← Back to LeadLoop
Security at LeadLoopApp
Effective date: September 2025
Our commitment
LeadLoopApp is built for service businesses. We protect caller data, booking details, and your business rules with modern security practices and simple, transparent controls.
Encryption
- In transit: All traffic uses TLS 1.2+
- At rest: Data is stored using encryption at rest from our hosting provider
Access control
- Production access is limited to authorized personnel using MFA
- Least-privilege permissions; access is logged and reviewed
- Secrets are stored securely and rotated
Data we handle
- Caller metadata (name, phone), appointment needs, and booking details you choose to capture
- Optional call transcripts/recordings (only if you enable them)
- Your booking rules (services, durations, cut-offs, blackout dates)
Retention & deletion
- Operational data is kept only as long as needed to run the service and meet legal requirements
- You may request deletion at any time: admin@leadloopapp.com
- Backups are lifecycle-managed and purged on a rolling schedule
Regional hosting & PIPEDA
We support regional hosting options and practices aligned with Canadian privacy expectations (e.g., PIPEDA). Ask us if you need region-specific data location.
Sub-processors
When necessary, we use reputable infrastructure and communications providers (e.g., cloud hosting; calendar/email/SMS providers you connect). We share only the minimum data required to operate the service and require appropriate security commitments from each provider.
Secure development
- Peer code review and dependency monitoring
- Regular patching of runtime and libraries
Incident response
- We monitor for anomalies and investigate promptly
- If a security incident affects your data, we will notify you without undue delay and provide next steps
Responsible disclosure
If you believe you've found a security issue, email security@leadloopapp.com with steps to reproduce. We'll acknowledge receipt and keep you updated.
Contact
Questions: admin@leadloopapp.com