Privacy Policy

MyLeadBots ("we", "our", "us") provides an AI lead intelligence platform that discovers local businesses, audits them with multi-agent analysis, and generates personalized demo websites. This Privacy Policy explains what personal information we collect when you use myleadbots.com and the associated application, how we use it, who we share it with, and the rights you have over your data.

This policy applies to visitors of our marketing site, registered users of the dashboard, and anyone who contacts us through published channels. It does not apply to third-party services we link to, each of which has its own privacy practices.

We collect only what we need to operate the product:

• Account data. When you sign up, we store your email address, hashed password (or OAuth identifier if you sign in with Google), and a profile record inside our Supabase database.
• Campaign and lead data. Business targets you configure (niches, locations, filters) and the leads our discovery agents return — all of which are publicly available information sourced from Google Maps and public websites.
• Audit outputs. The reports our multi-agent pipeline generates for each lead, including Google Business Profile snapshots, website audits, and social presence checks.
• Billing metadata. Subscription plan, credit balance, and transaction IDs. Card numbers are handled exclusively by our payment processor (Polar) — we never see or store them.
• Usage and diagnostic logs. Anonymous request logs, agent activity logs, and basic error telemetry used to keep the service reliable and debug issues.

We use the data we collect to:

• Operate the discovery, audit, and demo-generation pipeline you explicitly request.
• Authenticate your sessions and secure your account.
• Process subscription payments and credit purchases.
• Send service-related email (password resets, billing receipts, critical account notices).
• Monitor product reliability, detect abuse, and investigate security incidents.
• Improve the product by analyzing anonymized, aggregated usage patterns.

We do not sell your personal data, and we do not share campaign or lead data with other customers.

MyLeadBots relies on a small number of trusted sub-processors to deliver the product. Each handles a specific slice of the workflow and is bound by its own security and privacy terms:

• Supabase — managed Postgres database, authentication, and realtime updates. Hosts your account, campaign, and lead data.
• Vercel — web hosting, edge network, and request logging for the application itself.
• Polar — subscription billing and payment processing. All card data is handled directly by Polar; we only receive a customer ID and transaction metadata.
• DeepSeek and Google Gemini — large-language-model providers used by our agents for reasoning, classification, and content generation. Prompts are transmitted to these providers to produce audit reports and conversational responses.
• Apify and SerpAPI — third-party scraping and search APIs used by the discovery pipeline to gather publicly available business information from Google Maps and search engines.
• Google OAuth — identity provider when you choose to sign in with Google.

We use a minimum set of browser cookies and local storage entries:

• Authentication cookies issued by Supabase to keep you signed in across requests. These are strictly necessary and cannot be disabled without signing out.
• Theme preference stored locally so the dark/light mode setting persists across visits.

We do not currently deploy third-party advertising or behavioral tracking cookies. If that changes, we will update this policy and (if applicable) request your consent first.

We retain your account, campaign, and lead data for as long as your account is active. If you delete your account, we remove your personal profile and associated records from our primary databases within 30 days. Backups are kept for a limited rolling window and are overwritten on schedule.

Anonymized diagnostic logs may be retained for up to 90 days for security and reliability purposes.

Depending on where you live, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate or outdated data
• Request deletion of your account and associated data
• Export a copy of your data in a portable format
• Object to or restrict certain kinds of processing
• Withdraw consent where processing is based on consent

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

We protect your data with industry-standard measures: TLS everywhere, row-level security on sensitive database tables, least-privilege access to administrative systems, and hardened authentication for all internal tools. No online service can guarantee absolute security, but we work hard to keep the risk low.

MyLeadBots is a B2B product and is not directed at children under 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will delete it.

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page and, for material changes, notify registered users by email.

Questions about this policy or how we handle your data? Email [email protected].