Leadinfo is 100% GDPR-compliant.
Leadinfo follows the seven important principles of the GDPR, which regulates the protection of personal data in the EU. This significantly impacts our software.
Lawful, fair and transparent.
All processing is carried out on a lawful basis. Data processing does not occur unexpectedly and the data subject will be informed about the processing.
Leadinfo:
- We make it transparent for our customers how Leadinfo processes data.
- We provide sample texts to help our customers inform their website visitors.
- We advise on how to legally use Leadinfo.
- Our customers must choose a legal basis (consent or legitimate interests) – Leadinfo supports with expert opinions and recommendations:
- Secure use of cloud service providers with data storage in Europe and corresponding contractual and technical safeguards.
- Native in-house integrations reduce the risks associated with intermediaries.
Purpose limitation
We know the purposes of processing and disclose them in the data protection notices for the individuals concerned. We limit the processing to the stated purposes.
Leadinfo:
- Leadinfo can be configured to process very little data (only IP addresses).
- Single-purpose tool with low risk of data (IP addresses) being used for opaque purposes.
- Native in-house integrations reduce the risk of data usage by intermediaries.
Data Minimization
Personal data must correspond to the purpose for which it is processed, be substantial for it, and be limited to what is necessary for the purposes for which it is processed.
Leadinfo:
- Leadinfo can be configured for limited data processing.
- Leadinfo processes only pseudonymous information, no special categories of data (Art. 9 GDPR) and no other sensitive information.
- Native in-house integrations avoid the need to share data with third parties that do not provide direct benefits.
Accuracy
We ensure that the personal data we process is accurate and up-to-date. We correct or delete inaccurate personal data as quickly as possible.
Leadinfo:
- Careful handling of the collected data by Leadinfo (see also point Integrity and Confidentiality)
- First-class data from verified providers.
Data Storage
We store personal data in a form that allows identification of the data subject only for as long as necessary to achieve the purposes for which it is processed. (Art. 5 (1) (e) GDPR)
Leadinfo:
- On request, our customers can have identified visitor data deleted.
- Leadinfo processes only a few pieces of information here, in particular no clear names or similar, but only pseudonymous IP addresses that are linked to companies.
- An identification of the persons concerned does not take place and is not necessary for the services.
- Leadinfo has a deletion concept that also includes the timely deletion of the collected IP addresses.
Integrity and Confidentiality (Security)
We take appropriate security measures to process personal data in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage (Art. 5 (1) (f) GDPR).
Leadinfo:
- Proper identity and access management for all sensitive data
- Data encryption
- Password requirements
- Two-factor authentication
- Logging and monitoring
- Virus protection
- Regular employee training and awareness measures
- Proper development processes with specific responsibilities and procedures for planning, quality assurance, and testing of new features and other changes to the platform
- Release and patch management
- Standardized backup processes with regular restoration testing
- Highly secure AWS data centers certified to ISO 27001 and many other relevant standards
Accountability
The controller is responsible for ensuring compliance with the above points and must be able to provide evidence of this (Art. 5 (2) GDPR).
Leadinfo:
- Internally defined responsibility for privacy
- Data privacy and information security management system(s)
- Regular reviews/audits conducted by external entities
- Pursuing ISO 27001 certification
We store and process our data in Europe.
All of our hosting servers are located in Ireland, ensuring that your data and the data processed by Leadinfo remain within the EU. This ensures compliance with the General Data Protection Regulation.
- Our hosting provider is AWS EMEA SARL based in Luxembourg, which is a European-based company.
- The server is located in Ireland, which means that the data processed by Leadinfo does not leave the European legal framework.
- Leadinfo has concluded a data processing agreement (in accordance with Art. 28 of the GDPR) with AWS EMEA SARL, which includes the latest standard contract clauses.
Our commitment to GDPR: Data protection and privacy
The GDPR forms the backbone of modern data protection and emphasizes the importance of respecting personal data. As Leadinfo, it is our duty to abide by the regulation’s fundamental principles and ensure our users’ privacy is always safeguarded.
Frequently asked questions about GDPR
How does Leadinfo technology work?
Leadinfo identifies your B2B website visitors (“leads”) in real time, creates a profile for each lead, optionally supplements the profiles with creditworthiness information of the company and other relevant data, gives you access to this information through the Leadinfo dashboard, and can be integrated with many CRM/ERP systems, making it easy to incorporate your leads into your existing workflows and processes.
