LeadSeed Data Policy / Privacy Policy Last updated: 20th May, 2026 LeadSeed respects your privacy and is committed to protecting personal data. This Data Policy explains how LeadSeed — Business Growth Platform collects, uses, stores, shares and protects personal data when you visit our website, contact us, create an account, use our platform, receive our services, communicate with us, or when your information is processed through our platform by one of our customers. LeadSeed is operated from: LeadSeed — Business Growth Platform BR2 0XG, Bromley, London, United Kingdom Phone: +44 7999 691620 Email: [email protected] Website: https://leadseed.club For privacy-related questions, contact us at: [email protected] ⸻ 1. Who This Policy Applies To This Policy applies to: * visitors to our website; * people who contact LeadSeed; * people who request demos, free access, trials or support; * customers and account users; * businesses using LeadSeed; * employees, contractors or representatives of our customers; * leads, prospects, clients or contacts whose data is added to LeadSeed by our customers; * people who receive communications sent through LeadSeed. This Policy does not replace the privacy policy of businesses that use LeadSeed. If a business contacts you using LeadSeed, that business is usually responsible for explaining how it uses your personal data. ⸻ 2. Our Role: Controller and Processor Data protection law uses different roles. A controller decides why and how personal data is used. A processor processes personal data on behalf of a controller. The ICO explains that controllers are the main decision-makers, while processors act on the controller’s instructions. LeadSeed may act as: 2.1 Controller We act as a controller when we decide how and why we process personal data, including when we process data about: * website visitors; * people who contact us; * our customers and account users; * billing, sales and support contacts; * marketing leads for LeadSeed; * people who apply for access to LeadSeed; * people who interact with our own marketing. 2.2 Processor We may act as a processor when our customers use LeadSeed to process personal data about their own leads, customers, contacts, prospects or end users. In that situation: * our customer is usually the controller; * LeadSeed processes the data on the customer’s behalf; * the customer decides what data to collect, who to contact, what messages to send, what automations to run and how long to keep the data; * LeadSeed provides tools, hosting, platform access, support and related processing. 2.3 Third-Party Providers Some parts of LeadSeed may be powered by third-party platforms, including HighLevel, GoHighLevel, LeadConnector, communication providers, hosting providers, payment providers, analytics tools and other processors or sub-processors. HighLevel’s own GDPR guidance states that it acts seriously in its duties as a processor and uses a Data Processing Agreement and Standard Contractual Clauses for transfers of personal data to the USA. ⸻ 3. Personal Data We Collect Depending on how you interact with LeadSeed, we may collect the following categories of personal data. 3.1 Identity and Contact Data This may include: * name; * business name; * job title; * email address; * phone number; * postal address; * country; * profile details; * account user details. 3.2 Account Data This may include: * login credentials; * account settings; * plan type; * user roles; * permissions; * account activity; * support history; * onboarding status; * platform usage information. 3.3 Business Data This may include: * business type; * industry; * services offered; * customer journey information; * sales pipeline information; * appointment data; * CRM records; * marketing campaign details; * forms, funnels, workflows and automations; * notes and tags added inside the platform. 3.4 Customer Platform Data When a business uses LeadSeed, it may upload, collect or process personal data about its own leads, customers, contacts or prospects. This may include: * names; * phone numbers; * email addresses; * addresses; * appointment information; * enquiry details; * messages; * form submissions; * survey answers; * purchase or booking information; * pipeline status; * notes; * tags; * consent status; * communication history. The business using LeadSeed is responsible for ensuring it has a lawful basis to collect and process this data. 3.5 Communications Data This may include: * emails sent to or from us; * support messages; * SMS messages; * WhatsApp-related messages; * chat messages; * call notes; * voicemail information; * message delivery status; * unsubscribe or opt-out records. 3.6 Payment and Billing Data If you pay for LeadSeed, we may process billing-related information such as: * billing name; * billing email; * billing address; * plan information; * invoice information; * payment status; * transaction records. Payment card details may be processed by third-party payment providers. We do not aim to store full card details ourselves. 3.7 Technical and Usage Data This may include: * IP address; * browser type; * device type; * operating system; * pages visited; * links clicked; * referral source; * login times; * session data; * error logs; * analytics data; * approximate location based on IP; * cookies and tracking technologies. 