Trust & Security at LEAD

At LEAD we are always working to keep your data safe. Hundreds of organizations entrust us with the their data because LEAD was built with a privacy-first philosophy:

☑️ Data Encrypted in Transit

☑️ Data Encrypted at Rest

☑️ Field-level encryption for sensitive data in Database

☑️ Fully encrypted backups taken every 24 hours

☑️ Quarterly review of threat models

☑️ GDPR Compliant

☑️ Privacy Shield Certified

Within LEAD, we operate around a principle of least privilege in which we only collect data that is strictly necessary for us to offer our service. Because our service operates within Slack and Microsoft Teams, we use their APIs to which provide granularly scoped permission models to ensure we only have access to data that we require to offer our service. 

 

Sub Processors 

Our vendor list 

 

Legal

Terms of Service

Privacy Policy.

DPA (Data Processing Agreement)

Standard Contractual Clauses

 

Commitment to EU General Data Protection Regulation (GDPR)

LEAD is compliant with the GDPR in how we handle customer data. See our updated Privacy Policy for an explanation of what data we collect and how we use it.

EU/US Privacy Shield Certified

LEAD is EU/US Privacy shield certified, which governs the data privacy practices that we adhere to.

SOC 2 Compliance

While LEAD is not yet SOC 2 complaint, we are working towards our SOC 2 audit.

 

Availability

LEAD is cloud hosted on AWS and spread across multiple availability zones so our services remain online, even during outages. LEAD experienced 100% Uptime in 2021 (as well as 2022, to date).

 

Vulnerability

Please see our Vulnerability Disclosure Program for instructions on how to bring vulnerabilities to our attention, and our security team will contact you shortly.