. They enable core functionality such as:
Account login and authentication
Security features
Load balancing and platform performance
Session management
You cannot opt-out of essential cookies, as they are necessary to provide the Services.
Analytics Cookies (Optional): These cookies help us understand how visitors interact with the Platform by collecting and reporting information:
Google Analytics (tracks page views, user behavior, and traffic sources)
Performance monitoring and error tracking
Usage patterns and feature adoption
Platform optimization data
Functional Cookies (Optional): These cookies enable enhanced functionality and personalization:
Language preferences
User interface customization
Feature preferences and settings
Remember your choices and preferences
Marketing/Advertising Cookies (Optional): These cookies track your activity across websites and are used for:
Remarketing and retargeting
Advertising campaign effectiveness
Social media integration
Interest-based advertising
C. Third-Party Cookies
We use the following third-party cookie providers:
Google Analytics: For website analytics and performance tracking
Facebook Pixel: For advertising and remarketing (if applicable)
Other advertising networks: As needed for marketing campaigns
These third parties have their own privacy policies governing their use of cookies.
D. Google Analytics Advertising Features
We have implemented the following Google Analytics Advertising Features:
Demographics and Interest Reporting
Remarketing with Google Analytics
Google Display Network Impression Reporting
Google Analytics for Display Advertising
These features collect data using Google advertising cookies and anonymous identifiers. To opt-out of Google Analytics Advertising Features, visit: https://tools.google.com/dlpage/gaoptout
E. Managing Cookies
Browser Controls: Most web browsers allow you to control cookies through their settings. You can:
Block all cookies
Accept only certain cookies
Delete existing cookies
Receive alerts when cookies are being set
Note that blocking or deleting cookies may affect Platform functionality and your user experience.
Opt-Out Tools: You can opt-out of certain tracking technologies:
Google Analytics: https://tools.google.com/dlpage/gaoptout
Network Advertising Initiative: http://www.networkadvertising.org/choices/
Digital Advertising Alliance: http://www.aboutads.info/choices/
Cookie Duration:
Session cookies: Deleted when you close your browser
Persistent cookies: Remain on your device for a set period (typically 1-24 months) or until manually deleted
8. SMS/MMS Data Handling
If you use the SMS/MMS communication features of our Platform, special data handling practices apply.
A. Information We Collect
When you use SMS/MMS Services:
Phone numbers of message recipients
Message content (text and media)
Delivery timestamps and status
Carrier information
Opt-in/opt-out records
Message frequency and patterns
Response rates and engagement metrics
B. Your Responsibilities
You are solely responsible for:
Obtaining proper consent from recipients before sending messages
Complying with the Telephone Consumer Protection Act (TCPA)
Complying with carrier guidelines and regulations
Providing clear opt-out mechanisms
Honoring opt-out requests immediately
Maintaining records of consent
Ensuring message content complies with applicable laws
Lead Savage is a technology platform provider only. We do not initiate, create, or control the content, timing, or recipients of any SMS/MMS messages. You are the sender and initiator of all communications.
C. How We Use SMS/MMS Data
We use SMS/MMS data only to:
Facilitate message delivery on your behalf
Provide delivery confirmations and reports
Troubleshoot delivery issues
Prevent fraud and abuse
Comply with legal obligations
Improve our SMS/MMS Services
D. Carrier Sharing
We share phone numbers and message content with:
SMS/MMS carrier networks (to deliver messages)
SMS gateway providers and aggregators
Telephony service providers
These providers are contractually obligated to use the information only for message delivery and related services.
E. Message Retention
Active Messages: Stored while your account is active for reporting and compliance purposes
Opt-Out Records: Retained indefinitely to ensure compliance with opt-out requests
Delivery Logs: Retained for 90 days for troubleshooting and compliance
F. Recipient Rights
Recipients of your SMS/MMS messages have the right to:
Opt-out at any time by replying "STOP"
Request information about data collection
File complaints with carriers or regulatory authorities
You must honor opt-out requests immediately and maintain do-not-contact lists.
