Service Providers & Data Processing
Third-party services that help us deliver LeadCRM and how they handle your data.
Last updated: February 24, 2026
1. Introduction
This page describes the service providers used by the ActiveLead platform. ActiveLead is a product by LeadCRM. (the "Service"). Throughout this page, "LeadCRM", "we", "us", and "our" refer to the operator of the Service.
LeadCRM uses third-party service providers to deliver and improve the Service. This page identifies these providers, the data they process, and their role in providing the Service.
We carefully select service providers that we believe provide secure and reliable services. Each provider maintains their own security measures and data protection practices, which are governed by their respective privacy policies and terms of service. We encourage you to review each provider's policies to understand how they handle your data.
2. Our Service Providers
Stripe, Inc.
Purpose: Payment processing and subscription billing
Data Processed:
- Payment card information (encrypted and tokenized)
- Billing address and contact information
- Transaction history and invoices
- Customer ID and subscription status
Location: United States (with global operations)
Data Retention: Per Stripe's policies (see below)
Privacy Policy: https://stripe.com/privacy
Important: When you delete your LeadCRM account, we cancel your Stripe subscription, but Stripe retains customer and billing records per their data retention policies. This is standard practice for payment processors and is required for financial record-keeping, fraud prevention, and legal compliance. You can request deletion of your Stripe data by contacting Stripe directly. Review Stripe's privacy policy for details on their data retention and deletion procedures.
Firebase (Google Cloud Platform)
Purpose: Authentication, database, and hosting infrastructure
Services Used:
- Google Cloud Services / Firebase Authentication (user accounts and login)
- Google Cloud Services (database and data storage for leads and user data)
- Google Cloud Platform (application hosting and infrastructure)
Data Processed:
- User account information (email, display name)
- Authentication credentials (hashed passwords)
- All lead/job data and associated content
- Notes, history, and user preferences
- Application usage logs and error reports
Location: Multiple regions (typically US, EU, or as selected)
Data Retention: Until account deletion or as required by law
Privacy Policy: https://firebase.google.com/support/privacy
Google Cloud Platform maintains various security certifications and compliance standards. Their security and privacy practices are governed by their own policies and certifications, which you can review in their privacy policy and documentation. We rely on Google's industry-standard security infrastructure for data storage and processing.
Vercel, Inc.
Purpose: Application hosting, performance monitoring, and analytics
Data Processed:
- Application usage analytics and performance metrics
- Error logs and diagnostic information
- IP addresses and request metadata
Location: Global (edge network)
Data Retention: Per Vercel's retention policies
Privacy Policy: https://vercel.com/legal/privacy-policy
Google Analytics
Purpose: Website analytics and usage statistics
Data Processed:
- Page views and user interactions
- Browser and device information
- Referral sources and traffic patterns
- IP addresses (may be anonymized)
Location: United States
Data Retention: Per Google Analytics settings (typically 26 months)
Privacy Policy: https://policies.google.com/privacy
3. Data Processing Agreements
Our service providers maintain their own terms of service and privacy policies that govern how they process your data. Each provider is responsible for their own security measures, compliance certifications, and data protection practices as outlined in their respective policies.
We select providers that we believe offer secure and reliable services, but we do not independently verify or guarantee specific certifications or compliance standards. Each provider's security and compliance practices are governed by their own policies and may include various certifications and standards that they choose to maintain.
If you have questions about a specific provider's security measures, certifications, or data handling practices, we encourage you to review their privacy policy and terms of service (links provided above) or contact them directly.
4. Data Transfers
Some subprocessors may store or process data in countries outside your jurisdiction. We ensure that appropriate safeguards are in place, including:
- Standard contractual clauses approved by data protection authorities
- Subprocessor certifications and compliance with international standards
- Adequate security measures regardless of data location
For EU users: Transfers to the United States are covered by appropriate legal mechanisms to ensure adequate protection of your personal data.
5. Changes to Service Providers
We may add or replace service providers to improve the Service. If we add a new provider that processes your personal data, we will:
- Update this page with the new service provider's information
- Update the "Last updated" date
- Ensure the new provider meets our selection criteria for security and reliability
Material changes will be communicated to users via email or through an in-app notification, particularly for EU users where required by GDPR.
6. Your Rights
Under GDPR and other data protection laws, you have the right to:
- Know what service providers process your data (this page)
- Request information about data processing activities
- Object to processing in certain circumstances
- Request deletion of your data (see our Data Export & Delete page)
If you have concerns about how a subprocessor handles your data, you can:
- Contact us at info@activelead.app
- Contact the service provider directly (links provided above)
- File a complaint with your local data protection authority
7. Contact Us
If you have questions about our service providers or data processing, please contact us at info@activelead.app.