← Back to LeadProof

Privacy Policy

Last updated: April 11, 2026

1. Who We Are

LeadProof (“we”, “us”, “our”) provides an AI-powered call quality auditing platform for insurance agencies. Our service is accessible at leadproof.app. For privacy-related questions, contact us at privacy@leadproof.app.

2. What Data We Collect

  • Account data: Name, email, organization name, and role (admin, agent, or caller).
  • Call recordings:Audio files uploaded by your organization for quality auditing. These files are stored securely in your organization's isolated storage bucket.
  • Transcriptions and AI scores: Text transcriptions and quality scores generated by our AI pipeline from uploaded recordings.
  • Usage data: Log data, page views, and feature usage for product improvement (via PostHog analytics, anonymized).
  • Integration credentials: OAuth tokens for connected platforms (e.g., Zoom). Stored encrypted and never logged.

3. How We Use Your Data

  • To provide the call auditing and scoring service your organization subscribed to.
  • To generate AI transcriptions and quality scores from uploaded recordings.
  • To display performance metrics, leaderboards, and coaching insights to authorized users.
  • To send operational notifications (e.g., weekly performance reports).
  • To improve our AI models and service quality (using aggregated, anonymized data only).

4. Data Isolation and Security

LeadProof is a multi-tenant platform. Each organization's data is strictly isolated via Row-Level Security (RLS) policies at the database level. An agent from Organization A cannot access any data from Organization B under any circumstances.

PII protection: Agent names and phone numbers are accessible only to admin-role users. Agent-role users cannot query, export, or view lead PII — this is enforced at the database level, not only in the UI.

All data is stored on Supabase (PostgreSQL) with encryption at rest and in transit. Audio files are stored in Supabase Storage with signed URLs that expire after 60 minutes.

5. Data Retention

Call recordings and their transcriptions are retained as long as your organization's account is active. Upon account cancellation, all data is deleted within 30 days. You may request early deletion at any time by contacting privacy@leadproof.app.

6. Third-Party Services

We share data with the following service providers, solely to operate the Service. Each provider processes only the minimum data required for its function.

  • Supabase: Database, authentication, and file storage provider. All data resides in US-East data centers with encryption at rest and in transit.
  • Deepgram: Audio transcription. Recordings are sent to Deepgram for transcription and are not retained by them beyond processing.
  • OpenAI: AI quality scoring. Transcription text (not audio) is sent to OpenAI for scoring. We use the API with data retention disabled — OpenAI does not train on your data.
  • Vercel: Application hosting. No user data is stored at the edge layer.
  • PostHog: Product analytics. Collects anonymized usage events only — no recording content, transcriptions, or PII is sent to PostHog.
  • Sentry: Error monitoring. Captures technical error data (stack traces, browser info) to help us fix bugs. No call content or PII is included in error reports.

7. Cookies and Tracking

LeadProof uses the following types of cookies and tracking technologies:

  • Essential cookies: Required for authentication and session management (Supabase Auth). These cannot be disabled.
  • Analytics cookies: PostHog sets cookies to track anonymized usage patterns (page views, feature usage). No personal information or call content is tracked.

We do not use advertising cookies or sell tracking data to third parties.

8. Your Rights

Depending on your jurisdiction, you may have rights to access, correct, export, or delete your personal data. To exercise these rights, contact privacy@leadproof.app from the email address associated with your account. We will respond within 30 days.

Data portability:You may request an export of your organization's data (account info, call metadata, transcriptions, and scores) in a machine-readable format at any time.

Note on call recordings: Call recordings may contain personal data of third parties (callers, leads). Your organization is responsible for obtaining consent from all parties recorded, in accordance with applicable laws (e.g., TCPA, state wiretapping laws).

9. California Privacy Rights (CCPA)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with specific rights regarding your personal information:

  • Right to know: You may request details about the categories and specific pieces of personal information we have collected about you in the past 12 months.
  • Right to delete: You may request deletion of your personal information, subject to certain exceptions (e.g., data needed to complete a transaction or comply with legal obligations).
  • Right to non-discrimination: We will not deny you service, charge different prices, or provide a different quality of service because you exercised your CCPA rights.
  • No sale of personal information: LeadProof does not sell personal information to third parties, as defined under the CCPA.

To submit a CCPA request, email privacy@leadproof.appwith the subject line “CCPA Request.” We will verify your identity before processing any request.

10. Children's Privacy

LeadProof is a business-to-business service and is not intended for use by individuals under 18. We do not knowingly collect personal information from children. If you believe a child has provided us with personal data, please contact us and we will promptly delete it.

11. Changes to This Policy

We may update this policy as our service evolves. We will notify active subscribers by email at least 14 days before material changes take effect. Continued use of LeadProof after the effective date constitutes acceptance of the updated policy.

12. Contact

Questions about this policy? Email privacy@leadproof.app.

HomeTerms of Service