To this end, your web designer installs the Leadinfo tracking code on your website. If you need help with this, our team is happy to assist you. The tracking code allows us to see the IP addresses of your website visitors and compare them with our database, which is based on publicly available sources such as the commercial register.
In addition, Leadinfo sets two first-party cookies (optional – there is also a cookie-free tracking option) to provide additional transparency about how your visitors use your website. These cookies are not linked to any other information. Website visitors can also enter form data, which is anonymized and stored to improve Leadinfo’s services. The results are displayed through the Leadinfo dashboard in your browser and can be integrated into your CRM/ERP solution.
All information is processed in our European data centers, which are certified according to relevant data governance and information security standards such as ISO/IEC 2700x and BSI C5.
Is the use of Leadinfo GDPR-compliant?
Yes, Leadinfo can be used in accordance with the EU 2016/679 – “GDPR” and other applicable data protection laws. The processed IP address and other information are classified as personal data under the GDPR. Therefore, it is important to inform your website visitors about the use and processing of data related to Leadinfo. We also recommend obtaining consent from your website visitors before activating the Leadinfo tracking code.
What categories of data are processed by Leadinfo?
The following data categories are processed by Leadinfo on your behalf:
- IP address
- Location based on IP address
- Domain from form input fields (e.g. “leadinfo.com”)
Do we qualify as controllers or processors of this data?
As our customer, you determine the purposes and means of data processing. We process the data on your behalf. Therefore, you are responsible for data protection and we are processors within the meaning of the GDPR. However, once we have processed your data, we store this information in our database so that we can improve our services for our customers. In this sense, we become responsible and comply with the corresponding requirements for controllers.
Should we sign an Data Processing Agreement (DPA)? Can Leadinfo provide one?
Yes, as we process personal data on your behalf, our processing activities must be regulated by a special data processing agreement (“DPA”). Please contact us to obtain the signed agreement and consider where your sales representatives can upload the agreement signed by both parties.
Do we need to inform our website visitors about the use of Leadinfo?
Yes, the GDPR requires companies to inform website visitors about how their personal data is being processed. We recommend providing this information in your privacy policy, for example, in the section where the use of web tracking tools such as Google Analytics and similar tools is described. It is up to you how to formulate this in your privacy policy. You can use our sample text as a guide. You can find more information here
How do we obtain valid consent from our website visitors?
You can obtain consent by implementing a consent management tool that displays a pop-up banner or layer (“cookie banner”) to your website visitors, prompting them to agree or reject the use of cookies and other website features, providing them access to additional information about these cookies and features, storing visitors’ decisions, and allowing them to easily change their decision. Our team is happy to assist you with the implementation of such a tool and the proper integration of Leadinfo.
Where does Leadinfo store and process the data?
Our hosting provider is AWS EMEA SARL, based in Luxembourg – an EU-based company. Our server is located in Ireland (not in the USA), which means that the data processed by Leadinfo does not leave the European legal jurisdiction. Data is encrypted during transmission and while on the server, making unauthorized access by US authorities unlikely or at least significantly more difficult. Leadinfo has signed a data processing agreement (in accordance with Article 28 of the GDPR) with Amazon Web Services EMEA SARL, which includes the latest version of standard contractual clauses.
How do we ensure that the data stays within the EU?
Leadinfo does not process any special categories of personal data (as defined in Art. 9 GDPR) or other sensitive data for its services.
The hosting provider is AWS EMEA SARL, based in Luxembourg, an EU-based company.
The server is located in Ireland, ensuring that the data processed by Leadinfo does not leave the European legal jurisdiction.
The data is encrypted during transmission and on the server, making unauthorized access by US authorities unlikely or at least significantly more difficult.
Leadinfo has concluded a data processing agreement (according to Art. 28 GDPR) with Amazon Web Services EMEA SARL, containing the standard contract clauses in their latest version.
Given the nature of the data and the protective measures taken, the remaining risk of impairing the rights of the affected parties through access by US intelligence services or other US authorities to stored data is very low.
We’re also premier when it comes to integration: with over 70 plug-and-play integrations available on our marketplace, Leadinfo effortlessly integrates into your workflow and software that you’re already using, without having to disclose any data to third parties.
Who can I contact for further questions?
If you have any questions, please call us or send an email to support@leadinfo.com.
Install Leadinfo today
And turn website visitors into customers.
- No credit card required
- GDPR-compliant
- Use without any cookies