Secure Data Contract

Privacy Policy

Last Updated: May 2026

1. Introduction

Welcome to LeadKraft AI ("we," "our," or "us"). We respect your privacy and are committed to protecting your personal data. This privacy policy will inform you as to how we look after your personal data when you visit our website and tell you about your privacy rights.

2. Data We Collect

As a multi-tenant AI SaaS platform, we may collect, use, store and transfer different kinds of personal data about you, including Identity Data (first name, last name), Contact Data (email address, telephone numbers), and Usage Data regarding how you interact with our AI services via WhatsApp.

3. How We Use Your Data

We will only use your personal data when the law allows us to. Most commonly, we will use your personal data to perform the contract we are about to enter into or have entered into with you, and to manage our Meta API integrations to facilitate AI communications. We do not sell your data to third parties.

4. Data Deletion

You have the right to request the deletion of your personal data. If you wish to delete your data or your connected WhatsApp business data from LeadKraft AI, please contact us.

5. Data Sharing and Transfer Policy

LeadKraft AI strictly complies with the Google API Services User Data Policy, including the Limited Use requirements. We do not sell, transfer, or disclose any user data obtained through Google Workspace APIs to third parties for advertising, market research, or any other unauthorized purposes. Data is only shared with our designated third-party AI service provider strictly for the purpose of providing the core functionality of the application, and this data is not used to train generalized AI/ML models.

6. Data Protection and Security Mechanisms

LeadKraft AI implements industry-standard security measures to protect sensitive user data. All data obtained via Google APIs is encrypted in transit using TLS 1.3 (Transport Layer Security) and encrypted at rest using AES-256 encryption on our secure cloud servers. Access to sensitive Google user data is strictly restricted to authorized automated processes required for the application's core operation, and we maintain strict access logging and monitoring.