3.8 Sensitive Data LeadSeed is not designed for unnecessary processing of special category data, such as health, biometric, religious, political, sexual orientation or highly sensitive personal data. You must not upload sensitive personal data into LeadSeed unless: * you have a valid lawful basis; * you have met all legal requirements; * the processing is necessary for your business; * you have appropriate safeguards in place; * the platform is suitable for that use. We may restrict or remove data or accounts that create elevated legal, compliance or security risk. ⸻ 4. How We Collect Personal Data We may collect personal data: * directly from you; * when you fill in forms; * when you create an account; * when you book a demo; * when you contact support; * when you use the platform; * when you interact with our website; * when you subscribe to updates; * when you respond to campaigns; * when you connect third-party tools; * from our customers who upload or collect data through LeadSeed; * from third-party providers used to operate the service. ⸻ 5. How We Use Personal Data We use personal data to: * provide LeadSeed; * create and manage accounts; * deliver CRM, automation, messaging, calendar, funnel and marketing features; * provide support; * onboard customers; * process payments and invoices; * communicate with users; * send service updates; * send marketing where legally allowed; * improve the platform; * monitor performance and security; * prevent fraud, abuse and spam; * comply with legal obligations; * enforce our Terms of Use; * manage Free Plans and Paid Plans; * investigate technical issues; * protect the platform, users and third parties. ⸻ 6. Lawful Bases for Processing Where UK GDPR applies, we rely on one or more lawful bases depending on the context. These may include: 6.1 Contract We process data where necessary to provide LeadSeed, manage accounts, provide support, process billing and deliver services you requested. 6.2 Legitimate Interests We may process data for legitimate business interests, including improving LeadSeed, preventing fraud, maintaining security, supporting customers, analysing usage, sending relevant B2B communications and protecting our legal rights. We only rely on legitimate interests where we consider that our interests are not overridden by your rights and freedoms. 6.3 Consent We may rely on consent for certain marketing, cookies or optional communications. You can withdraw consent where processing is based on consent. 6.4 Legal Obligation We may process data where required to comply with tax, accounting, legal, regulatory, fraud prevention or law enforcement obligations. 6.5 Processor Instructions Where we act as processor, we process personal data on our customer’s instructions, subject to our Terms, Data Processing Agreement and applicable law. ⸻ 7. Marketing Communications We may send marketing communications about LeadSeed, including product updates, offers, events, demos, guides, training, Free Plan updates and related services. Electronic marketing in the UK is governed by both data protection law and PECR. The ICO states that PECR restricts unsolicited marketing by phone, fax, email, text or other electronic message, and that rules are generally stricter for individuals than for companies. For marketing emails or texts to individuals, the ICO says specific consent is usually needed, with a limited “soft opt-in” exception for previous customers. Where we send B2B marketing, different rules may apply. The ICO explains that PECR’s electronic mail marketing rule does not apply in the same way to corporate subscribers, but businesses should still respect objections and maintain suppression lists. You can opt out of LeadSeed marketing at any time by using an unsubscribe link or contacting [email protected]. Service messages, billing messages, security alerts and important account notices are not marketing and may still be sent where necessary. ⸻ 8. Customer Responsibility for Marketing If you use LeadSeed to send emails, SMS, WhatsApp-related messages, calls, voicemails, social messages or other communications to your own contacts, you are responsible for complying with applicable laws. This includes responsibility for: * obtaining consent where required; * keeping consent records; * providing unsubscribe or opt-out options; * honouring opt-outs; * maintaining suppression lists; * ensuring message content is lawful; * not sending spam; * complying with PECR, UK GDPR and industry rules; * complying with carrier, email, WhatsApp, social media and platform policies. LeadSeed is not responsible for unlawful messages, spam, misleading claims or non-compliant marketing sent by customers using the platform. ⸻ 9. Cookies and Tracking Technologies We may use cookies, pixels, analytics tools and similar technologies to operate, secure, improve and personalise our website and platform. These may be used to: * keep users logged in; * remember preferences; * analyse website usage; * monitor performance; * understand campaigns; * improve user experience; * detect fraud or abuse; * support advertising or retargeting where allowed. Where required, we will request consent for non-essential cookies. You can control cookies through your browser settings and, where available, through our cookie banner or preferences tool. ⸻ 10. Sharing Personal Data We may share personal data with: * platform providers; * HighLevel, GoHighLevel, LeadConnector or related infrastructure providers; * hosting providers; * telecom, SMS, email, WhatsApp-related and communication providers; * payment processors; * analytics providers; * support tools; * security providers; * contractors and service providers; * professional advisers; * legal, regulatory or law enforcement authorities where required; * buyers, successors or partners in connection with a business transfer. We only share personal data where necessary for legitimate business purposes, legal compliance, service delivery, security, support, payment, operations or where you have authorised it. ⸻ 11. HighLevel, GoHighLevel and LeadConnector LeadSeed may use third-party technology from HighLevel, GoHighLevel, LeadConnector or related services. This means personal data may be processed through their systems when LeadSeed accounts, CRM records, forms, funnels, automations, communications, calendars, pipelines, messages or integrations are used. LeadConnector publishes its own Privacy Policy explaining how it collects and uses personal information when users visit its website or use its platform. Where these providers act as processors or sub-processors, their own data processing terms, privacy policies, security practices, infrastructure and international transfer mechanisms may apply. LeadSeed is not responsible for independent