LeadsTerra

GDPR Compliance

Last Updated: April 6, 2024

Introduction

At LeadsTerra, we are committed to protecting the privacy and security of your personal data. This GDPR Compliance statement explains how we comply with the General Data Protection Regulation (GDPR), which is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area.

This statement should be read alongside our Privacy Policy, Terms of Service, and Cookie Policy.

Data Controller Information

LeadsTerra acts as a data controller for the personal information we collect and process. As a data controller, we determine the purposes and means of processing personal data.

For any questions regarding our GDPR compliance or to exercise your rights under GDPR, please contact our Data Protection Officer at:

Email: support@leadsterra.com

Legal Basis for Processing

Under GDPR, we process your personal data based on one or more of the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose.
  • Contract: Where processing is necessary for the performance of a contract with you or to take steps at your request before entering into a contract.
  • Legal Obligation: Where processing is necessary for compliance with a legal obligation to which we are subject.
  • Legitimate Interests: Where processing is necessary for the purposes of the legitimate interests pursued by us or by a third party, except where such interests are overridden by your interests or fundamental rights and freedoms.

For each type of processing activity, we identify and document the legal basis that we rely upon.

Your Rights Under GDPR

Under GDPR, you have the following rights regarding your personal data:

  • Right to Access: You have the right to request a copy of the personal data we hold about you.
  • Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure (Right to be Forgotten): You have the right to request that we delete your personal data in certain circumstances.
  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to request that we transfer your personal data to another service provider in a structured, commonly used, and machine-readable format.
  • Right to Object: You have the right to object to the processing of your personal data in certain circumstances, including processing for direct marketing purposes.
  • Rights Related to Automated Decision Making and Profiling: You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you.

To exercise any of these rights, please contact us at support@leadsterra.com. We will respond to your request within 30 days.

Data Protection Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption of personal data where appropriate
  • Regular testing, assessing, and evaluating the effectiveness of technical and organizational measures
  • Measures to ensure the ongoing confidentiality, integrity, availability, and resilience of processing systems and services
  • Measures to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
  • Staff training on data protection and security
  • Access controls and authentication procedures

Data Breach Notification

In the event of a personal data breach, we will notify the relevant supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons.

If the breach is likely to result in a high risk to the rights and freedoms of natural persons, we will also notify the affected individuals without undue delay.

International Data Transfers

We may transfer personal data to countries outside the European Economic Area (EEA). When we do so, we ensure that appropriate safeguards are in place to protect your personal data, such as:

  • Transferring to countries that have been deemed to provide an adequate level of protection by the European Commission
  • Using specific contracts approved by the European Commission that give personal data the same protection it has in Europe
  • Implementing binding corporate rules
  • Obtaining your explicit consent for the transfer (in limited circumstances)

Data Protection Impact Assessments

Where processing operations are likely to result in a high risk to the rights and freedoms of natural persons, we conduct Data Protection Impact Assessments (DPIAs) to assess the impact of the envisaged processing operations on the protection of personal data and to determine appropriate measures to address the risks.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data, and whether we can achieve those purposes through other means, and the applicable legal requirements.

Children's Data

Our services are not intended for children under the age of 16, and we do not knowingly collect personal data from children under 16. If we become aware that we have collected personal data from a child under 16 without verification of parental consent, we will take steps to remove that information from our servers.

Changes to This GDPR Compliance Statement

We may update this GDPR Compliance statement from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the new statement on our website and updating the "Last Updated" date.

We encourage you to review this statement periodically to stay informed about how we are protecting your personal data.

Contact Us

If you have any questions about our GDPR compliance or how we handle your personal data, please contact us at:

Email: support@leadsterra.com