Privacy Policy

This Privacy Policy applies to LeadAtomic's public website, waitlist flow, account onboarding, authenticated product experience, and related support or operational communications.

It covers information we collect directly from you, information generated when you use the service, and limited technical information used for security, analytics, and abuse prevention.

It does not replace the privacy terms of third-party services you choose to connect, such as Google or Microsoft mailbox providers.

Depending on how you interact with LeadAtomic, we may collect the following categories of information:

• Account and waitlist information. Name, work email, workspace name, company website, feature-interest selections, and other information you submit during waitlist signup, sign-up, sign-in, or account recovery.
• Workspace and onboarding information. Company and ICP inputs such as industry targets, buyer roles, geography, exclusions, competitors, keywords, notes, send-window settings, approval defaults, and other profile fields used to configure your workspace.
• Mailbox and communications information. Sender email, display name, provider type, reply-to settings, signature text, mailbox connection status, OAuth scopes, encrypted provider credentials, outreach drafts, sent-message records, inbound replies, and related delivery or health diagnostics.
• Security and operational information. Password hash, password-update timestamps, verification and reset token records, login timestamps, rate-limit records, session state, and error or activity logs needed to operate and protect the service.
• Public-site analytics information. Page path, referrer, campaign parameters, device type, viewport width, country where available, and an anonymous visitor hash used for aggregate analytics. LeadAtomic's public-site analytics pipeline does not store raw IP addresses in marketing event rows.
• Browser-stored state. Theme preference, onboarding draft state, analytics session state, UTM/referrer data, and temporary mailbox OAuth handoff state stored in your browser through cookies, local storage, or session storage.

• Create and secure accounts, maintain authenticated sessions, and prevent abuse.
• Set up and operate your workspace, including ICP configuration, mailbox setup, and sending controls.
• Generate or support product workflows such as onboarding finalization, website-based profile extraction, enrichment, scoring, and outreach drafting.
• Send transactional emails such as verification links, password-reset links, and operational notices.
• Measure public-site usage, waitlist demand, and conversion trends at an aggregate level.
• Investigate errors, monitor system health, enforce rate limits, and maintain auditability for support and security.

We do not currently sell personal information or run third-party advertising trackers on the public site.

We may share information in the following limited cases:

• With service providers that help us operate LeadAtomic, such as transactional email infrastructure and operational tooling.
• With the mailbox providers you choose to connect, such as Google or Microsoft, to complete OAuth, refresh credentials, and process mailbox activity you authorize.
• With model or API providers used to perform requested product workflows, such as profile extraction, enrichment, scoring, or draft generation.
• When required for legal compliance, fraud prevention, security response, or to protect LeadAtomic, our users, or the public.
• As part of a merger, acquisition, financing, or asset sale involving LeadAtomic, subject to this policy or a successor policy.

LeadAtomic uses a small number of browser-side storage mechanisms for distinct purposes:

• Session cookie. Authenticated workspace sessions use an HTTP-only session cookie so the app can keep you signed in securely.
• Local and session storage. We store theme preference, onboarding draft state, analytics session data, UTM/referrer data, and temporary OAuth handoff state in browser storage.
• Public-site analytics. The public site records anonymous usage events to help us understand visits, waitlist conversions, and campaign performance. The client-side tracker honors browser Do Not Track when it is explicitly enabled.

LeadAtomic uses technical and operational safeguards intended to reduce risk, including password hashing, encrypted mailbox secret storage, rate limiting, session controls, and audit-oriented operational records.

No system can promise absolute security. You remain responsible for protecting your own devices, mailbox accounts, and account credentials.

We keep information for as long as it is reasonably needed to operate the service, maintain security, support legitimate business records, and comply with legal obligations.

• Browser-stored values generally remain until they expire, are overwritten, or you clear them.
• Verification and reset-token records remain in our systems as security records even after they expire or are consumed.
• Workspace, mailbox, outreach, and operational records may be retained after account changes or closure where needed for audit, fraud-prevention, legal, or support reasons.

• You can update certain account and workspace information from within the product.
• You can disconnect or deactivate mailboxes from mailbox settings.
• You can sign out at any time and clear browser storage locally from your browser.
• If you need help with access, correction, account closure, or a privacy request, contact hello@leadatomic.com.

LeadAtomic customers use the platform to run business-to-business outreach to other organisations. If you received an email sent through LeadAtomic, the following applies to you as the recipient.

• What data is involved. Business-contact information — such as a work email address, role, and the company it belongs to — sourced from publicly available business listings and the company's own website, used to send relevant, human-reviewed outreach on behalf of the LeadAtomic customer.
• Who is responsible. The LeadAtomic customer that contacted you is the party deciding to reach out. LeadAtomic operates the sending infrastructure on their behalf. Every message identifies the sender and the business they represent.
• How to opt out. Every outreach email includes an unsubscribe link and a List-Unsubscribe header, and you can simply reply with "unsubscribe". Any of these permanently stops that customer from contacting that address through LeadAtomic.
• Your other rights. To ask what data is held about you, correct it, or have it deleted, contact hello@leadatomic.comand we will route the request to the relevant customer and assist as the operator of the platform.

We may update this Privacy Policy from time to time. If we make a material change, we will update the effective date on this page and use reasonable notice appropriate to the change.