Data Handling Statement

Last updated: 2nd February 2026

This Data Handling Statement explains how LeadLocker processes lead data and personally identifiable information in the course of providing its services.

Role of LeadLocker

LeadLocker acts as a data processor. Customers remain the controllers and owners of the data submitted to or received through the platform. LeadLocker processes data solely on behalf of customers and only to the extent necessary to provide the service.

Types of data processed

LeadLocker processes business enquiry and lead data, which may include names, phone numbers, email addresses, message content, timestamps, and source information. The platform may also process limited technical metadata required for delivery, display, and notification purposes.

LeadLocker does not intentionally process sensitive personal information unless it is included in an enquiry by a third party.

Scope of access

LeadLocker only processes data that is explicitly delivered to the platform through approved channels, such as lead forms or connected services.

LeadLocker does not access personal email inboxes, private messages, or account credentials. The platform does not request or store passwords for email, advertising, or social media accounts. Access to third-party services is granted using secure authorisation mechanisms provided by those services and is limited to the data required to deliver enquiries.

Purpose of processing

Data is processed solely to organise, display, and deliver enquiries, to notify users of new leads, and to operate platform features such as summaries and follow-ups. Data is not used for unrelated purposes and is not sold or shared for marketing by LeadLocker.

Data retention

Lead data is retained while a customer account remains active. Customers may request deletion of their data at any time. Limited backup retention may apply for operational and recovery purposes.

Security measures

LeadLocker uses reputable third-party infrastructure providers and implements reasonable technical and organisational safeguards to protect data from unauthorised access, misuse, or loss. Access to data is restricted to authorised systems and users.

Third-party service providers

LeadLocker relies on third-party providers for hosting, messaging, analytics, and infrastructure. These providers process data only as necessary to support the service and are required to maintain appropriate security practices.

Customer responsibilities

Customers are responsible for ensuring that lead data is collected and used in compliance with applicable privacy, data protection, and marketing laws. Customers are also responsible for providing any required notices or obtaining necessary consents from individuals whose data they process through LeadLocker.

Updates

This Data Handling Statement may be updated from time to time. Continued use of LeadLocker constitutes acceptance of the updated statement.