Privacy Policy

LeadRank is a service operated by Yago Mendoza ("we", "us"). For any questions regarding your personal data, contact us at [email protected].

Account data: name, email, and profile picture from your Google account.

Email content: subject, sender, and body of your Gmail messages. We access your inbox in read-only mode (gmail.readonly). We never send, modify, or delete emails.

Extracted data: contacts, real estate assets, demands, and opportunities that our system identifies in your emails.

Payment data: handled entirely by Stripe. We do not store credit card numbers or bank details.

Technical data: IP address, browser type, session cookies.

We use your data exclusively to:

• Read your emails and extract relevant professional information.
• Generate automatic matches between buyers and properties.
• Manage your subscription and billing.
• Improve the service (in aggregate, anonymized form).
• In the future, and always with your prior consent, facilitate cross-user business opportunities (e.g., connecting a buyer from one agent with a property from another). We never share your raw email content — only structured data (property type, location, price), and always with your explicit approval.

Contract performance: we process your emails to deliver the service you subscribed to.

Consent: by connecting your Gmail account via OAuth, you explicitly consent to read-only access.

Legal obligation: we retain billing data as required by Spanish tax law.

We do not sell your data. We share it only with the providers necessary to operate the service:

• Anthropic (Claude API): we process your email content with AI to extract entities. Anthropic does not use API data to train its models. Based in the U.S., certified under the EU-US Data Privacy Framework.
• Supabase: database and authentication. Hosted in the European Union.
• Stripe: payment processing. Based in the U.S., certified under the EU-US Data Privacy Framework.
• Vercel: web hosting. Based in the U.S., certified under the EU-US Data Privacy Framework.
• Google: OAuth authentication and Gmail API access. Certified under the EU-US Data Privacy Framework.
• Sentry: error monitoring. Based in the U.S., certified under the EU-US Data Privacy Framework.
• Other LeadRank users: if you enable the cross-matching feature (disabled by default), we will share structured data about your assets or demands with other users who have also enabled this feature. We never share your raw email content. You can disable this at any time.

Some of our providers are located in the United States. All transfers are carried out under the EU-US Data Privacy Framework (DPF) or, alternatively, Standard Contractual Clauses approved by the European Commission.

Email and entity data: as long as your account is active. Upon requesting deletion, data is erased within 30 days.

Billing data: 5 years, as required by Spanish tax law (Ley General Tributaria).

Technical logs: up to 12 months.

You may exercise the following rights at any time:

• Access: request a copy of all your data.
• Rectification: correct inaccurate data.
• Erasure: delete all your data ("right to be forgotten").
• Portability: receive your data in a downloadable format.
• Objection: object to the processing of your data.
• Restriction: restrict the use of your data.

To exercise any of these rights, email us at [email protected]. We will respond within 30 days.

If you believe we have not adequately addressed your request, you may file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

We use artificial intelligence to analyze your email content and extract relevant information (contacts, assets, opportunities). The system also generates automatic matches between buyers and properties.

These classifications are indicative and you can always correct them manually. We do not make binding decisions based solely on automated processing.

LeadRank's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In particular:

• We do not use Gmail data for advertising of any kind.
• We do not sell, transfer, or share data with third parties except as strictly necessary to provide the service (AI processing, as described in section 5).
• No human accesses the content of your emails. Processing is fully automated.
• We only access the gmail.readonly scope: reading emails. We never send, modify, or delete any email.

We use only essential session cookies required to keep you logged in. We do not use tracking, advertising, or analytics cookies.

LeadRank is not intended for users under 14 years of age. We do not knowingly collect data from minors.

We may update this policy from time to time. We will notify you of any significant changes by email or through a notice in the app. Continued use of the service after notification constitutes acceptance of the changes.