LeadPilot CRM
Privacy Policy
Last updated: June 26, 2026
This Privacy Policy explains how LeadPilot CRM collects, uses, protects, and shares information when users access the CRM and connect lead sources such as Gmail and Google Calendar.
What LeadPilot CRM Does
LeadPilot CRM helps businesses capture, qualify, and manage sales enquiries from connected inboxes, website forms, advertising lead forms, and related lead sources. The service can read selected Gmail messages after a workspace user explicitly connects a Google account, classify messages against workspace rules, extract customer contact details, create CRM records, schedule calendar events, and notify team members.
Information We Collect
We collect account information such as name, email address, workspace membership, role, and authentication identifiers. When integrations are connected, we process lead-related data such as sender, recipient, subject, snippet, message body, timestamps, labels, attachment metadata, customer name, email address, phone number, address, postcode, service requested, notes, task details, and calendar event details.
Google User Data
LeadPilot CRM requests Google access only when a user connects Gmail or Google Calendar. Gmail data is used to find and create qualified leads according to workspace rules. Google Calendar data is used to create, update, or delete quote visit and won-job events requested by the user. Google user data is not sold, used for advertising, or shared with unrelated third parties.
How We Use Information
We use information to provide CRM functionality, authenticate users, enforce workspace access, detect leads, prevent duplicates, maintain customer and job records, send requested notifications, support integrations, secure the service, debug errors, and comply with legal obligations.
Data Sharing
Data is shared only with service providers needed to operate the product, such as hosting, database, email delivery, authentication, payment, and connected integration providers. These providers process data on our behalf. Workspace data is isolated by organization and role-based access controls.
Data Retention and Deletion
Workspace data is retained while the workspace is active or as needed for legitimate business, security, and legal purposes. Users may request deletion of workspace, account, or integration data. OAuth access can be revoked from Google Account permissions at any time.
Security
LeadPilot CRM uses authentication, environment-based secrets, encrypted OAuth token storage, protected routes, validation, rate limiting, audit logging, and workspace-level access controls. No production API secrets are hard-coded in the application.
Contact
For privacy requests or support, contact the LeadPilot CRM workspace owner at dolans.uk@gmail.com.