Privacy principles for website-first prospect research.

LeadCue is built around user-triggered website analysis, profile setup data, secure login sessions, and saved research needed for personal outreach.

PrivacyData we processBoundaries and prohibited collectionSecurity and retention controls

Data we process

Profile data is intentionally narrow and tied to the product workflow rather than passive collection.

  • Login identity from Google OAuth or email signup.
  • Plan, subscription state, and scan-credit usage.
  • ICP settings used to score prospect websites.
  • Prospect website snapshots, generated notes, activity log changes, and saved Prospect Cards.

Boundaries and prohibited collection

LeadCue is not designed to silently observe user browsing or build hidden contact intelligence.

  • Scans are user-triggered or sent through the API by the customer.
  • LinkedIn scraping and background browsing collection are outside the product boundary.
  • Contact details are limited to public website paths when visible on scanned pages.
  • Exports contain saved research and mapped fields, not purchased data.

Security and retention controls

Users should be able to understand what was stored, why it was stored, and how it will leave the product.

  • Login sessions use server-side cookies instead of exposing tokens in the client.
  • Password resets use short-lived, one-time tokens.
  • Billing operations are routed through Stripe when payment is configured.
  • Users can contact support for privacy questions or deletion requests.

Related resources

Contact privacy support