legal

Privacy Policy

Last updated: June 4, 2026

This policy explains how Roman Shostak LLC, the company that operates LeadFilter AI (“LeadFilter AI,” “we,” “us”), handles personal data across the LeadFilter AI website, dashboard, and screening API, why we process it, and the choices and rights you have.

01Scope & who we are

This policy applies to the LeadFilter AI website, the dashboard at app.leadfilter.zsetup.com, and the screening API at api.leadfilter.zsetup.com(together, the “Service”). It covers personal data of account holders and the data submitted to the Service for screening.

The operator of the Service is Roman Shostak LLC, Sharjah Media City (Shams), Sharjah, United Arab Emirates (commercial licence no. 2429518.01). For any privacy question you can reach us at privacy@leadfilter.zsetup.com.

02 Our role: controller vs processor

We handle personal data in two distinct roles:

  • As a controller — for the personal data of account holders (the people who sign up, log in, and pay), we decide why and how that data is processed.
  • As a processor— for the “lead content” you submit through the API, you are the controller and we process it only on your behalf and on your instructions, under our Data Processing Addendum (DPA).

For lead content, you are responsible for providing any privacy notices to, and having a lawful basis for, the individuals that content describes. Where those individuals wish to exercise rights over that data, we will refer them to you as the controller and assist you as required by the DPA.

03 Data we process

Account data (we are the controller)

  • Name and work email you provide at signup.
  • Authentication data (hashed credentials and session information).
  • Billing and subscription details for paid plans, handled through Stripe.
  • API keys you generate (we store only a non-reversible reference and a key prefix, never the full secret).

Usage data (we are the controller)

  • Records of lead checks: scores, verdicts, reasons, categories, and the request_id.
  • Operational logs, timestamps, and approximate request metadata.

Lead content (you are the controller; we are the processor)

The lead text and optional context you submit for screening — described in the next section.

04 Lead content you send

When you call the API, you send lead text and optional context (such as email, company, source, or country). This content may contain personal data about the individuals who contacted you. You are the controller of that data; LeadFilter processes it on your behalf to return a screening result.

We do not sell lead content, we do not use it to build persistent profiles of the individuals it describes beyond the per-request screening result, and we do not use it to train or improve our or any third party's machine-learning models. To produce a result, lead content is sent to our classification provider (Google) for that single request only.

For each analyzed request we always store the normalized screening result and request metadata — the request_id, any customer-provided external_id, a one-way hash of the input, and any optional context you send (email, company, source, country, and your metadata). The original raw lead text is stored only when raw-text storage is enabled in your account settings, which is on by default for new accounts, for the retention window you configure (initially 7 days). You can disable raw-text storage or change the window at any time, but the result and request metadata above are retained even when raw text is not.

05How we use data & lawful bases

As a controller, we process account and usage data for the purposes below. Under the GDPR and UK GDPR, our lawful bases are noted in parentheses.

  • To provide screening results and operate the dashboard and API (performance of our contract with you).
  • To secure, monitor, and debug the Service — the request_id ties a result to its logs (legitimate interests in keeping the Service safe and reliable).
  • To meter usage against your plan's allowance and to bill paid plans (performance of our contract and compliance with legal obligations such as tax and accounting).
  • To send service, security, and account notices (performance of our contract and legitimate interests).

Providing account, authentication, API-key, and billing data is necessary to create an account, sign in, use the API, and administer paid plans; if you do not provide it, we cannot make the Service available to you.

For lead content, the lawful basis is determined by you as the controller; we process it only under your instructions and the DPA.

06Automated screening & profiling

The Service uses automated, probabilistic models to produce a spam-likelihood score, a verdict, and a short reason from the lead content you submit. This is a form of automated processing and may involve profiling of the individuals described in that content.

In practical terms, the model analyzes the lead text and any context you provide for patterns associated with spam, vendor or SEO outreach, and low-quality, fake, or irrelevant submissions, and returns a score, verdict, reason, and categories. Customers typically use this to decide which inquiries to review first; LeadFilter itself takes no action on, and makes no final decision about, any individual.

  • LeadFilter returns a signal; it does not, by itself, make a decision about any individual, and it never deletes, rejects, or contacts a lead on your behalf. What happens to each result is decided by you in your own workflow.
  • Results are probabilistic and may be wrong. We design the Service to prefer a needs_review verdict when confidence is low.
  • You must not use the output as the sole basis for a decision that produces a legal or similarly significant effect on a person without meaningful human review. Where such decisions are made, the controller (you) must provide affected individuals the safeguards required by law, including human intervention and the ability to contest the decision.

