ZipLead
Sign up free

Privacy Policy

Your data, your
terms.

Last updated April 22, 2026·v2.0 · GDPR + CCPA compliant
01

Overview

This Privacy Policy describes how Ctrl+Alt+Design ("ZipLead," "we," "us," "our") collects, uses, and protects information when you use the ZipLead service at ziplead.ai. We're committed to transparency, minimizing data collection, and giving you control over your data.

02

Information we collect

Account information

  • Email address (provided during sign-up via Clerk)
  • Name (if provided)
  • Billing information (processed by Stripe — we never see card numbers)

Usage data

  • Search queries (ZIP codes, cities, categories you search for)
  • Pipeline activity (status changes, notes, prospects you save)
  • Feature usage and aggregated session analytics

Business data (third-party sources)

  • Publicly available business information aggregated from Google Places, Yelp, OpenStreetMap, and other public sources
  • Enrichment data from BuiltWith, ZeroBounce, Hunter.io, and similar providers
03

How we use your information

  • To provide, maintain, and improve the Service
  • To process payments and manage subscriptions
  • To send transactional emails (account, billing receipts, Dispatch bulletins you configure)
  • To respond to support requests
  • To detect, prevent, and address fraud, abuse, or security incidents
  • To comply with legal obligations

We do not sell your personal information. We do not use your data for advertising. We do not share your data with brokers.

04

Third-party services

We use the following processors that may handle limited data on our behalf:

  • Clerk — authentication and identity
  • Stripe — payments and subscriptions
  • Neon — encrypted PostgreSQL database
  • Vercel — application hosting and edge delivery
  • Cloudflare — DNS and CDN
  • Resend — transactional email delivery
  • Google Places, ZeroBounce, BuiltWith, Hunter.io — business data and enrichment

Each has its own privacy policy. We have data processing agreements where required.

05

Data retention

We retain your account data for as long as your account is active. Search results, prospects, and pipeline data are retained for the duration of your subscription. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (e.g. tax records). Aggregated and anonymized data may be retained indefinitely for product analytics.

06

Data security

We implement industry-standard safeguards: TLS encryption in transit, encrypted database connections, scoped API tokens, and authentication via Clerk with enforced session expiry. No method of internet transmission is 100% secure, but we take reasonable precautions and will notify affected users of any confirmed breach within 72 hours.

07

Your rights (GDPR + CCPA)

Depending on your jurisdiction (including the EU, UK, and California), you may have the right to:

  • Access the personal data we hold about you
  • Correct inaccurate or incomplete data
  • Delete your account and personal data
  • Export your data in a portable format (CSV export is available in-app)
  • Object to processing or restrict it
  • Opt out of non-essential communications
  • Withdraw consent at any time (without affecting prior lawful processing)

To exercise any right, email privacy@ziplead.ai. We respond within 30 days.

For California residents (CCPA):You have the right to know what personal information we collect, request deletion, and opt out of any "sale" or "sharing" — though we do neither. We will never discriminate against you for exercising your rights.

08

Cookies

We use strictly necessary cookies for authentication (via Clerk) and session management. We do not use advertising, retargeting, or third-party tracking cookies. Because we only use essential cookies, no consent banner is required under the ePrivacy Directive.

09

Children

The Service is not intended for users under 18. We do not knowingly collect data from children. If you believe a minor has provided us with personal information, please email privacy@ziplead.ai and we will promptly delete it.

10

International transfers

Our infrastructure (Vercel, Neon, Clerk, Stripe) processes data primarily in the United States. By using the Service from outside the U.S., you consent to your data being transferred and processed in the United States, which may have different data protection laws than your country. Where required, we rely on Standard Contractual Clauses for international transfers.

11

Changes to this policy

We may update this Privacy Policy from time to time. We will notify active users of material changes via email at least 30 daysbefore they take effect. The "Last updated" date at the top reflects the most recent revision.

12

Contact

Privacy questions or requests: privacy@ziplead.ai
General contact: support@ziplead.ai
Operated by Ctrl+Alt+Design, Costa Mesa, California, USA.

← Back to home