Legal
Privacy Policy
1. Introduction
Leadlord Inc. ("Company," "we," "us," or "our") provides software that helps wealth management firms and their internal marketing and compliance teams create advertising creatives, landing pages, campaign materials, approval workflows, audit trails, and related records through a guided AI-enabled workflow.
This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when individuals:
- visit our website;
- communicate with us;
- create or use an account on our platform;
- participate in demos, pilots, sales processes, support interactions, or customer success activities;
- otherwise interact with our services.
Our customers are typically businesses or institutions. Where a customer uploads, submits, generates, reviews, edits, approves, rejects, comments on, or stores information in the platform, we generally process that information on behalf of the customer and in accordance with the customer's instructions, our agreement with the customer, and applicable law. In those cases, the customer remains responsible for determining whether and how personal information may be collected, used, disclosed, retained, published, or approved through the platform.
2. Scope of This Policy
This Policy applies to personal information we handle in connection with our website, platform, sales, support, operations, analytics, security, and business activities.
This Policy does not replace the privacy policy or legal obligations of our customers. If you are an employee, contractor, advisor, client, representative, or other individual whose information has been submitted to the platform by one of our customers, please contact that customer first for questions about how your information is used in that customer's marketing, compliance, client, supervisory, or business workflows.
3. Personal Information We Collect
We may collect the following categories of personal information.
3.1 Account and User Information
We may collect:
- name;
- business email address;
- business phone number;
- employer or organization;
- role, title, department, and team;
- username, password, authentication credentials, or single sign-on identifiers;
- account settings, permissions, and preferences;
- records of invitations, access grants, approvals, and administrative actions.
3.2 Customer Content and Platform Data
Customers and authorized users may submit, generate, upload, review, edit, approve, reject, comment on, or export content through the platform. This may include:
- marketing campaign content;
- advertising copy;
- landing page content;
- brand guidelines;
- compliance comments;
- approval or rejection notes;
- version history;
- audit trails;
- records of supervisory review;
- documents, images, prompts, outputs, files, metadata, and related materials;
- personal information included in uploaded or generated materials.
Customers should avoid submitting personal information unless it is necessary for the permitted use of the platform and lawful for the customer to provide to us.
3.3 Usage, Analytics, and Technical Information
We may collect:
- IP address;
- device identifiers;
- browser type and version;
- operating system;
- pages or features viewed;
- log-in and log-out times;
- clickstream, usage, and event data;
- error logs;
- performance data;
- approximate location derived from IP address;
- security logs;
- API usage data;
- records of feature usage, prompts, edits, approvals, and exports.
3.4 Sales, Marketing, and Communications Information
We may collect:
- contact details provided through forms, email, calls, meetings, or events;
- demo requests;
- pilot discussions;
- notes from sales and customer success interactions;
- marketing preferences;
- records of consents, opt-outs, and communications.
3.5 Support Information
We may collect information submitted through support channels, including:
- support tickets;
- troubleshooting records;
- screenshots or files provided by users;
- diagnostic logs;
- communications with our support team.
3.6 Billing and Administrative Information
Where applicable, we may collect:
- billing contact information;
- invoicing details;
- subscription plan information;
- payment status;
- tax or business identifiers;
- contract records.
Payment card or bank account information, if processed, should be handled by a payment processor and not stored directly by us unless expressly stated.
4. How We Collect Personal Information
We collect personal information:
- directly from you when you provide it to us;
- from our customers when they create accounts, invite users, configure workflows, or upload platform content;
- automatically through the website, platform, logs, cookies, analytics tools, and similar technologies;
- from service providers that support authentication, hosting, analytics, communications, security, billing, or customer support;
- from business contacts, referrals, public sources, or events where lawful and appropriate;
- from integrations authorized by a customer or user.
5. Purposes for Which We Use Personal Information
We use personal information to:
- create, authenticate, and manage user accounts;
- provide access to the platform;
- enable content creation, landing page generation, approval workflows, comments, version history, audit trails, and exports;
- process prompts, inputs, outputs, documents, and related platform data;
- configure permissions and customer workspaces;
- provide technical support;
- maintain service availability and performance;
- troubleshoot errors and improve reliability.
5.1 Customer-Directed Processing
Where we process Customer Content on behalf of a customer, we use it to provide the services requested by that customer, including:
- generating or assisting with marketing content;
- supporting compliance review workflows;
- maintaining approval records;
- preserving audit trails and version history;
- enabling customer exports, reports, and records;
- carrying out documented customer instructions.
We do not determine the customer's legal, regulatory, supervisory, investment, advertising, or compliance obligations. The customer remains responsible for reviewing, approving, publishing, supervising, and retaining its own materials.
