Privacy policy

Last updated: 24/03/2025 (dd/mm/YYYY)

At Webleadr, we are committed to protecting your privacy and ensuring that your personal data is handled in compliance with the General Data Protection Regulation (GDPR). This Privacy Policy explains how we collect, use, and safeguard your data.

What data do we collect
How do we collect and use your data
Legal basis for processing
What are your data protection user rights
What are cookies
What types of cookies do we use
How to manage your cookies
Data security
Data retention
Links to third-party websites and services
International data transfers
Changes to our privacy policy
How to contact us

What data do we collect

We collect personal data, including:

Email Address: For account creation, authentication, and communication.
Device Information: Collected through Sentry for app monitoring and error tracking.
Usage Information: Collected through PostHog for analytics, feature adoption tracking, and user journey analysis.
Payment Information: Processed by Paddle to handle orders and payments.
AI-driven content generation: Data may be sent to OpenAI for generating content using AI.
Cookies: Used for authentication, analytics, and YouTube embeds.

How do we collect and use your data

We collect data through:

User Input: Data you provide during registration, login, and account management.
Third party services:
- Sentry: For app monitoring and error tracking (Sentry's privacy policy).
- Supabase: For authentication and email-related events (Supabase's privacy policy).
- Resend: For email-related events (Resend's privacy policy).
- Paddle: For payment processing (Paddle's privacy policy).
- OpenAI: For AI-driven content generation (OpenAI's privacy policy).
- PostHog: For analytics and user behavior tracking (PostHog's privacy policy).
Cookies and Tracking Technologies: Used for functionality and YouTube embeds (Google's privacy policy).

Legal basis for processing

We process your data based on the following legal bases:

Contract Performance: To provide services (e.g., account management, payments).
Legitimate Interest: For app monitoring and error tracking.

What are your data protection user rights

You have the following rights under GDPR:

Right to Access: Request copies of your data.
Right to Rectification: Correct inaccurate or incomplete data.
Right to Erasure: Delete your account and associated data.
Right to Restrict Processing: Limit how your data is used.
Right to Object: Object to data processing under specific circumstances.
Right to Data Portability: Request your data in a portable format.

To exercise your rights, contact us at [email protected].

What are cookies

Cookies are text files placed on your local computer to collect information for later use.

What types of cookies do we use

We utilize functional cookies that are essential for the operation of our application. The majority of these cookies are used for authentication purposes, enabling registered users to fully utilize our service. We also use analytics cookies through PostHog to understand how users interact with our application, helping us improve functionality and user experience. Furthermore, some cookies are employed by YouTube (owned by Google) to ensure the functionality of YouTube video-embedded fragments.

How to manage your cookies

While it is technically possible, it is not advisable to manually manage/remove cookies. This action will log you out and may disrupt the app, thereby preventing you from utilizing core features such as purchasing credits.

Data security

We implement robust security measures to protect your personal data:

Encryption: All data is encrypted during transmission and storage.
Access Control: Only authorized personnel can access sensitive data.
Secure Authentication: User accounts are protected by modern authentication protocols like OAuth and JWT.
Password Protection: Passwords are stored using strong hashing algorithms.

Data retention

We retain your personal data only for as long as it is necessary to fulfill the purposes outlined in this Privacy Policy. Account-related data, such as your email address and authentication details, is retained for the duration of your account’s existence. Once you delete your account, all associated personal data is permanently removed from our systems, except where retention is required by law.

Payment-related data is retained for a legally required period to comply with tax and financial regulations. This includes data related to invoices and transaction records, which are typically retained for six to ten years, depending on the applicable laws.

Links to Third-Party websites and services

We may include links to third-party websites or services that we do not control. We are not accountable for the practices or content of these linked websites or services. Your use of any third-party website or service is governed by their respective terms and policies, not ours. Using such websites or services is at your own risk, and we advise you to review their privacy policies before sharing any personal information.

International data transfers

Some of our third-party services transfer data outside the European Economic Area (EEA). These transfers comply with GDPR standards through the use of Standard Contractual Clauses (SCCs) and other safeguards. For example:

Paddle, Sentry, PostHog, and Cloudflare have implemented SCCs to ensure your data is protected during international transfers.

Changes to our privacy policy

We regularly review our privacy policy and update this page accordingly.

How to contact us

For questions or comments about Webleadr's privacy policy or the data we hold on you, contact us at [email protected]

To homepage