Privacy Policy

Last updated: March 2026

1. About LeadNudge

LeadNudge is a multi-tenant CRM platform that helps businesses capture, manage, and nurture leads from sources including Meta (Facebook/Instagram) Lead Ads, website forms, and manual entry. This Privacy Policy explains how we collect, use, and protect personal data processed through our platform.

2. Data We Collect

We process the following categories of personal data:

  • Lead contact information: name, email address, phone number
  • Lead attribution data: ad name, campaign name, UTM parameters, Meta lead ID
  • Custom fields: any additional fields captured via lead forms or manual entry
  • Account information: name and email of platform users (agents, admins)
  • Activity data: stage transitions, comments, and audit logs within the platform

3. How We Use Data

Personal data is used solely for the following purposes:

  • Displaying and managing leads within the CRM pipeline
  • Sending automated notifications to platform users (agents, managers)
  • Reporting conversion events to Meta via the Conversions API (CAPI) on behalf of the tenant business
  • AI-assisted lead scoring and communication drafting (data is not used to train AI models)
  • Providing platform functionality including activity logs and audit trails

4. Meta Platform Data

LeadNudge connects to Meta via the Lead Ads API and Webhooks. Lead data received from Meta is used exclusively to populate the CRM for the tenant business that owns the Facebook Page. We do not share Meta-sourced lead data with third parties outside of the tenant's own business operations.

Personal data transmitted to Meta via the Conversions API (CAPI) is hashed using SHA-256 before transmission in accordance with Meta's requirements.

5. Data Storage and Security

All data is stored in Supabase (PostgreSQL) with row-level security enforced at the database layer. Each tenant's data is strictly isolated — no tenant can access another tenant's data. Data is stored on servers located in the European Union region.

We implement reasonable technical and organisational measures to protect personal data against unauthorised access, loss, or disclosure.

6. Data Retention

Lead data is retained for the duration of the tenant's active subscription. Upon subscription termination, tenant data is deleted within 30 days unless a longer retention period is required by law.

7. Third-Party Services

We use the following third-party services to operate the platform:

  • Supabase — database and authentication
  • Vercel — hosting and edge delivery
  • OpenRouter / Google / OpenAI — AI features (no data retention by these providers)
  • Resend — transactional email delivery
  • Meta — Lead Ads data source and Conversions API

8. Your Rights

Individuals whose personal data is stored in LeadNudge have the right to request access, correction, or deletion of their data. Requests can be submitted to the business that collected your information, or directly to us at the contact below.

For data deletion requests, please visit our Data Deletion page.

9. Contact

For privacy-related inquiries, contact us at: privacy@leadnudge.ae