BDLeads - Privacy Policy

1. Information We Collect and Process

1.1 Personal Information (Stored in Secure Cloud Infrastructure):

Account Credentials: Email address, encrypted authentication tokens, and secure password hashes
Profile Information: Name, optional company/organization details, and user preferences
Subscription Data: Current plan status, billing history, and payment processing information (handled by Apple App Store)
Support Communications: Customer service inquiries, technical support requests, and related correspondence

1.2 Application Data (User-Controlled Local Storage):

Configuration Settings: User preferences, application settings, and customization options
Usage Patterns: Import/export activity history and feature utilization preferences
Performance Metrics: Application response times and system performance indicators

1.3 Technical Information (Anonymous Analytics Only):

Usage Analytics: Aggregated, anonymized application usage statistics and performance metrics
Quota Monitoring: Message sending limits and usage tracking (numerical data only, no content access)
Diagnostic Data: Crash reports, error logs, and system diagnostic information for application improvement
Device Information: iOS version, device model, and application version for compatibility purposes

1.4 Information We Explicitly DO NOT Collect or Access:

Contact Data: We do not access, read, or store your personal contacts or lead information
Message Content: We do not read, analyze, or store the content of your messages or communications
Communication Activity: We do not track your messaging patterns, recipients, or communication habits
Location Data: We do not collect, store, or process any location or geolocation information
Third-Party Data: We do not collect information from social media or other third-party services
Biometric Data: We do not collect fingerprints, facial recognition data, or other biometric information

2. Legal Basis and Purposes for Data Processing

2.1 Service Provision and Account Management (Contractual Necessity):

Authentication Services: Secure user authentication, session management, and account access control
Subscription Management: Processing subscription payments, managing billing cycles, and handling plan changes through Apple App Store
Customer Support: Responding to user inquiries, providing technical assistance, and resolving service issues
Security and Fraud Prevention: Protecting user accounts, detecting unauthorized access, and preventing fraudulent activities

2.2 Application Functionality and Performance (Legitimate Interests):

Usage Quota Management: Monitoring and enforcing subscription-based usage limits and messaging quotas
Feature Access Control: Managing feature availability based on subscription tier and user preferences
Performance Optimization: Analyzing application performance metrics to improve user experience and system reliability
Technical Improvements: Implementing bug fixes, security updates, and feature enhancements based on usage data

2.3 Legal Compliance and Protection (Legal Obligation):

Regulatory Compliance: Meeting legal requirements under applicable privacy laws, telecommunications regulations, and consumer protection statutes
Law Enforcement Cooperation: Responding to valid legal process, court orders, and lawful government requests
Abuse Prevention: Detecting and preventing violations of terms of service, illegal activities, and misuse of the application
Legal Proceedings: Preserving evidence and maintaining records for potential legal disputes or regulatory investigations

2.4 Business Operations and Communications (Legitimate Interests):

Service Notifications: Sending important updates regarding service changes, security alerts, and policy modifications
Technical Communications: Providing system maintenance notifications, update announcements, and service status updates

3. Data Storage and Security

Local Storage (Your Device):

All contact and lead data stored locally only
Protected by iOS security features and device encryption
Never transmitted to our servers
You maintain complete control and ownership

Cloud Storage (Our Secure Servers):

Only account and subscription data
Industry-standard encryption (TLS 1.3, AES-256)
SOC 2 compliant hosting infrastructure
Regular security audits and vulnerability assessments
Multi-factor authentication support
Secure password storage (bcrypt hashing)

Security Measures:

End-to-end encryption for data transmission
Regular security updates and patches
Intrusion detection and monitoring systems
Access controls and audit logging

4. Data Sharing and Third Parties

                We Do NOT Sell Your Data:
                Never sell, rent, or trade personal information
Never share contact data with advertisers
Never use your data for marketing to others
Your privacy is not monetized

            

Limited Service Providers:

Apple App Store (payment processing only)
Firebase/Google Cloud (secure account storage only)
All providers bound by strict data processing agreements

Legal Disclosure Only:

Law enforcement with valid legal process
Court orders, subpoenas, and search warrants
Prevention of illegal activity or imminent harm
Protection of our legal rights and user safety

5. Your Rights and Control

Data Access and Portability:

Export your data at any time

Data Deletion:

Delete your account and all cloud data
Remove local data by deleting the app
Right to be forgotten (where legally applicable)

6. Legal Compliance and User Responsibility

Your Privacy Obligations:

You are responsible for compliance with privacy laws
Must obtain proper consent before collecting data
Must honor privacy rights of your contacts
Must comply with GDPR, CCPA, PIPEDA, etc.

Data Protection:

We provide tools, you ensure legal compliance
Regular backups recommended
Secure device practices encouraged
Report security concerns immediately

Law Enforcement Cooperation:

Required to cooperate with valid legal requests
May preserve data for legal proceedings
User notification may not always be possible

7. International Data Transfers

Data Location:

Account data stored in secure US data centers
Subject to US privacy and data protection laws
Appropriate safeguards for international users

8. Age Restrictions

8.1 Age Restrictions and COPPA Compliance:

BD Lead Manager is not intended for use by individuals under the age of 18. Our application is designed exclusively for Personal and business professionals and commercial use cases that require legal capacity to enter into binding agreements.

9. Contact Information and Data Subject Rights

9.1 Data Protection Officer and Privacy Inquiries:

Primary Contact: bd-leads@thenobsspace.com

Subject Line Format: Please use "PRIVACY REQUEST - [Type]" for faster processing

9.2 Data Subject Rights (GDPR, CCPA, PIPEDA Compliance):

Right of Access: Request a copy of your personal data we process
Right to Rectification: Request correction of inaccurate or incomplete personal data
Right to Erasure: Request deletion of your personal data ("right to be forgotten")
Right to Data Portability: Request export of your data in a machine-readable format
Right to Object: Object to processing based on legitimate interests
Right to Restriction: Request limitation of processing under specific circumstances
Right to Withdraw Consent: Withdraw consent where processing is based on consent

9.3 Request Processing and Timelines:

Initial Response: We acknowledge all privacy requests within 72 hours
Full Response: Complete responses provided within 30 days (may be extended to 60 days for complex requests)
Identity Verification: We may require identity verification to protect against fraudulent requests
No Cost: Most requests are processed free of charge; excessive or repetitive requests may incur reasonable administrative fees

9.4 Policy Updates and Notification:

Change Notification: Material changes to this policy will be communicated via email and in-app notifications 30 days before taking effect.

Continued Use: Continued use of the application after policy updates constitutes acceptance of the revised terms.

Version Control: Previous versions of this policy are maintained for reference and legal compliance purposes.

BDLEADS PRIVACY POLICY