Now available with advanced AI lead filtering technology.

Home Features Pricing Contact
Login Sign Up

Privacy Policy

Last updated: March 30, 2026

Privacy Policy

Effective Date: May 28, 2026
Last Updated: May 28, 2026

EvenLeads ("EvenLeads", "we", "us") operates the EvenLeads lead discovery, enrichment, outreach, CRM, and AI assistance platform. This policy explains how we process personal data when you use EvenLeads, when a customer uses EvenLeads to find or contact a business lead, and when a person uses our Transparency Hub.

Controller contact:
EvenLeads

Registration: PFA
Email: [email protected]

1. Roles

For account, billing, product analytics, security, marketing, website, and Transparency Hub processing, EvenLeads is generally the controller. When a customer uploads, exports, syncs, enriches, or contacts leads for its own business, that customer may be an independent controller and EvenLeads may act as processor or service provider for parts of the workflow. Customers must provide accurate controller identity details before enrichment or Article 14 notices are used.

2. Data We Process

  • Account and workspace data: name, email, password hash, company details, controller identity, preferences, organization membership, settings, and support messages.
  • Billing data: subscription, invoices, payment metadata, tax details, and transaction identifiers processed with payment providers.
  • Campaign and integration data: campaign criteria, keywords, platform connections, mailbox/CRM settings, sync history, message drafts, exports, and audit logs.
  • Public lead discovery data: public post text, title, platform/source, timestamps, URLs, public handles or names shown by the source, match scores, campaign relevance, and status.
  • B2B enrichment data: company name, domain, role/title, business email, business phone, LinkedIn or professional profile URL, source/provider metadata, verification result, and confidence level.
  • AI assistance data: prompts, redacted lead context, generated replies, classification, translations, scoring, model metadata, and token usage.
  • Transparency and suppression data: removal/restriction requests, signed references, hashed email or phone identifiers, blocked source URLs, suppression reasons, and audit timestamps.
  • Technical and security data: IP address, device/browser data, logs, error events, rate-limit signals, fraud/abuse indicators, and cookie consent choices.
  • Cookie and analytics data: only where allowed by your choices, we may process analytics events, heatmaps/session replay, advertising events, and referral attribution.

3. Sources

We receive data from you, your organization, public websites and public social platforms, connected third-party accounts that you authorize, enrichment providers, CRM/email providers, payment providers, and people who submit Transparency Hub or rights requests. We do not use private friend lists, private inboxes, or password-protected content for public lead discovery.

4. Purposes and Legal Bases

  • Contract performance: account creation, authentication, subscriptions, workspace features, support, and customer-requested integrations.
  • Legal obligations: tax, accounting, sanctions, consumer protection, security, and rights-response obligations.
  • Consent: marketing emails where required, non-essential cookies, Google Analytics, Microsoft Clarity/session replay, Meta Pixel/advertising pixels, and optional integrations that require authorization.
  • Legitimate interest - public social lead discovery: we identify public requests for products or services and organize them for business users. We limit collection, provide retention limits, suppression, and a Transparency Hub, and allow Article 21 objection.
  • Legitimate interest - B2B enrichment: we help customers verify relevant business contact details for proportionate B2B outreach. Enrichment is gated by suppression checks, controller identity requirements, source/provider metadata, and objection controls.
  • Legitimate interest - AI classification and replies: we classify relevance, translate, score, and draft replies to operate the service. Intelligence copies are redacted before AI processing where applicable, and suppressed leads are blocked before AI generation.
  • Legitimate interest - fraud, abuse, and security: we detect misuse, protect accounts, enforce limits, investigate incidents, and maintain audit logs.
  • Legitimate interest - limited first-party analytics: we measure product usage needed to improve reliability and usability. Non-essential tracking technologies are loaded only after consent.

