As a European company, Leadfeeder is keenly aware of the fact that there will be serious implications that the EU General Data Protection Regulation has for businesses.
We appreciate the privacy needs of Leadfeeder  users as well as their customers and, as such, have implemented — and will continue to improve — technical and organisational measures in line with the GDPR to safeguard the personal data processed by Leadfeeder.

Below you will find answers to the most asked questions. In case you need more in-depth insights, contact us on privacy@leadfeeder.com

General

Where are Leadfeeder’s servers located and what are the legal grounds for international transfers
Amazon Web Services, USA and Ireland.
EU-US Privacy Shield, Standard Contractual Clauses.

Does Leadfeeder serve as a data controller or processor?
For most data Leadfeeder serves as a processor. This includes data from your Google Analytics, CRM, email marketing integrations and data you input into Leadfeeder. For data we provide, we serve as a controller.

Do you have any Subprocessors?
Yes. Amazon Web Services, USA and Ireland.

Backups

Does Leadfeeder back up our data?
Data is backed up hourly, daily and weekly. 

Has the backup and restoration process been tested?
Yes, routinely. 

How long are backups for customer data retained?
Seven days. 

Where are the backups stored?
Amazon Web Services in United States, Germany and Ireland.

Are backups encrypted?
Yes

Logging

Is Leadfeeder managing its own logs?
Yes.

How long do you keep log files?
Our logs get regularly backed up to an S3 bucket. The log backups expire after 180 days. 

Where are the logs stored?
Amazon Web Services, USA or Ireland.

How is processing of personal data logged?
Our system stored detailed logs on access and processing of data, including personal data. Who, whose data, action taken and timestamps are logged.

Information security

Do you encrypt personal data stored in Leadfeeder?
Yes. Data is encrypted both at rest and at transit. 

Leadfeeder security practices

Staff

Do you conduct training for staff on data protection matters?
Yes, all our staff goes through internal data protection training.

Do you have an internal privacy policy?
Yes.

Are Leadfeeder staff members required to sign a confidentiality agreement?
Yes, at initial employment.

Do you have staff member with formal training on data protection?
Yes, we have CIPP/E and CIPM trained and certified employees.

Google Analytics

Does Leadfeeder get the IP address of my website visitor?
No, instead we get the name of the owner of the IP address and reverse domain of the IP address from Google Analytics. More about this here.


Related:

Did this answer your question?