9. How We Protect Your Information
A. Security Measures
We implement commercially reasonable security measures to protect your information from unauthorized access, use, alteration, and disclosure, including:
Technical Safeguards:
Encryption of data in transit using SSL/TLS protocols
Encryption of sensitive data at rest
Secure authentication mechanisms and password policies
Multi-factor authentication options
Regular security patches and updates
Firewalls and intrusion detection systems
Security monitoring and logging
Administrative Safeguards:
Employee background checks and confidentiality agreements
Access controls and principle of least privilege
Security awareness training for personnel
Incident response and disaster recovery plans
Regular security audits and assessments
Vendor security evaluations
Physical Safeguards:
Secure data centers with restricted access
Environmental controls and monitoring
Backup and redundancy systems
B. Security Limitations
Despite our efforts, no security measures are 100% effective:
The internet is inherently insecure, and we cannot guarantee absolute security
You transmit information to the Platform at your own risk
You are responsible for maintaining the confidentiality of your Login Credentials
Unauthorized access or use may occur despite our security measures
C. Your Security Responsibilities
To help protect your account:
Use a strong, unique password
Enable multi-factor authentication if available
Do not share your Login Credentials
Log out when finished using the Platform
Keep your contact information current
Report suspicious activity immediately to [email protected]
Do not store highly sensitive information (SSNs, health data, passwords) on the Platform unless absolutely necessary
D. Security Breach Reporting
If you become aware of any unauthorized access to your account or security vulnerability, immediately notify us at [email protected].
10. Data Breach Notification
A. Our Breach Response Process
In the event of a data breach that affects your Personal Information or Client data:
Investigation:
We will promptly investigate the breach
Determine the scope and nature of compromised information
Assess the risk to affected individuals
Take immediate steps to contain and remediate the breach
Notification:
We will notify you in accordance with applicable data breach notification laws
Notification will be provided without unreasonable delay
We will notify you via email to your registered email address
We may also post a notice on the Platform or use other communication methods
Information Provided: Our breach notification will include:
Description of the incident and when it occurred
Types of information that were compromised
Steps we have taken to address the breach
Recommended actions you can take to protect yourself
Contact information for questions and assistance
B. Timing of Notification
We will notify you as soon as reasonably possible after discovering the breach
Timing may vary based on:
Need to determine scope of breach
Need to restore Platform security
Law enforcement investigations
Applicable legal requirements (which may specify timing)
C. Your Breach Notification Obligations
If you experience a breach of your Client data or your account is compromised:
You must immediately notify Lead Savage at [email protected]
You are responsible for notifying your clients as required by law
You must cooperate with our breach investigation and remediation efforts
D. Limitations
Lead Savage's liability for any data breach is subject to the limitations set forth in the Terms of Service, Section 23 (Limitation of Liability).
11. International Data Transfers
A. Data Storage Location
Your information is primarily stored and processed in the United States. Our servers and data centers are located in the United States, and our primary service providers operate in the United States.
B. Cross-Border Transfers
If you access the Platform from outside the United States, your information will be transferred to, stored, and processed in the United States. The United States may have different data protection laws than your country of residence.
By using the Platform, you consent to the transfer of your information to the United States and other countries where we or our service providers operate.
C. Safeguards for International Transfers
When we transfer Personal Information from the European Economic Area (EEA), United Kingdom (UK), or other jurisdictions with data protection laws, we implement appropriate safeguards, which may include:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions by competent authorities
Binding Corporate Rules
Consent for specific transfers
Other legally recognized transfer mechanisms
D. EEA and UK Data Transfers
For individuals in the EEA and UK:
Lead Savage, LLC is the data controller of your Personal Information
We transfer your data to the United States, which may not have the same level of data protection as the EEA or UK
We rely on Standard Contractual Clauses and other appropriate safeguards to protect your information during transfer
For more information about your rights, see Section 18 (Rights of EEA and UK Residents).
