Privacy Policy

Last updated: 13 May 2026 Effective date: 13 May 2026

1. Introduction

This Privacy Policy describes how Socialfame LLC ("Socialfame", "we", "us", or "our") collects, uses, stores, shares, and protects your personal information when you use the LEADS mobile application (the "App") and our website at tryleads.app (the "Site", together with the App, the "Service").

We take your privacy seriously. We do not sell your data, we do not display advertising, and we do not share your data with third parties for marketing purposes.

Data Controller: Socialfame LLC, a limited liability company organized under the laws of the State of Delaware, United States. Contact: hello@tryleads.app

2. Information we collect

2.1 Information you provide directly

  • Account information: email address, password (stored hashed), display name (optional).
  • Profile information: profession, sales industry, language preference, and any custom information you add to your profile.
  • Lead data: names, contact details, notes, conversation history, and any other information you choose to add about your leads. This data belongs to you.
  • Support correspondence: when you email us, we keep a record of the correspondence.

2.2 Information collected automatically

  • Device information: device model, operating system version, app version, language, timezone.
  • Usage data: aggregated and anonymized analytics about how features are used (we do not track individual user behavior).
  • Crash and error logs: technical data sent automatically when the App encounters an error, used to fix bugs.
  • IP address: collected briefly during authentication and stored only for security purposes (rate limiting, fraud prevention).

2.3 Information from third-party services

  • In-app purchases: when you subscribe to Premium, RevenueCat (our subscription management provider) and Apple share with us the status of your subscription (active / expired) but not your payment details. We never see your credit card or banking information.

3. Legal basis for processing (GDPR)

We process your personal data on the following legal bases:

  • Contract performance (GDPR Art. 6(1)(b)): to provide the Service you signed up for.
  • Legitimate interest (GDPR Art. 6(1)(f)): to maintain security, prevent fraud, and improve the Service.
  • Consent (GDPR Art. 6(1)(a)): for non-essential cookies on the Site and optional features such as crash reporting opt-in.
  • Legal obligation (GDPR Art. 6(1)(c)): to comply with tax, accounting, and legal requirements.

4. How we use your information

We use your information to:

  • Provide, maintain, and improve the Service.
  • Authenticate you and protect your account.
  • Generate AI-powered suggestions through Leadsy (see Section 5).
  • Manage your subscription and process renewals.
  • Send service-related emails (account confirmation, password reset, subscription updates). We do not send marketing emails without your explicit consent.
  • Respond to your support requests.
  • Detect and prevent abuse, fraud, and security threats.
  • Comply with legal obligations.

5. AI-powered features (Leadsy)

Leadsy is the AI sales coach embedded in the App. It is powered by Claude, a large language model developed by Anthropic, PBC.

How it works:

  • When you interact with Leadsy, we send the content of your message and the relevant context (selected lead data, recent conversation history) to Anthropic's API.
  • Anthropic processes this data to generate a response, which is returned to the App and displayed to you.
  • Anthropic does not use this data to train their models. Anthropic has committed not to train on data submitted through their API. See Anthropic's data usage policy.
  • We do not store the conversations with Leadsy on Anthropic's servers beyond the time strictly necessary to generate a response.
  • Conversation history with Leadsy is stored on our own infrastructure (Supabase EU servers) and remains accessible only to you.

You can disable Leadsy at any time by not using the feature. Disabling Leadsy does not affect the core CRM features of the App.

6. Data storage and security

6.1 Where your data is stored

Your data is stored on servers operated by Supabase, Inc., located in the European Union (Paris region, AWS eu-west-3). This region was specifically chosen to ensure compliance with GDPR and to minimize data transfers outside the EU.

6.2 Security measures

  • All data is encrypted in transit using TLS 1.3.
  • All data is encrypted at rest using AES-256.
  • Passwords are stored hashed with bcrypt; we never see your plaintext password.
  • Access to production databases is restricted to authorized personnel only and audited.
  • We run regular security audits and monitor for vulnerabilities.

6.3 Data retention

  • Active accounts: we retain your data as long as your account is active.
  • Deleted accounts: when you delete your account, all your personal data is permanently erased within 30 days, except where retention is required by law (e.g. tax records, kept for the duration required by applicable tax law).
  • Backups: encrypted backups are retained for up to 30 days for disaster recovery purposes, then permanently deleted.
  • Support correspondence: kept for 2 years after the last interaction.

7. Data sharing and third parties

We share your data only with the following service providers ("sub-processors"), strictly for the purpose of providing the Service:

ProviderPurposeData sharedLocation
Supabase, Inc.Database, authentication, file storageAll account and lead dataEU (Paris)
Anthropic, PBCAI processing for LeadsyLead context + your messages to LeadsyUSA
RevenueCat, Inc.Subscription managementApple subscription receipt, user IDUSA
Apple Inc.App distribution, in-app purchasesAnonymized device ID, purchase dataUSA
ResendTransactional emails (password reset, account confirmation)Your email address, email contentUSA / EU
Vercel, Inc.Hosting for tryleads.app (Site only, not App data)IP address during page visitsGlobal edge network

We do not sell or rent your personal data to any third party. We do not share your data with advertisers, data brokers, or for marketing purposes.

International data transfers: where data is transferred outside the EU (notably to Anthropic, RevenueCat, Apple), we rely on the European Commission's Standard Contractual Clauses (SCCs) to ensure adequate protection.

8. Your rights (GDPR + CCPA)

You have the following rights regarding your personal data:

  • Right to access: request a copy of all personal data we hold about you.
  • Right to rectification: correct inaccurate data.
  • Right to erasure ("right to be forgotten"): request deletion of your data.
  • Right to restrict processing: ask us to stop processing your data in certain cases.
  • Right to data portability: receive your data in a machine-readable format (JSON).
  • Right to object: object to processing based on legitimate interest.
  • Right to withdraw consent: withdraw any consent you previously gave.
  • Right to lodge a complaint: file a complaint with the CNIL (France) or your local data protection authority.

California residents (CCPA) additionally have:

  • The right to know what categories of personal information are collected.
  • The right to delete personal information.
  • The right to opt out of the sale of personal information (we do not sell personal information).
  • The right to non-discrimination for exercising these rights.

How to exercise your rights: email hello@tryleads.app with your request. We will respond within 30 days (GDPR) or 45 days (CCPA). Most rights can also be exercised directly in the App (Settings → Account → Export data / Delete account).

9. Cookies (Site only)

The App does not use cookies.

The Site (tryleads.app) uses only strictly necessary cookies:

  • preferred-locale: stores your language preference (FR/EN). Lifetime: 1 year.
  • session-id: temporary session identifier for site navigation. Lifetime: session.

We do not use analytics cookies, marketing cookies, or third-party tracking cookies. We do not have a cookie banner because we only use strictly necessary cookies, which are exempt from consent requirements under EU law.

10. Children's privacy

The Service is not directed to children under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe a child has provided us with personal information, please contact us at hello@tryleads.app and we will delete it immediately.

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the Service, or legal requirements. When we make material changes, we will notify you by email (if you have an account) and update the "Last updated" date at the top of this page. Continued use of the Service after the changes take effect constitutes acceptance of the updated Policy.

12. Contact

For any question regarding this Privacy Policy or your personal data:

Socialfame LLC Email: hello@tryleads.app

Data Protection Officer (DPO): not currently appointed, as Socialfame LLC does not meet the GDPR threshold requiring a DPO. The contact above handles all privacy requests.

EU Representative: if appointed in the future, contact details will be added here. Currently, EU residents can reach us directly at hello@tryleads.app.