Data Privacy and Data Processing Agreement
Last updated September 21, 2018
This data privacy and data processing agreement sets out how Leadbook uses and protects any information that you give Leadbook when you use this website and the associated platforms.
At Leadbook, we take the protection of your privacy very seriously. Toward that end, we adhere uncompromisingly at all times to applicable data regulations vis-à-vis collection, usage, and sharing. By extension, we take utmost care in ensuring that all requisite precautions are implemented with a view to mitigate, within reasonable limits, any potential misuse of your data so defined by Singapore’s Personal Data Protection Act (PDPA). You understand by accepting this privacy agreement that any unauthorized disclosure of your information resulting from the use of our services is all but a matter of contingency, for which we shall bear no legal liability whatsoever.
Information We Collect And How We Share
Barring deliberate acts of hacking and/or all manner of interference beyond our control, the type of business contact data we process is exhaustively circumscribed within the purview of Data Protection laws. Since no individual’s name, job position, business telephone number, business address, business electronic mail address or business fax number count among data “provided by the individual solely for personal use”, Leadbook takes the tenor of PDPA, as it were, and its intended scope of protection as a point of departure in sharing the data we collect.
Should you require Leadbook’s campaign services from time to time, this is done in one of two ways: (1) you can upload a list of contact information you would have already unlocked using your credits, along with a set of instructions; or (2) we can generate a list on your behalf based on certain criteria of your delineation.
Information Gleaned From Other Sources
For the sake of data cleansing, we utilize web and other third-party sources (such as LinkedIn, CrunchBase etc.) to corroborate the veracity of our database. The manner and extent of disclosure in these circumstances are likewise subject to the governance of all relevant laws pertaining to the use of such information.
With respect to Leadbook’s Data Exchange program, our commitment to transparency is paramount. It is in the spirit of clarity that we endeavor to lay bare the purpose of the exchange; to wit, to build a reliably comprehensive database in furtherance of our subscribers’ sales performance. This we endeavor to bring about by exchanging Leadbook credits for the contact information stored in your Google Mail account and Google Contacts including email signatures, phone numbers, company names and addresses, contact list information. With these credits, you are able to make use of the array of services we provide (subject to the prevailing rate of exchange at any given time). In order to do so, you will need to create a Leadbook account before visiting the Data Exchange Landing page. The way we obtain contact information here hews equally to all applicable laws governing our data usage.
How Leadbook assists you to comply to regulations
1. Leadbook provides a feature to manage your “Suppression List”
A suppression list is a list of suppressed e-mail addresses used by e-mail senders to comply with the CAN-SPAM Act of 2003 (United States of America) and GDPR (Regulation (EU) 2016/679).
The feature on the Leadbook platform allows you to add contacts to the Suppression List so they are excluded from future email marketing campaigns.
2. Leadbook provides Consent Forms to help you obtain consent from data subjects
The safest option you have to continue using emails for lead generation from European Union citizens is to use a “Consent Form”. Leadbook provides a Consent Form template to be used with potential customers in the European Union before you send any commercial or marketing material.
3. Campaigns run by Leadbook automatically include an “Unsubscribe” (opt-out) form
The unsubscribed email addresses are placed into a ” unsubscribe suppression list” which is used to “suppress” future email messages to that email address. By using our opt-out form, we will help you track people that have requested an opt-out from any sales/marketing emails that have been sent by you.
4. Leadbook complies with Data Subject Rights.
Individuals can obtain information on whether their personal data is being processed, where it is stored and for what purposes. They can also ask for a copy of their personal data, free of charge.
Recipients will receive their personal data in a ‘commonly used and machine-readable format’. Recipients have the “right to be forgotten”. This means they can ask, at any point in time, to have their personal data erased and block further data processing.
5. Data Processing Agreement
We want all of our customers to rest easy in knowing that we process any Personal Identifiable Information in a responsible manner. When you use Leadbook to search, organize, and store lead information, we act as your data processor. When you become a user of the Leadbook Platform you will need to execute the Data Privacy and Data Processing Agreement with us.
Leadbook Data Processing Agreement
A cookie is a small file which asks permission to be placed on your computer’s hard drive. Once you agree, the file is added and the cookie helps analyze web traffic or lets you know when you visit a particular site. Cookies allow web applications to respond to you as an individual. The web application can tailor its operations to your needs, likes and dislikes by gathering and remembering information about your preferences.
We use traffic log cookies to identify which pages are being used. This helps us analyze data about web page traffic and improve our website in order to tailor it to customer needs. We only use this information for statistical analysis purposes and then the data is removed from the system.
Overall, cookies help us provide you with a better website, by enabling us to monitor which pages you find useful and which you do not. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share
You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
2. Links to other websites
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online.
4. Controlling your personal information
You may choose to restrict the collection or use of your personal information in the following ways:
- whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
- if you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at:
We will sell, distribute or lease your personal information to third parties unless we do not have your permission or are required by law not to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen.
If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.We will sell, distribute or lease your personal information to third parties unless we do not have your permission or are required by law not to do so. We may use your personal information to send you promotional information about third parties which we think you may find interesting if you tell us that you wish this to happen. If you believe that any information we are holding on you is incorrect or incomplete, please write to or email us as soon as possible, at the above address. We will promptly correct any information found to be incorrect.
Regarding GDPR for countries in the European Union
The General Data Protection Regulation (GDPR), is a data privacy regulation in the European Union (EU). The GDPR provides standards across the EU to bolster and protect the privacy right of EU citizens. The GDPR applies to you if your company is located within the EU, if you are doing business in the EU, or if you are collecting personally identifiable information (“PII”) from EU citizens in the EU and abroad.
The GDPR only changes the game for EU residents. This means for people residing in the Union, regardless of where their company’s based at. You can still contact the rest of the world following current regulations. Keep your lists targeted and make sure to apply certain tactics for people inside the EU.
Under GDPR All Contact Emails are Considered Personal Identifiable Information. Be aware that it doesn’t matter if it is a personal or work email. In principle, if an email contains certain information about a person (name, surname, initials) is already enough for the email to be considered data protected by the GDPR.
Non-personal emails are outside of the GDPR’s reach. Emails like email@example.com or firstname.lastname@example.org are not associated with any
identifiable information, so cold emailing without a consent to these accounts should be fair game.
The GDPR lists 6 lawful grounds for processing personal data:
- Consent from the person
- A contract with the person
- Compliance with a legal obligation
- Protection of vital interests (on life or death situation)
- A public tasks (by public authorities)
- Legitimate interests (when a private sector organization has a genuine or legitimate interests such as commercial benefit to process without consent, provided that it does not outweigh the interests of the data subjects)
Per Recital 47 of the GDPR, the processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest. However, you do need to consider if your marketing purposes could be outweighed by the interests and rights of the data subjects.
If you obtain data not directly from the data subject (such as in the case of you using Leadbook to search for lead information), you need to provide notice to the data subjects that you have their data in the first communication, and allow them to opt-out easily. The notice needs to provide information that includes:
- who you are
- what are you using the data for,
- where the data originates from, and
- giving the person the right to correct, erase, or withdraw their consent.
The data subject consent has to be obtained prior to sending them marketing material and the consent has to be active. A box that the lead has to tick is or a reply to a clear question on your first email is sufficient consent given that you clearly indicated the purpose behind emailing them.
You can provide the notice the first time you are contacting the person (but no later than one month after you obtain the data).
If the data subject exercises their rights to opt-out and have their data corrected, or deleted, you are obligated to respect the rights of the data subjects.