12. Automated Decision-Making and Profiling
A. Automated Processing
We may use automated processing and algorithms to:
Personalize your experience on the Platform
Provide product or feature recommendations
Optimize Platform performance and functionality
Detect fraud and security threats
Analyze usage patterns and trends
Improve our Services
B. Profiling Activities
We may create profiles based on your usage patterns, preferences, and interactions with the Platform to:
Customize your user interface
Suggest relevant features or content
Improve customer support
Enhance marketing relevance
C. Solely Automated Decisions
We do not currently make solely automated decisions that produce legal effects or similarly significantly affect you. If we implement such processing in the future, we will:
Provide you with meaningful information about the logic involved
Explain the significance and consequences
Offer you the right to obtain human intervention
Allow you to express your point of view
Enable you to contest the decision
D. Your Rights
If you are in the EEA or UK, you have the right to:
Request information about automated decision-making
Object to profiling for marketing purposes
Request human review of automated decisions
Challenge decisions made solely by automated means
To exercise these rights, contact us at [email protected].
13. Marketing Communications and Your Choices
A. Types of Communications
We may send you:
Transactional Communications:
Account confirmations and updates
Transaction receipts and billing statements
Service announcements and updates
Security alerts and notifications
Customer support responses
Legal notices
You cannot opt-out of transactional communications, as they are necessary to provide the Services.
Marketing Communications:
Product announcements and new features
Educational content and best practices
Promotional offers and discounts
Newsletters and industry updates
Event invitations and webinars
Surveys and feedback requests
You can opt-out of marketing communications at any time.
B. How to Opt-Out
Email Marketing:
Click the "unsubscribe" link in any marketing email
Log into your account and update communication preferences
Email us at [email protected] with "Unsubscribe" in the subject line
SMS/MMS Marketing:
Reply "STOP" to any marketing text message
Contact us at [email protected]
Phone Marketing:
Request to be placed on our do-not-call list during the call
Email us at [email protected]
Direct Mail:
Email us at [email protected] to opt-out of physical mailings
C. Opt-Out Processing
We will process your opt-out request within 10 business days
You may continue to receive communications during the processing period
Opting out of marketing does not affect transactional communications
Separate opt-outs may be required for different communication channels
D. Third-Party Marketing
We do not sell or rent your information for third-party marketing purposes. We do not share your Personal Information with third parties for their direct marketing without your explicit consent.
14. Links to Other Websites and Services
A. Third-Party Links
The Platform may contain links to third-party websites, applications, and services that are not owned or controlled by Lead Savage, including:
Partner websites
Social media platforms
Integration services
Vendor sites
Educational resources
B. No Responsibility
We are not responsible for:
The privacy practices of third-party websites or services
The content or functionality of third-party sites
Information collected by third parties
Your interactions with third-party services
C. Third-Party Privacy Policies
Third-party websites and services have their own privacy policies and terms of service. We encourage you to review the privacy policies of any third-party sites you visit.
D. No Endorsement
The inclusion of links to third-party sites does not constitute or imply:
Endorsement of the third party
Sponsorship or affiliation
Approval of their content or practices
Any relationship between Lead Savage and the third party
15. Information From Children
A. Age Restriction
The Platform is not intended for children under 16 years of age. We do not knowingly collect, use, or disclose Personal Information from children under 16.
B. Parental Notice
If you are under 16, do not:
Use or provide any information on the Platform
Create an account or register for Services
Make any purchases through the Platform
Provide any information about yourself, including your name, address, telephone number, email address, or screen name
C. Parental Rights
If we learn that we have collected Personal Information from a child under 16 without verification of parental consent, we will delete that information as quickly as possible.
If you believe we have collected information from a child under 16, please contact us immediately at [email protected] with:
The child's name and email address (if known)
Your relationship to the child
A description of the information provided
D. Additional Protections
For children under 13, we comply with the Children's Online Privacy Protection Act (COPPA). We do not knowingly collect any information from children under 13 under any circumstances.
16. Your Rights and Choices
A. Access and Portability
You have the right to:
Access your Personal Information
Request a copy of the Personal Information we hold about you
Receive your information in a structured, commonly used format
Transmit your information to another service provider (where technically feasible)
B. Correction and Update
You have the right to:
Correct inaccurate or incomplete Personal Information
Update your account information at any time
Request that we correct errors in your information
To update your information:
Log into your account and edit your profile
Contact us at [email protected]
C. Deletion
You have the right to request deletion of your Personal Information, subject to certain exceptions.