5.2 AI-Enabled Functionality
The platform may use AI models, machine learning systems, natural language processing, rules-based systems, retrieval systems, or other automated tools to help users draft, transform, classify, summarize, compare, or generate content.
We may process prompts, inputs, uploaded content, contextual materials, user instructions, generated outputs, feedback, metadata, and related records to provide these AI-enabled features.
Unless expressly agreed otherwise in writing:
- customer content is used to provide and operate the platform for that customer;
- customer content is not sold;
- customer content is not used to build advertising profiles;
- customer content is not used to train third-party foundation models where our agreement with the customer prohibits that use;
- AI outputs must be reviewed and approved by the customer before use, publication, or reliance.
The platform is intended to assist customer marketing and compliance workflows. It does not provide legal advice, investment advice, regulatory advice, supervisory approval, or a guarantee of compliance.
5.3 Security, Fraud Prevention, and Compliance
We use personal information to:
- monitor, detect, investigate, and prevent unauthorized access, misuse, fraud, abuse, security incidents, and violations of our agreements;
- maintain logs and audit records;
- enforce our terms and contracts;
- comply with legal, regulatory, court, law enforcement, tax, accounting, and corporate obligations;
- protect our rights, property, users, customers, personnel, and systems.
5.4 Product Improvement and Analytics
We may use personal information, usage information, de-identified information, aggregated information, and analytics to:
- understand how the platform is used;
- improve workflows, user experience, performance, security, and reliability;
- develop new features;
- test and debug systems;
- measure adoption and engagement;
- create internal reporting and forecasting.
Where practical, we use aggregated or de-identified information for analytics and improvement.
5.5 Communications and Marketing
We may use contact information to:
- respond to inquiries;
- provide demos;
- manage customer relationships;
- send service messages;
- send product updates;
- send marketing communications where permitted by law;
- manage events, webinars, or pilot programs.
Individuals may unsubscribe from marketing communications using the instructions included in those communications or by contacting us.
6. Consent and Legal Basis for Processing
Canadian private-sector privacy law is consent-based, subject to statutory exceptions and reasonableness requirements. We collect, use, and disclose personal information only for purposes that a reasonable person would consider appropriate in the circumstances and where we have consent, another lawful authority, or a statutory exception.
Depending on the context, consent may be express or implied. For example:
- when an individual creates an account, submits information, or uses the platform, consent may be implied for uses necessary to provide the requested service;
- express consent may be required for sensitive information, unexpected uses, or uses that create a meaningful residual risk of significant harm;
- users may withdraw consent, subject to legal, contractual, technological, and operational limits;
- withdrawal of consent may prevent us from providing some or all services.
For customer-submitted platform data, the customer is responsible for ensuring that it has the necessary authority, notices, consents, permissions, and legal basis to provide personal information to us and to instruct us to process it.
7. Disclosure of Personal Information
We may disclose personal information as described below.
7.1 Customers and Authorized Users
Information within a customer workspace may be available to the customer and its authorized users, administrators, reviewers, approvers, supervisors, and other personnel according to the customer's configuration and permissions.
7.2 Service Providers and Subprocessors
We may disclose personal information to service providers, subprocessors, contractors, and vendors that help us provide, secure, operate, support, improve, and administer the website and platform. These may include providers of:
- cloud hosting and storage;
- database services;
- AI model or AI infrastructure services;
- authentication and identity management;
- logging, monitoring, and security;
- analytics;
- customer support;
- communications;
- email delivery;
- billing and accounting;
- professional services.
We require service providers that process personal information for us to use it only for authorized purposes and to protect it using appropriate contractual, technical, and organizational safeguards.
A current list of material subprocessors is available upon request, subject to our customer agreement.
7.3 Legal, Compliance, and Protection Purposes
We may disclose personal information where required or permitted by law, including to:
- comply with a subpoena, warrant, court order, law, regulation, or lawful request;
- cooperate with regulators, law enforcement, or public authorities;
- enforce our agreements;
- protect security, rights, property, users, customers, or the public;
- detect, prevent, or investigate fraud, abuse, unauthorized access, or security incidents.
7.4 Business Transactions
We may disclose personal information in connection with a proposed or completed financing, investment, merger, acquisition, reorganization, sale of assets, diligence process, or similar business transaction, subject to appropriate confidentiality and legal safeguards.
8. Cookies and Analytics
We may use cookies, pixels, local storage, SDKs, log files, and similar technologies to:
- operate the website and platform;
- remember preferences;
- authenticate users;
- maintain security;
- analyze website and platform usage;
- improve performance;
- measure marketing effectiveness.
Some cookies are necessary for the website or platform to function. Others may be optional, such as analytics or marketing cookies. Where required, we will provide appropriate notice and choice.
