Trust & Security at LEAD

At LEAD we are always working to keep your data safe. Hundreds of organizations entrust us with the their data because LEAD was built with a privacy-first philosophy:

☑️ Data Encrypted in Transit

☑️ Data Encrypted at Rest

☑️ Field-level encryption for sensitive data in Database

☑️ Fully encrypted backups taken every 24 hours

☑️ Quarterly review of threat models

☑️ GDPR Compliant

☑️ The EU-U.S. Data Privacy Framework Principles (DPF),  EU-U.S. Data Privacy Framework Principles (DPF), and the Swiss-U.S. DPF Certified (DPF is the successor to the former Privacy Shield.)

Within LEAD, we operate around a principle of least privilege in which we only collect data that is strictly necessary for us to offer our service. Because our service operates within Slack and Microsoft Teams, we use their APIs to which provide granularly scoped permission models to ensure we only have access to data that we require to offer our service.

 

Sub Processors 

Our vendor list 

 

Legal

Terms of Service

Privacy Policy.

DPA (Data Processing Agreement)

Standard Contractual Clauses

 

Commitment to EU General Data Protection Regulation (GDPR)

LEAD is compliant with the GDPR in how we handle customer data. See our updated Privacy Policy for an explanation of what data we collect and how we use it.

 

EU/US, UK/US, Swiss/US Privacy Framework Principles (DPF) Certified

LEAD is The EU-U.S. Data Privacy Framework Principles (DPF),  EU-U.S. Data Privacy Framework Principles (DPF), and the Swiss-U.S. DPF Certified, which governs the data privacy practices that we adhere to. (DPF is the successor to the former Privacy Shield.)

 

SOC 2 Compliance

LEAD is currently undergoing a SOC 2 process, and we are putting effort into our practices beyond just the SOC 2 audit.

 

Commitment to The California Consumer Privacy Act (CCPA)


Availability

LEAD is cloud hosted on AWS and spread across multiple availability zones so our services remain online, even during outages. LEAD experienced 100% Uptime in 2021 (as well as 2022, to date).

 

Vulnerability

Please see our Vulnerability Disclosure Program for instructions on how to bring vulnerabilities to our attention, and our security team will contact you shortly.