Immediate Deletion: Cancel your account at https://account.leadsavage.io/bye for immediate deletion of all user-accessible data.
Deletion with Exceptions: Contact us at [email protected] to request deletion. We will comply within 45 days, except where we must retain information to:
Complete transactions or provide Services you requested
Comply with legal obligations
Resolve disputes and enforce agreements
Detect and prevent fraud or security issues
Exercise free speech or other rights
Engage in research (with anonymized data)
See Section 5 for detailed information about data retention and deletion.
D. Restriction and Objection
You have the right to:
Restrict processing of your Personal Information in certain circumstances
Object to processing based on legitimate interests
Object to direct marketing and profiling for marketing purposes
E. Consent Withdrawal
Where we process your information based on consent, you have the right to:
Withdraw consent at any time
Stop future processing based on that consent
Withdrawing consent does not affect the lawfulness of processing before withdrawal.
F. Exercising Your Rights
To exercise any of these rights:
Email us at [email protected]
Provide sufficient information to verify your identity
Specify which right you wish to exercise
Describe your request clearly
We will respond to verified requests within 45 days. We may extend the response time by an additional 45 days when reasonably necessary, with notice to you.
G. No Discrimination
We will not discriminate against you for exercising any of these rights, including by:
Denying goods or services
Charging different prices or rates
Providing different quality of goods or services
Suggesting you will receive different prices or quality
17. California Privacy Rights
If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA).
A. Categories of Personal Information Collected
We collect the following categories of Personal Information about California residents:
Identifiers: Real name, alias, postal address, unique personal identifier, online identifier, Internet Protocol address, email address, account name, phone number, or other similar identifiers
Customer Records Information: Name, signature, address, telephone number, credit card number, or other financial account information
Protected Classifications: Age, race, color, ancestry, national origin, citizenship, religion, marital status, medical condition, physical or mental disability, sex, sexual orientation, veteran or military status, genetic information
Commercial Information: Products or services purchased, obtained, or considered, purchasing or consuming histories or tendencies
Internet/Network Activity: Browsing history, search history, information on interaction with websites, applications, or advertisements
Geolocation Data: Physical location or movements
Sensory Information: Audio, electronic, visual, or similar information (e.g., recorded customer service calls)
Professional/Employment Information: Current or past job history, performance evaluations
Education Information: Education records
Inferences: Profiles reflecting preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes
B. Sources of Personal Information
We collect Personal Information from:
Directly from you
Your use of the Platform (automatically)
Third-party sources (partners, data providers, public databases)
Service providers and vendors
Social media platforms
Your clients and customers
C. Business and Commercial Purposes
We use Personal Information for the purposes described in Section 3 (How We Use Your Information), including:
Providing and improving Services
Processing transactions
Customer support
Marketing and advertising
Analytics and research
Security and fraud prevention
Legal compliance
D. Categories of Third Parties with Whom We Share Information
We share Personal Information with:
Service providers and subprocessors
Payment processors
Analytics providers
Marketing platforms
Professional advisors (lawyers, accountants)
Government entities and law enforcement (when required)
Parties in business transactions (mergers, acquisitions)
E. Sale and Sharing of Personal Information
We do not sell your Personal Information as "sale" is defined under the CCPA.
We may "share" your Personal Information for cross-context behavioral advertising purposes. You have the right to opt-out of such sharing.
F. Sensitive Personal Information
We may collect the following categories of Sensitive Personal Information:
Social security numbers, driver's license numbers, passport numbers (for identity verification, if required)
Financial account information (for payment processing)
Precise geolocation (if you enable location services)
Racial or ethnic origin, religious beliefs (if you voluntarily provide)
Contents of communications (messages sent through the Platform)
We use and disclose Sensitive Personal Information only for purposes permitted by law.
G. Your California Rights
Right to Know: You have the right to request that we disclose:
Categories of Personal Information collected
Categories of sources
Business or commercial purposes for collection
Categories of third parties with whom we share information
Specific pieces of Personal Information collected
Right to Delete: You have the right to request deletion of your Personal Information, subject to certain exceptions.
