Privacy Policy

We take your privacy seriously. This policy explains what data we collect, why, and how we protect it.

Last updated: April 17, 2026

Summary

Quick facts:
  • We collect only what we need to run the Service
  • We do not sell your data — ever
  • We do not train public AI models on your negotiations or contacts
  • You can delete your account and data at any time
  • We use industry-standard encryption and security practices

For the full details, read below or contact us at privacy@leverge.ai.

1. Data We Collect

1.1 Account Information

When you sign up, we collect:

  • Email address (required)
  • Password (hashed with bcrypt; we never store plaintext)
  • Name, company, role (optional, captured during onboarding)
  • Country, timezone, preferred currency (auto-detected, user-editable)

1.2 Email Account Access (OAuth)

When you connect Gmail, Outlook, or another email provider, we receive:

  • OAuth access and refresh tokens (encrypted at rest)
  • Your email address from the provider
  • Permission to send emails from your account
  • Permission to read replies to negotiations you initiated through Leverge
Important: We only read emails related to negotiations you've initiated through Leverge. We do not scan your full inbox, access unrelated emails, or read messages outside your negotiation threads.

1.3 Content You Create

  • Campaign details, objectives, and budget ranges
  • Contact information for publishers you want to reach
  • Negotiation messages sent and received
  • Research requests and results

1.4 Usage and Technical Data

  • IP address, browser type, device information
  • Pages visited, features used, time spent in the app
  • Error logs and performance metrics

1.5 Payment Information

We use Stripe to process payments. We do not store your credit card details on our servers. We retain only a subscription ID and last-4 digits for reference.

2. How We Use Your Data

We use your data to:

PurposeData UsedLegal Basis (GDPR)
Provide the ServiceAccount, email OAuth, contentContract performance
Send negotiation emailsEmail OAuth, contact infoContract performance
Generate AI research & draftsCampaign details, objectivesContract performance
Process paymentsBilling info, subscriptionContract performance
Security & fraud preventionIP, login logs, usage patternsLegitimate interests
Improve the ServiceAnonymized usage analyticsLegitimate interests
Send product updatesEmail addressLegitimate interests (opt-out available)

3. AI Processing

Leverge uses AI models (including Claude by Anthropic) to power research, email drafting, and negotiation:

  • What we send to AI: Your campaign objectives, publisher context, and negotiation history for the current thread
  • What we do NOT send: Your full contact list, unrelated campaigns, or other users' data
  • AI training: We do not permit our AI providers to train their public models on your data
  • Data retention at AI providers: Typically 30 days for abuse monitoring. We maintain zero-data-retention agreements where possible

4. How We Share Data

We do not sell your personal data. We share data only with trusted service providers:

ProviderPurpose
Anthropic (Claude)AI processing
Google Cloud / VercelHosting, databases
StripePayment processing
ResendTransactional emails
PostHog / SentryAnalytics, error tracking

All providers are bound by data processing agreements. We may also disclose data if required by law.

5. Data Retention

  • Account data: Retained while your account is active
  • Negotiation content: Retained indefinitely unless you delete it
  • Email OAuth tokens: Deleted within 30 days of disconnection
  • Payment records: Retained for 7 years (tax/legal requirements)
  • Security logs: Retained 12 months
  • Deleted account data: Removed within 30 days, except where retention is legally required

6. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access & Portability: Receive a copy of your data in a machine-readable JSON format. Self-serve via Settings → Account → Download my data, or email privacy@leverge.ai.
  • Correction: Update or correct inaccurate data
  • Deletion: Request deletion (“right to be forgotten”). Self-serve via Settings → Account → Delete account; hard deletion follows the 30-day recovery window.
  • Objection: Object to certain processing
  • Withdrawal of consent: Revoke consent you previously gave

To exercise any of these rights, email privacy@leverge.ai. We will respond within 30 days.

California Residents (CCPA)

You have the right to know what personal information is collected and the right to opt out of data sales. We do not sell personal information.

EU/EEA Residents (GDPR)

For GDPR-related inquiries, contact dpo@leverge.ai.

India Residents (DPDP Act)

You have rights under the Digital Personal Data Protection Act, 2023. Contact privacy@leverge.ai.

7. International Data Transfers

We use service providers in multiple countries (primarily USA and EU). When we transfer data internationally, we use Standard Contractual Clauses, Data Processing Agreements, and encryption in transit (TLS 1.3) and at rest (AES-256).

8. Cookies and Tracking

We use minimal cookies:

  • Essential cookies: Session management, authentication (required)
  • Analytics cookies: Anonymous usage analytics (optional, controllable)

We do not use third-party advertising cookies or cross-site tracking.

9. Children

Leverge is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided us data, contact privacy@leverge.ai.

10. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be notified via email or in-app notice at least 30 days before taking effect.

11. Contact

For privacy questions, data requests, or concerns:

Data Protection Inquiries
Email: privacy@leverge.ai
DPO: dpo@leverge.ai