Privacy Policy

This policy describes how Leadiosa (the "service") handles personal data. It covers two groups of people: the operators who sign in to a Leadiosa workspace to handle conversations, and the visitors of those operators' websites who type into the chat widget.

Where this policy says "you" we mean both groups — where the difference matters, we say so explicitly.

Leadiosa is operated by ThemeREX. ThemeREX is the controller of operator account data and the processor of visitor conversation data on behalf of the workspace that operates the chat widget.

From operators (when you sign in to run a workspace):

• Email address, name, and a hashed password (we never store the password itself).
• Optional profile photo and display name.
• Workspace memberships and the role you hold in each.
• Authentication metadata: the IP address you signed in from, the user agent of your browser, the time of sign-in.
• Two-factor authentication seed if you choose to enable 2FA.
• Audit-log records: every operator action (sign-in, message sent, contact erasure, settings change) is recorded with timestamp, actor and target.

From visitors (people typing into the chat widget):

• Whatever name and email you choose to share when starting a conversation. Both are optional unless the workspace operator has marked them as required.
• The content of your messages and any files you attach.
• Technical metadata: IP address, user agent, the URL of the page you were on, your browser locale and timezone.
• A session identifier (random, stored as a cookie or in localStorage) so we can reconnect you to the same conversation on a later visit.

From AI features (only when the workspace operator has enabled the AI agent or AI analytics):

• The content of messages in the conversation is sent to whichever large language model provider the workspace operator has configured (OpenAI, OpenRouter, Anthropic, DeepSeek, or a key the operator brought themselves).
• For knowledge-base RAG: chunks of the workspace knowledge base are embedded by the chosen embedding provider (OpenAI, Jina, Voyage, or Cohere) and stored as vectors.
• For the weekly AI insights digest: a summary of the past week’s conversations is generated by the configured LLM and stored on the workspace.

From billing: billing is handled by Freemius. We receive the subscription state (active, trial, cancelled), the plan tier, and the workspace it belongs to. We do not see or store card details.

• To deliver the service: route messages, render the inbox, run the AI agent, generate digests, send transactional emails (password reset, invoice receipts, account notifications).
• To bill workspaces correctly through Freemius.
• To prevent abuse: rate-limit suspicious activity, block spam, investigate security incidents.
• To comply with legal obligations (tax records, lawful requests).
• To improve the product: aggregated, non-identifying usage metrics (which features are used, error rates, latency percentiles).

We do not sell personal data, and we do not use your data or your visitors' data to train AI models on our end. When the AI agent is enabled, conversation content is sent to the LLM provider you configured — each provider has its own training-on-API-data policy, which we link to in our subprocessors section below.

Where GDPR applies, we rely on the following bases:

• Performance of a contract — for operator accounts and the core service: routing messages, sending transactional email, billing, audit logging.
• Legitimate interest — for security monitoring, abuse prevention, aggregated product analytics, and direct communication about service changes.
• Consent — for any optional analytics or marketing communications, and for visitor data where the workspace operator's site asks for it.
• Legal obligation — for tax records, lawful requests, and breach notifications.

We use the following subprocessors. We notify customers at least 30 days before adding a new subprocessor.

When personal data leaves the European Economic Area (for example, when a workspace uses OpenAI or Anthropic for AI features), the transfer relies on Standard Contractual Clauses (SCCs) approved by the European Commission and any additional safeguards required by the applicable provider.

If you require an EU-only AI configuration (for example, Cohere in EU region) the workspace operator can pick that in workspace settings.

• Operator accounts: while the account is active. After deletion, residual data is removed within 30 days, except where the law requires longer retention (e.g. invoices for tax purposes — kept up to seven years).
• Conversations: while the workspace is active and within the retention window the workspace sets (default: indefinite). Workspace operators can change the retention period or erase specific contacts at any time.
• Audit log: 12 months.
• Backups: rolling 30 days.
• Billing records: up to seven years for tax and accounting compliance.

If GDPR applies to you, you can:

• Access — request a copy of the personal data we hold about you.
• Rectify — correct anything that's wrong. Operators can do this themselves in account settings.
• Erase — ask us to delete your data. Operators can delete contacts directly from the dashboard; the action is audit-logged and erasure cascades through messages, attachments, AI summaries, and embeddings.
• Port — receive your data in a structured, machine-readable format (JSON export).
• Restrict processing or object to processing based on legitimate interest.
• Withdraw consent at any time where consent was the legal basis.
• Complain to your local data protection authority. We'd rather you complained to us first so we can fix it, but the right exists.

To exercise any of these, email privacy@leadiosa.com. We respond within 30 days. If you're a visitor of a Leadiosa-using site, we may need to forward your request to that workspace operator (they are the controller of your conversation data).

We use a small, fixed set of cookies / local storage keys:

• Session and refresh tokens — strictly necessary, used to keep operators signed in.
• Locale preference — to remember whether you read English, Spanish, German, French, Italian, Portuguese, Russian or Ukrainian.
• Theme preference — light or dark mode for the operator dashboard.
• Widget session ID — to reconnect a visitor to the same conversation on a later visit (set on the operator’s site, not on ours).

We do not use third-party tracking cookies or advertising pixels.

Leadiosa is not directed at children under 16, and we do not knowingly collect personal data from anyone under that age. If you believe a child has provided us with data, please contact us and we will delete it.

For the technical and organisational measures we take to protect your data, see our Security overview.

We may update this policy as the product evolves. We will post the new version with an updated "last updated" date and — for material changes — notify operators by email at least 30 days before they take effect.

Privacy questions, data-subject requests, or anything in this document that needs to be clearer:

• Email: privacy@leadiosa.com
• Postal address: pending — will be added with the legal entity details.