Right to Correct: You have the right to request correction of inaccurate Personal Information.
Right to Opt-Out: You have the right to opt-out of:
Sale of Personal Information (not applicable - we don't sell)
Sharing for cross-context behavioral advertising
Automated decision-making technology
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of Sensitive Personal Information to purposes permitted by law.
Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.
H. Exercising Your California Rights
To exercise your rights:
Email: [email protected]
Subject Line: "California Privacy Request"
Include: Your name, email address, California residency confirmation, and specific request
Verification Process:
We will verify your identity before processing requests
We may request additional information to verify your identity
You may designate an authorized agent to make requests on your behalf
Response Time:
We will respond within 45 days of receiving your request
We may extend by an additional 45 days when necessary, with notice
I. Authorized Agents
California residents may designate an authorized agent to make requests on their behalf. To designate an agent:
Provide written authorization signed by you
Verify your identity
Verify the agent's authority
J. California Shine the Light
Under California Civil Code Section 1798.83, California residents have the right to request information about disclosure of Personal Information to third parties for direct marketing purposes. To make such a request, contact us at [email protected].
K. Retention Period
We retain your Personal Information for the periods described in Section 5 (Data Retention and Deletion).
18. Rights of EEA and UK Residents
If you are located in the European Economic Area (EEA) or United Kingdom (UK), you have specific rights under the General Data Protection Regulation (GDPR) and UK GDPR.
A. Data Controller
Lead Savage, LLC is the controller of your Personal Information.
Contact Information: Lead Savage, LLC
115 E Main St. - Ste. A1B-9H
Buford, GA 30518
Email: [email protected]
B. Legal Basis for Processing
We process your Personal Information based on the following legal grounds:
Contract Performance: Processing necessary to perform our contract with you, including:
Providing the Services
Processing payments
Managing your account
Customer support
Legitimate Interests: Processing necessary for our legitimate business interests, including:
Improving our Services
Marketing and advertising
Fraud prevention and security
Analytics and research
Business operations
We balance our legitimate interests against your rights and freedoms.
Legal Obligations: Processing necessary to comply with legal requirements, including:
Tax and accounting obligations
Regulatory requirements
Legal proceedings and court orders
Consent: Processing based on your explicit consent for specific purposes, including:
Marketing communications (where consent is required)
Cookies and tracking (where consent is required)
Processing special categories of data
You can withdraw consent at any time without affecting the lawfulness of processing before withdrawal.
C. Your Rights Under GDPR
Right of Access: You have the right to obtain:
Confirmation of whether we process your Personal Information
Access to your Personal Information
Information about the processing
Right to Rectification: You have the right to obtain correction of inaccurate or incomplete Personal Information.
Right to Erasure (Right to be Forgotten): You have the right to request deletion of your Personal Information when:
It is no longer necessary for the purposes collected
You withdraw consent (where processing is based on consent)
You object to processing based on legitimate interests
Processing is unlawful
Legal obligations require deletion
Right to Restriction: You have the right to restrict processing when:
You contest the accuracy of Personal Information
Processing is unlawful but you prefer restriction over erasure
We no longer need the data but you need it for legal claims
You object to processing pending verification
Right to Data Portability: You have the right to:
Receive your Personal Information in a structured, commonly used format
Transmit your data to another controller
Have your data transmitted directly between controllers (where technically feasible)
Right to Object: You have the right to object to:
Processing based on legitimate interests
Direct marketing (including profiling for marketing)
Processing for research or statistical purposes
Rights Related to Automated Decision-Making: You have the right to:
Not be subject to solely automated decisions with legal or significant effects
Obtain human intervention
Express your point of view
Contest the decision
See Section 12 for more information about automated processing.
D. Exercising Your Rights
To exercise your rights:
Email us at [email protected]
Clearly describe your request
Provide information to verify your identity
We will respond within one month. We may extend by two additional months for complex requests, with notice.
E. Right to Lodge a Complaint
You have the right to lodge a complaint with a supervisory authority if you believe our processing violates GDPR:
For UK residents: Information Commissioner's Office (ICO)
Website: https://ico.org.uk
For EEA residents: Your local data protection authority
F. Data Protection Officer
We have not appointed a Data Protection Officer as we are not required to do so under GDPR. For privacy inquiries, contact us at [email protected].