07 Retention

  • Raw lead text: stored when raw-text storage is enabled in your account settings (on by default for new accounts), for the retention window you configure (initially 7 days). After that window the raw text becomes eligible for removal and is deleted when our retention cleanup runs; you can also delete the raw text for an individual check immediately from the dashboard.
  • Normalized results, request metadata, and usage records (scores, verdicts, reasons, categories, request_id, any customer-provided external_id, input hash, the optional context you sent such as email, company, source, country, and metadata, plus metering): retained so you can audit and review past checks, and as needed for billing, security, and legal purposes. Deleting raw lead text does not delete these.
  • Account, authentication, and billing data: retained for the life of the account and for the period afterward required by law (for example, tax and accounting records).

To request deletion or export of account-associated data beyond the dashboard controls, contact privacy@leadfilter.zsetup.com.

08Subprocessors & international transfers

We rely on a small set of vetted providers to operate the Service. Each is bound by a data processing agreement and may process data only to provide its service to us:

  • Google — Gemini classification (receives lead content per request) and Google Cloud hosting, database, logging, and secrets infrastructure.
  • Stripe — payment processing and subscription management (account and billing data).
  • Resend — transactional email such as password-reset messages (account email and message content).

These providers may process data in the United States and other countries. Where personal data is transferred outside the EEA or the UK, we rely on appropriate safeguards such as the European Commission's Standard Contractual Clauses (and the UK Addendum), together with additional measures where needed. We will give notice of new subprocessors as described in the DPA so you can object.

09 Security

  • Data is encrypted in transit. API keys are transmitted only in the x-api-key header (or as a bearer token), never in URLs.
  • Key secrets are shown once at creation and stored only as non-reversible references.
  • Access to production data is restricted and logged.
  • No method of transmission or storage is completely secure; we work to protect your data but cannot guarantee absolute security.

10 Your rights

Depending on your jurisdiction, you may have rights to access, correct, export, delete, or restrict personal data, and to object to certain processing. You can manage much of your account directly from the dashboard — update account and screening settings, create or revoke API keys, delete the stored raw text for a check, and cancel your subscription.

For requests that the dashboard does not cover — including full account deletion or a complete data export — contact privacy@leadfilter.zsetup.comand we will action your request and verify your identity as required by law. For lead content, where you are the controller, we will refer the individual's request to you and assist you under the DPA.

11 California privacy rights

If you are a California resident, the CCPA/CPRA gives you rights to know the categories and specific pieces of personal information we collect, the sources and business purposes, and the categories of recipients; to request deletion or correction; and to be free from discrimination for exercising these rights.

  • As a business, we collect identifiers (name, email), commercial information (subscription and billing records), and internet/usage activity, from you and from your use of the Service, for the business purposes described above.
  • For lead content submitted through the API, customers may include identifiers, professional or commercial information, internet or usage context, inferences, and potentially sensitive information about third parties. For that content, LeadFilter acts as a service provider/processoron the submitting customer's behalf and uses it only to return a screening result.
  • We disclose personal information to our service providers — Google, Stripe, and Resend — only as needed for the business purposes described in this policy, under contracts that restrict their use of it.
  • We do not “sell” or “share” personal information as those terms are defined under the CCPA/CPRA, and we do not use sensitive personal information for purposes that require a right to limit.
  • To exercise your rights, contact privacy@leadfilter.zsetup.com. You may use an authorized agent, and we will verify requests before responding.

12 Cookies

We use only strictly necessary cookies. The dashboard sets a single authentication session cookie (leadfilter.session_token), which is HttpOnly and, in production, Secure. We do not use advertising, analytics, or third-party tracking cookies, pixels, or session-replay tools, so no cookie-consent banner is required to use the Service.

13Contact & complaints

Questions about this policy or our data practices can be sent to privacy@leadfilter.zsetup.com, or by mail to Roman Shostak LLC, Sharjah Media City (Shams), Sharjah, United Arab Emirates (commercial licence no. 2429518.01).

LeadFilter AI is operated from the United Arab Emirates and is not specifically directed at individuals in the European Union or United Kingdom. If you are in the EEA or UK and believe your personal data has not been handled lawfully, contact us at privacy@leadfilter.zsetup.com; you also retain the right to lodge a complaint with your local data protection supervisory authority. If our processing later becomes subject to the EU or UK GDPR in a way that requires a local representative, we will appoint one and update this policy.