Hi,\u000a\u000aCan you please explain a bit more about your GDPR compliance and data security?\u000a\u000aYou advertised this tool with Quote: \u000a\u000a“You have to make sure you’re compliant with regulations like CAN\u002DSPAM and GDPR to avoid hefty fines.\u000a\u000aWhat If You Didn’t Have To Stress Out About Any Of This? What If There Was A Simple Software… “\u000a\u000a\u000aI’ve read the boilerplate privacy policy on your website https://leadpal.net/privacy\u002Dpolicy/ and I do not see how my company would be GDPR compliant when using this tool.\u000a\u000aJust claiming that Leadpal or this tool is GDPR compliant does not make Leadpal or me as a client GDPR compliant.\u000a\u000aI see 3 potential issues:\u000a\u000a\u000a1.) Who is Leadpal? LLC registered? Registration number? Business address? \u000a\u000aOn your website it states “Made with ❤️ love in Atlanta” .\u000a\u002DThat’s just not good enough if my company gets sued or issued a fine.\u000a\u000a\u000a2) My dashboard is hosted on Leadpals controlled servers, without any mention of encryption, security measures taken , server company used etc. \u002D In the ideal scenario my instance would be encrypted and I am the only one having the key.\u000a\u000a\u000a3) If I use your pre\u002Dmade “apps” as you call them… Basically Leadpals pre\u002Dauthorised e.g. “continue with Google” or “Continue with “whatever brand of social media” … those log\u002Din “apps or (scripts) ” have been Api connected / authorised by those social media companies/services to Leadpals . \u000a\u000aThat means if I use the Leadpals code snippets to receive my website visitor data /leads \u002D then my customers/visitors personal data points are automatically in Leadpals’s database. \u002DRight? \u000a\u000aSo, I would have to tell my European customers that their personal data is stored and handled by “ Leadpol Made with ❤️ love in Atlanta” ?\u000a\u000a\u000a\u002D As you have explained here to some other user in the question section,to avoid this I would have to “ built my own apps/scripts” with my custom domain/s.\u000a\u000aHowever, even if I were to “build my own app/ scripts” to\u002Dbe used with your software/dashboard and my company’s domain/s get individually authorized for Api access and “Log\u002Din with X” from the respective social media companies \u002D we are still back to issue point 1 and 2 :\u000a\u000a1. I don’t know who Leadpal is.\u000a2. Leadpal has full access to all my customers details because the dashboard/ software is controlled by Leadpal and Leadpal does not mention any security measures, encryptions etc…\u000a\u000a\u000a\u000aDon’t get me wrong, the software looks great! \u000a\u000aHowever, under GDPR my company is required by law to know how my vendors operate including their security framework and how they manage data. \u000a\u000aWithout that knowledge, I don’t know the risk my vendor/s present and therefore by using this tool my company would NOT be GDPR compliant and my company would be liable in the case of misuse and/or inappropriate handling and processing of data.

Question

Hi,\u000a\u000aCan you please explain a bit more about your GDPR compliance and data security?\u000a\u000aYou advertised this tool with Quote: \u000a\u000a“You have to make sure you’re compliant with regulations like CAN\u002DSPAM and GDPR to avoid hefty fines.\u000a\u000aWhat If You Didn’t Have To Stress Out About Any Of This? What If There Was A Simple Software… “\u000a\u000a\u000aI’ve read the boilerplate privacy policy on your website  https://leadpal.net/privacy\u002Dpolicy/  and I do not see how my company would be GDPR compliant when using this tool.\u000a\u000aJust claiming that Leadpal or this tool is GDPR compliant does not make Leadpal or me as a client GDPR compliant.\u000a\u000aI see  3 potential issues:\u000a\u000a\u000a1.) Who is Leadpal?  LLC registered? Registration number? Business address? \u000a\u000aOn your website it states “Made with  ❤️ love in Atlanta”  .\u000a\u002DThat’s just not good enough if my company gets sued or issued a fine.\u000a\u000a\u000a2) My dashboard is hosted on Leadpals controlled servers, without any mention of encryption, security measures taken , server company used etc. \u002D In the ideal scenario my instance would be encrypted and I am the only one having the key.\u000a\u000a\u000a3) If I use your pre\u002Dmade “apps” as you call them… Basically Leadpals pre\u002Dauthorised e.g. “continue with Google” or “Continue with  “whatever brand of social media”  … those  log\u002Din “apps or (scripts) ” have been Api connected / authorised by those social media companies/services to Leadpals . \u000a\u000aThat means if I use the Leadpals code snippets to receive my website visitor data /leads \u002D then my customers/visitors personal data points are automatically in Leadpals’s database. \u002DRight? \u000a\u000aSo, I would have to tell my European customers that their personal data is stored and handled by “ Leadpol Made with ❤️ love in Atlanta” ?\u000a\u000a\u000a\u002D As you have explained here to some other user in the question section,to avoid this I would have to “ built my own apps/scripts”  with my custom domain/s.\u000a\u000aHowever, even if I were to “build my own app/ scripts”  to\u002Dbe used with your software/dashboard and my company’s domain/s get individually authorized for Api access and “Log\u002Din with X”  from the respective social media companies \u002D we are still back to issue point 1 and 2 :\u000a\u000a1. I don’t know who Leadpal is.\u000a2. Leadpal has full access to all my customers details because the dashboard/ software is controlled  by Leadpal and Leadpal  does not mention any security measures, encryptions etc…\u000a\u000a\u000a\u000aDon’t get me wrong, the software looks great! \u000a\u000aHowever, under GDPR my company is required by law to know how my vendors operate including their security framework and how they manage data. \u000a\u000aWithout that knowledge, I don’t know the risk my vendor/s present and therefore by using this tool my company would NOT be GDPR compliant and my company would be liable in the case of misuse and/or inappropriate handling and processing of data.

Jack.S · Answer

🤔

LeadPal

Share LeadPal

Related questions