Users can control cookies through browser settings. Disabling some cookies may affect website or platform functionality.
9. Cross-Border Processing
Leadlord Inc. is based in Quebec, Canada. Personal information may be stored or processed in Quebec, elsewhere in Canada, the United States, the European Economic Area, the United Kingdom, or other jurisdictions where we or our service providers operate.
Where personal information is processed outside Quebec or outside Canada, it may be subject to the laws of that jurisdiction and may be accessible to courts, law enforcement, regulators, or public authorities in accordance with those laws.
Before transferring or making personal information available outside Quebec where required by Quebec law, we will assess relevant privacy factors and use appropriate written agreements and safeguards.
10. Retention
We retain personal information only as long as reasonably necessary for the purposes for which it was collected, or as required or permitted by law, contract, accounting rules, security needs, dispute resolution, regulatory requirements, or legitimate business purposes.
Retention periods may vary based on the type of information, the customer agreement, legal requirements, and operational needs.
Examples:
- account information is generally retained while the account is active and for a reasonable period after deactivation;
- customer content is retained according to the customer agreement, workspace configuration, and deletion instructions;
- audit logs may be retained for longer periods to support compliance, security, dispute resolution, and recordkeeping;
- support records may be retained to provide support history and improve services;
- marketing contact information is retained until it is no longer needed or the individual opts out, subject to suppression-list requirements.
When personal information is no longer required, we will delete, destroy, anonymize, or de-identify it, subject to legal and technical limitations.
11. Security Safeguards
We use administrative, technical, and physical safeguards appropriate to the sensitivity, amount, distribution, format, and risks of the personal information we handle.
Safeguards may include:
- access controls;
- role-based permissions;
- authentication controls;
- encryption in transit;
- encryption at rest where appropriate;
- logging and monitoring;
- vulnerability management;
- secure development practices;
- vendor security reviews;
- backups and disaster recovery controls;
- employee and contractor confidentiality obligations;
- incident response procedures.
No system is perfectly secure. Customers and users are responsible for maintaining the confidentiality of their credentials and for configuring appropriate permissions within their workspaces.
12. Individual Rights
Subject to applicable law and identity verification, individuals may have rights to:
- access personal information we hold about them;
- request correction of inaccurate, incomplete, or equivocal personal information;
- withdraw consent, subject to legal and contractual limits;
- ask questions or make a complaint about our privacy practices;
- request information about our use and disclosure of personal information;
- request portability of certain computerized personal information where applicable;
- request de-indexation or cessation of dissemination in circumstances recognized by Quebec law.
Where we process personal information on behalf of a customer, we may refer the request to that customer or ask the individual to contact the customer directly.
Requests must be made in writing to the Privacy Officer using the contact information below. We may request information to verify identity and authority before responding.
13. Automated Decision-Making
Our platform uses AI-enabled tools to assist with content creation, review workflows, and related platform functionality. The platform is not intended to make decisions based exclusively on automated processing that produce legal, employment, financial, credit, eligibility, or similarly significant effects for individuals.
If we introduce a feature that makes decisions based exclusively on automated processing of personal information in circumstances where notice, explanation, correction, or human review rights apply, we will provide appropriate notice and process requests as required by law.
14. Privacy Incidents
We maintain procedures to respond to suspected or actual privacy incidents involving personal information.
If we determine that a privacy incident creates a legal obligation to notify affected individuals, customers, regulators, or other parties, we will provide notice in accordance with applicable law and our contractual obligations.
Where an incident involves Customer Content processed on behalf of a customer, we will notify the customer in accordance with the applicable agreement so the customer can assess its own legal and regulatory obligations.
15. Children and Minors
Our website and platform are intended for business use and are not directed to children. We do not knowingly collect personal information from children under the age of 14 in Quebec or from minors generally, except where authorized by a customer or as permitted by law.
16. Third-Party Websites and Integrations
The website or platform may contain links to third-party websites, applications, integrations, or services. We are not responsible for the privacy practices of those third parties. Customers and users should review the privacy policies of third-party services before using them.
17. Changes to This Policy
We may update this Policy from time to time. If we make material changes, we will provide notice by posting the updated Policy on our website, through the platform, by email, or by other appropriate means.
The "Last Updated" date indicates when the Policy was last revised.
18. Privacy Officer Contact
The Privacy Officer is responsible for overseeing our privacy program and responding to privacy questions, requests, and complaints.
- Privacy Officer: James Gosnell
- Company: Leadlord Inc.
- Email: privacy@leadlord.ai
- Jurisdiction: Quebec, Canada
19. French-Language Version for Quebec
A French version of this Privacy Policy will be made available for Quebec users and customers where required. The French version should contain the same material information and be accessible on terms at least as favourable as the English version.