1. Who We Are

LeadResurrect (“we,” “us,” or “our”) helps businesses turn their old, inactive leads into paying customers using AI-powered SMS campaigns.

Our clients send us their existing databases of contacts — typically names, emails, and phone numbers — and we handle the outreach on their behalf through the HighLevel platform using connected tools like Make.com, n8n, and OpenAI.

We take your privacy seriously. This policy explains how we collect, use, store, and protect data across all of our services, including our website https://leadresurrect.org (the “Site”) and any client reactivation campaigns we run.

---

2. How We Handle Data

LeadResurrect acts in two different roles, depending on the situation:

A. When You Visit Our Website or Contact Us

We act as the Data Controller — we decide how and why information is collected (e.g., for demos, forms, or marketing).

B. When We Process Data on Behalf of Our Clients

We act as the Data Processor — we process personal data only according to our clients’ instructions.

Our clients are the Data Controllers, since they own their customer lists and decide the purpose of outreach.

We never sell, share, or reuse that data for any other purpose.

---

3. What Data We Collect

Depending on your interaction with us, we may collect:

For Website Visitors or Demo Requests

• Name and email address
• Phone number (if provided)
• Any messages or form submissions
• Basic usage data (IP address, browser type, page visits)

For Client Campaigns

When you hire LeadResurrect to run a reactivation campaign, we may process:

• Lead names, phone numbers, and emails
• Optional notes from your CRM (e.g., last contact date or service details)
• Conversation transcripts and booking confirmations

This data is provided by the client and is not collected by us directly unless a lead responds through the automated system.

---

4. How We Use Data

We use personal data only for the reasons it was collected. Typical purposes include:

• Delivering AI-powered SMS and reactivation campaigns
• Qualifying and booking appointments on behalf of clients
• Communicating with leads who reply to campaigns
• Analyzing campaign performance and engagement metrics
• Improving our automation tools and workflows
• Maintaining website functionality and analytics
• Complying with legal or regulatory requirements

We do not use client data to market our own services or share it with unrelated third parties.

---

5. How Long We Keep Data

We follow a strict retention schedule:

• Client-provided data (lead lists, conversation logs, booking data) is deleted 30 days after the end of each campaign or once the client requests deletion — whichever comes first.
• Visitor or demo data is kept only as long as needed for legitimate business purposes (e.g., responding to inquiries or sending updates).
• Usage data (analytics) is stored only in aggregated form and cannot be used to identify you.

After the retention period, data is securely deleted or anonymized.

---

6. How We Store and Protect Data

We use secure, U.S.-based infrastructure through our primary service provider HighLevel, which complies with major privacy and security frameworks (including SOC-2).

We also use Make.com, n8n, and OpenAI as integrated sub-processors. These systems may temporarily process data to perform automations or AI-based messaging tasks, but we ensure that:

• All transfers are encrypted (HTTPS / TLS 1.2+)
• Access is restricted by role and purpose
• Only essential information is shared
• No data is retained by sub-processors beyond technical necessity

We monitor access logs, train all team members on privacy practices, and maintain incident response procedures to handle any potential breaches.

---

7. International Data Transfers

All systems primarily operate in the United States.

For clients or contacts located in the United Kingdom, European Union, or Canada, we rely on approved legal mechanisms for data transfer:

• UK/EU: Standard Contractual Clauses (SCCs) under GDPR
• Canada: Transfers comply with PIPEDA adequacy standards

By using our services or providing data, you acknowledge that your information may be processed in the U.S., where privacy protections differ from your home country.

---

8. Your Privacy Rights

Depending on where you live, you may have the right to:

• Access the data we hold about you
• Correct inaccurate or incomplete data
• Request deletion (“Right to be Forgotten”)
• Request a copy of your data in a portable format
• Withdraw consent for certain uses
• Opt out of marketing communications

You can exercise these rights by emailing [email protected].

We’ll respond within 30 days unless local law requires a faster timeframe.

If you are based in the U.K. or EU, you also have the right to lodge a complaint with your local data protection authority.

---

9. Cookies and Analytics

Our website uses minimal cookies to ensure basic functionality and improve performance.

These may include:

• Essential cookies: required for navigation and login
• Analytics cookies: help us understand how visitors use our site

You can control cookie preferences in your browser settings at any time.

We do not use advertising or tracking cookies for remarketing or behavioral profiling.

---

10. Children’s Privacy

Our services are not intended for children under 13.

We do not knowingly collect personal data from minors.

If you believe a child has submitted data to us, please contact [email protected], and we will promptly remove it.

---

11. Data Breaches

If any unauthorized access or disclosure occurs, we will notify affected clients (data controllers) within 24 hours of becoming aware of it, and assist them in meeting any required reporting or notification obligations.

---

12. Updates to This Policy

We may update this Privacy Policy periodically.

When we do, we’ll update the “Last updated” date at the top of this page.

Material changes will be communicated via email or a prominent notice on our website.

---

13. Contact Us

If you have questions about this Privacy Policy or any privacy-related issue, contact us at:

📧 Email: [email protected]

📍 Mail: LeadResurrect, 1513 Luke St, Fort Collins, CO 80524, USA

---

Summary of Roles

Data Type	Who Controls It	Our Role	Retention
Website visitor info	LeadResurrect	Controller	As long as needed for operations
Client-provided lead lists	Client	Processor	30 days after campaign ends
SMS/chat transcripts	Client	Processor	30 days after campaign ends
AI-generated message logs	Client	Processor	30 days after campaign ends

---

In Short

We help our clients reconnect with their leads — not exploit them.

Your data is your data. We simply use it to deliver the service you requested, protect it carefully, and delete it promptly when the job’s done.