Privacy Policy (GDPR)

1. Information We Collect

We collect information you provide when creating an account (name, email, company name) and data you enter into the Service (contacts, deals, notes).

2. How We Use Your Information

We use your information to provide and improve the Service, send transactional emails (receipts, password resets), and respond to support requests.

3. Data Storage

Your data is stored securely using Supabase (PostgreSQL) with encryption at rest and in transit. Servers are located in the EU.

4. Third-Party Services

We use the following third-party services:

• Paddle (payment processing) — paddle.com/privacy
• Supabase (database infrastructure) — supabase.com/privacy

5. Email Integration

If you connect your email account, we access only email metadata (sender, recipient, subject, snippet) necessary to display email history in the CRM. We do not read, store, or share full email contents.

6. Cookies

We use essential cookies for authentication and session management only. We do not use tracking or advertising cookies.

7. Data Retention

We retain your data for as long as your account is active. Upon account deletion, your data is permanently deleted within 30 days.

8. Your Rights (GDPR)

If you are located in the EU, you have the right to access, correct, export, or delete your personal data. Contact us at support@lean-deals.com to exercise these rights.

9. Data Sharing

We do not sell your personal data. We share data only with service providers necessary to operate the Service, under strict data processing agreements.

10. Security

We implement industry-standard security measures including HTTPS, encrypted storage, and role-based access controls.

11. Changes to This Policy

We may update this policy and will notify you via email of significant changes.

12. Contact

For privacy-related questions, contact us at support@lean-deals.com.