Privacy Policy
Effective date: 1 March 2026 · PDPA compliant · Singapore
1. Overview
LeadsOff is committed to protecting the privacy of our clients and their users. This policy explains what data we collect, why we collect it, how it is stored, and your rights under Singapore's Personal Data Protection Act (PDPA).
2. What Data We Collect
When LeadsOff is installed on your site, we collect the following data for each form submission: • Contact information submitted (name, email, phone number) • Device fingerprint (canvas hash, browser characteristics, screen properties) • IP address and approximate geolocation • Behavioural signals (typing speed, mouse movement patterns, scroll depth, time on page) • Form completion metadata (time to submit, field interaction sequence) This data is used exclusively to verify whether a submission is genuine or fraudulent. It is never sold or shared with third parties for marketing purposes.
3. Client Data Isolation
Each client's data is stored in a logically isolated environment. No client can access another client's data. LeadsOff staff access client data only when required to provide support and only with the client's knowledge.
4. Data Retention
Submission records are retained for 12 months by default. Device fingerprints associated with confirmed fraudulent submissions are retained indefinitely to maintain blocking effectiveness. You may request deletion of specific records or your entire dataset at any time from the dashboard.
5. Your Rights (PDPA)
Under Singapore's PDPA, you have the right to: access personal data we hold about you or your users; correct inaccurate data; withdraw consent for data collection; request deletion of your data. To exercise any of these rights, contact us at privacy@leadsoff.com.
6. Data Security
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Access to production data is restricted to authorised personnel and requires two-factor authentication. We conduct regular security reviews.
7. Cookies
LeadsOff sets a first-party session identifier cookie used only for fraud detection purposes. This is a strictly necessary cookie and does not require consent under PDPA. We do not use any advertising or analytics cookies.
8. Third-Party Services
LeadsOff does not share client data with third-party advertising networks. We use infrastructure services (hosting, database) that are bound by data processing agreements. These providers may be located outside Singapore but are subject to equivalent data protection standards.
9. Changes to This Policy
We will notify clients of material changes to this policy via email at least 14 days before they take effect. Continued use of the service after changes take effect constitutes acceptance.
10. Contact
For privacy-related enquiries: privacy@leadsoff.com. For general enquiries: hello@leadsoff.com.
Privacy enquiries: privacy@leadsoff.com