decisions, outages, policy changes, processing activities or failures caused by third-party providers outside our reasonable control. ⸻ 12. International Transfers Some personal data may be processed outside the United Kingdom, including in the United States or other countries where our third-party providers operate. Where required, we aim to rely on appropriate safeguards, such as: * UK International Data Transfer Agreement; * UK Addendum to EU Standard Contractual Clauses; * Standard Contractual Clauses; * adequacy decisions; * contractual protections; * provider data processing terms. HighLevel states in its GDPR guidance that its Data Processing Agreement uses Standard Contractual Clauses to support lawful transfers of personal data to the USA. ⸻ 13. Data Security We use reasonable technical and organisational measures to protect personal data. These may include: * access controls; * passwords and authentication; * role-based permissions; * secure third-party infrastructure; * encryption where supported; * logging and monitoring; * backups; * staff or contractor access restrictions; * security review of providers where appropriate. No system is completely secure. We cannot guarantee absolute security of data transmitted through the internet, third-party platforms or communication networks. You are responsible for securing your own account, devices, passwords, users, integrations and connected tools. ⸻ 14. Data Retention We keep personal data only as long as reasonably necessary for the purposes described in this Policy. Retention periods may depend on: * account status; * plan type; * legal requirements; * tax and accounting obligations; * support needs; * backup cycles; * security and fraud prevention; * dispute resolution; * contractual obligations; * customer instructions where we act as processor. If you are a LeadSeed customer, you may request deletion or export of your account data, subject to legal, technical, billing, security and third-party restrictions. Where we act as processor, retention and deletion may depend on our customer’s instructions. ⸻ 15. Your Rights Depending on applicable law, you may have rights to: * access your personal data; * correct inaccurate data; * request deletion; * restrict processing; * object to processing; * request data portability; * withdraw consent; * complain to a supervisory authority. The ICO’s UK GDPR guidance covers individual rights, including privacy notices, subject access requests and deletion, correction, movement or restriction of personal data. To exercise your rights, contact: [email protected] We may need to verify your identity before responding. ⸻ 16. Requests About Data Held by LeadSeed Customers If your data is held in LeadSeed by one of our customers, that customer is usually the controller of your data. For example, if a salon, clinic, tradesperson, agency, consultant, photographer or other business contacted you using LeadSeed, that business likely decides why your data is used and how it communicates with you. In that case, you should contact that business directly to exercise your privacy rights. If you contact us, we may forward your request to the relevant customer or help them respond, where appropriate and legally permitted. ⸻ 17. Children’s Data LeadSeed is not intended for use by children. We do not knowingly collect personal data directly from children for our own marketing or account creation. Customers must not use LeadSeed to collect or process children’s data unless they have a lawful basis, appropriate safeguards and all required permissions. ⸻ 18. Free Plans and Data If you use a Free Plan, we may still process personal data to provide and secure the service, manage your account, monitor usage, prevent abuse, send service notices and enforce our Terms. Free Plan accounts may have limits on storage, features, support, retention, export, automations, messaging or account activity. We may suspend, delete, restrict or close inactive or abusive Free Plan accounts in accordance with our Terms of Use. ⸻ 19. Automated Processing and AI LeadSeed may include automations, workflows, AI-assisted tools, templates, suggested replies, summaries, campaign suggestions or automated decision-support features. You are responsible for reviewing outputs, messages and automations before using them with your customers. LeadSeed does not guarantee that AI-generated or automated content will be accurate, lawful, compliant, appropriate or suitable for your business. We do not intentionally use customer platform data to train public AI models unless expressly stated or agreed. ⸻ 20. Data Breaches If we become aware of a personal data breach affecting data we control, we will assess the incident and take appropriate steps under applicable law. Where we act as processor and a breach affects customer-controlled data, we will notify the relevant customer where legally required and reasonably possible. Customers are responsible for assessing whether they must notify regulators or affected individuals where they are the controller. ⸻ 21. Changes to This Policy We may update this Data Policy from time to time. Changes may be made to reflect: * new features; * new providers; * legal changes; * platform changes; * HighLevel/LeadConnector changes; * security updates; * business model changes; * Free Plan or Paid Plan changes. Where changes are material, we will take reasonable steps to notify users, such as email, platform notice or website update. Your continued use of LeadSeed after changes means you accept the updated Policy where applicable. ⸻ 22. Complaints If you have concerns about how we handle personal data, contact us first at: [email protected] You may also complain to the UK Information Commissioner’s Office. ICO website: https://ico.org.uk ⸻ 23. Contact Details LeadSeed — Business Growth Platform BR2 0XG, Bromley, London, United Kingdom Phone: +44 7999 691620 Email: [email protected] Website: https://leadseed.club
Legal
Privacy Policy
This Data Policy explains how LeadSeed collects, uses, stores, shares and protects personal data.