5. Legitimate Interest Balancing

Before relying on legitimate interest, we assess the interest pursued, whether processing is necessary, and the impact on affected people. We use safeguards such as data minimisation, retention limits, signed or verified suppression flows, Article 14 notices where feasible, source logging, role-based access, AI redaction for public intelligence copies, and suppression checks before enrichment, export, CRM sync, outreach, and AI generation. You may object at any time under GDPR Article 21.

6. Transparency, Article 14 Notices, and Objection

Where we or our customers obtain business contact details indirectly, EvenLeads supports Article 14-style notices that identify the controller, categories of data, sources, purposes, legal basis, retention, recipients, and objection/removal links. You can use the Transparency Hub to remove a copied public post immediately, object to future processing, or restrict verified identifiers. Permanent email or phone suppression requires a verified match or signed reference to prevent abuse.

7. Enrichment and Outreach

Enrichment, export, CRM sync, outreach, and AI generation are checked against suppression records before processing or disclosure. Customers are responsible for ensuring their outreach complies with GDPR, ePrivacy, anti-spam rules, platform rules, and local B2B marketing requirements. Generated first-contact text may include or append transparency and objection links where required.

8. AI Processing

We use AI providers to classify, translate, summarize, score, and draft content. For public intelligence pages and campaign generation, we strip emails, phone numbers, known author names, handles, profile URLs, and known contact fields before AI calls and before storing intelligence copies. We do not intentionally send raw personal identifiers to AI for redaction. Provider processing is governed by contracts, security terms, and applicable data processing agreements.

9. Cookies and Similar Technologies

Necessary cookies support login, security, preferences, and checkout. Non-essential analytics, advertising pixels, Microsoft Clarity/session replay, and similar tracking technologies are loaded only after your explicit consent. You can change your choices through the cookie preferences controls. Withdrawing consent does not affect prior lawful processing.

10. Sharing and Recipients

We share data with subprocessors and service providers that help operate EvenLeads, including hosting, storage, payment, email, analytics, AI, enrichment, CRM, logging, and security providers. Customers may export or sync lead data to their chosen CRM, mailbox, or workflow tools. We may disclose data where required by law, to protect rights and safety, or during a corporate transaction. We do not sell suppression data.

11. International Transfers

Data may be processed in the European Economic Area, the United Kingdom, the United States, and other countries where our providers operate. Where required, we use adequacy decisions, Standard Contractual Clauses, transfer risk assessments, and supplementary measures.

12. Retention

Lead discovery records are retained according to the active retention setting, currently {{ lead_retaining_days }} days, unless removed earlier through the Transparency Hub, suppression, deletion, or customer action. Account and billing data are retained while needed for the service, legal obligations, dispute resolution, and security. Suppression records may be retained longer because they are needed to honor objections and prevent re-ingestion.

13. Security

We use technical and organizational safeguards including access controls, encryption in transit, logging, rate limiting, least-privilege access, backups, and monitoring. No system is perfectly secure, but we work to prevent unauthorized access, disclosure, alteration, or destruction.

14. Your Rights

Depending on your location, you may have rights to access, rectification, erasure, restriction, portability, objection, withdrawal of consent, and complaint to a supervisory authority. GDPR Article 21 gives you the right to object to processing based on legitimate interest. To exercise rights, use the Transparency Hub or contact [email protected]. We may need to verify your identity before permanent identifier suppression or account-related requests.

15. Children

EvenLeads is not intended for children and does not knowingly target or collect data from children.

16. Changes

We may update this policy as our platform, providers, laws, or safeguards change. The date above shows the latest update.

Cookie Preferences

Essential Cookies Always On
Essential Cookies Always On

Essential cookies are required for basic website functionality including session management, security, and user authentication. These cannot be disabled.

Analytics Cookies

Analytics cookies help us understand how visitors interact with our website by collecting and reporting information anonymously. This includes page views, time spent, and user behavior patterns.

Marketing Cookies

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third-party advertisers.

· Privacy Policy