G. International Transfers
See Section 11 for information about international data transfers.
19. Other State Privacy Rights
Residents of certain other U.S. states may have additional privacy rights under state law.
A. Virginia (VCDPA), Colorado (CPA), Connecticut (CTDPA), and Similar Laws
If you are a resident of Virginia, Colorado, Connecticut, or other states with comprehensive privacy laws, you may have rights similar to those described in Section 17 (California Privacy Rights), including:
Right to confirm whether we process your Personal Information
Right to access your Personal Information
Right to correct inaccuracies in your Personal Information
Right to delete your Personal Information
Right to obtain a copy of your Personal Information (data portability)
Right to opt-out of:
Targeted advertising
Sale of Personal Information
Profiling in furtherance of decisions with legal or significant effects
B. Exercising State Privacy Rights
To exercise rights under state privacy laws:
Email us at [email protected]
Specify your state of residence
Describe your request
Provide verification information
We will respond within the timeframe required by applicable state law (typically 45 days).
C. Appeals Process
If we deny your request, you have the right to appeal our decision. To appeal:
Email [email protected] within a reasonable time after our denial
Include "Privacy Rights Appeal" in the subject line
Explain the basis for your appeal
We will respond to appeals within the timeframe required by applicable law.
20. Do Not Track
Some web browsers incorporate a "Do Not Track" (DNT) feature that signals websites you visit that you do not want your online activity tracked.
A. Our Response to DNT
At this time, the Platform does not respond to DNT signals or similar mechanisms. There is no industry consensus on how to respond to DNT signals, and we may revisit our approach as standards develop.
B. Third-Party Tracking
Third-party analytics and advertising services we use may track your activity across websites and over time. These services may not respond to DNT signals.
C. Opt-Out Alternatives
Although we don't respond to DNT, you can control tracking through:
Browser cookie settings (see Section 7)
Third-party opt-out tools (Network Advertising Initiative, Digital Advertising Alliance)
Google Analytics opt-out: https://tools.google.com/dlpage/gaoptout
21. Changes to This Privacy Policy
A. Updates to Privacy Policy
We may update this Privacy Policy from time to time to reflect:
Changes in our practices
Changes in applicable law
New features or Services
Feedback from users
Industry best practices
B. Material Changes
For material changes that substantially affect your privacy rights:
We will provide at least 30 days' advance notice
Notice will be sent to your registered email address
We may also post a notice on the Platform
The notice will describe the material changes
Material changes may include:
Significant changes to how we collect, use, or share information
Changes to data retention periods
New categories of information collected
Changes to your rights or how to exercise them
Changes to third-party sharing practices
C. Non-Material Changes
For non-material changes (clarifications, formatting, minor updates):
Changes are effective immediately when posted
We will update the "Last Updated" date at the top of the Privacy Policy
Your continued use of the Platform constitutes acceptance
D. Review Regularly
We encourage you to review this Privacy Policy periodically to stay informed about our practices.
22. How to Contact Us
A. Privacy Questions and Requests
For questions about this Privacy Policy or to exercise your privacy rights:
Email: [email protected]
Subject Line: "Privacy Inquiry" or specify your request type
Mail:
Lead Savage, LLC
ATTN: Privacy Team
115 E Main St. - Ste. A1B-9H
Buford, GA 30518
B. Data Protection Inquiries
For EEA and UK residents with data protection inquiries:
Email: [email protected]
Subject Line: "GDPR Inquiry" or "Data Protection"
C. Security Issues
To report security vulnerabilities or incidents:
Email: [email protected]
Subject Line: "Security Issue" (mark as URGENT)
D. Response Time
We will respond to privacy inquiries within:
45 days for general inquiries
30 days for GDPR requests (EEA/UK residents)
45 days for CCPA requests (California residents)
Timeframes required by other applicable state laws
We may extend response times when necessary, with notice to you.
EFFECTIVE DATE: MARCH 2, 2023
Lead Savage is your all-in-one marketing and automation solution! Made for photographers, by photographers.
