Sign in Start free

legal

Privacy Policy

LeadHuntHQ surfaces qualified hire-intent leads to your feed from publicly available posts on social media. This policy explains what data we collect, why, how long we keep it, and the choices you have. It is written to be readable rather than exhaustive and does not constitute legal advice.

Information we collect
Google sign-in basics — when you sign in with Google we receive your email address, name, and profile picture. We do not receive your Google password, and we do not post, message, or read anything on your behalf on any platform.
Optional portfolio URL — if you choose to add one, we use it to rank leads by fit to your work and to give context to AI reply drafts.
Your in-app actions — the outcome labels you apply to leads (contacted, replied, hired, junk), leads you hide, false positives you report, optional gig values you record, your saved searches, and your feed filters (selected niches, sources, included and excluded keywords, minimum intent score).
Push subscriptions — if you turn on browser notifications, we store the push subscription your browser issues (an endpoint URL and the keys needed to encrypt a message) so we can alert you to new matching leads. You can turn this off at any time in your browser.
Billing status — your subscription and trial status from Paddle, our payment provider and Merchant of Record. We do not see or store your card data.
Usage analytics — we use Google Tag Manager, Google Analytics, and Microsoft Clarity to understand how the product is used in aggregate so we can improve it.
We also store a cookie that remembers your feed filters. We do not store a password for you, because sign-in is handled by Google.

Public posts in your feed
The leads in your feed originate from posts that are already public on social media and discoverable through ordinary search. Any contact details shown on a lead (such as an email, phone number, Instagram handle, website, or Calendly link) come from those public posts — they are not private data we collect about people. We do not collect private messages, follower lists, or any non-public data, and we are not affiliated with or endorsed by the platforms the posts come from. We score each post’s hiring intent with a model we run on our own servers; this content is already public and is never combined with your account data. If you are the author of a post and want it removed from LeadHuntHQ, email us and we will take it down.

How we use your data
To authenticate you and keep your session secure.
To build, filter, and personalize your lead feed.
To operate, maintain, debug, and improve the service.
To understand how the product is used in aggregate (which pages and features are reached, where users get stuck) so we can improve the interface.
To contact you about important account, security, or service changes.
We do not use your data for advertising, and we do not build advertising or cross-site-tracking profiles.

Service providers
We do not sell your personal data. We share it only with the providers needed to run LeadHuntHQ, each acting on our instructions and bound to protect it:

Google — sign-in (OAuth); we receive your basic profile as described above. We also use Google Tag Manager and Google Analytics to understand product usage in aggregate.
Paddle — our payment provider and Merchant of Record; it processes payments and handles billing for the Pro plan. We do not see or store your card data.
Microsoft Clarity — a product-analytics tool that helps us see how the interface is used in aggregate (clicks, scroll, navigation paths, masked session replays). Clarity masks form inputs and other sensitive content by default and does not receive your account credentials. See the Microsoft Privacy Statement for details on Microsoft’s processing.
Our cloud host (Hetzner, Germany) — runs our servers and database.
A transactional email provider — delivers account and security messages.
Your browser’s push service — if you enable notifications, your browser’s push service (operated by your browser vendor, e.g. Google, Mozilla, or Apple) relays our alerts to your device.
Where your data is processed
Our servers and database are hosted in the European Union (Germany). Some providers, such as Google, may process limited data in other countries; where that happens we rely on the safeguards offered by those providers.

Retention
We keep your account data while your account is active. When you ask us to delete your account, your profile, settings, in-app actions, and push subscriptions are removed. Operational logs are kept only for a short period for security and debugging. Aggregated, non-identifying metrics may be retained indefinitely.

Your rights
You can request access to, correction of, export of, or deletion of your personal data, and you can object to or restrict certain processing. We do not sell or share your personal data for cross-context behavioral advertising. To exercise any of these rights, email [email protected] — we honour applicable data-protection rights regardless of where you are located.

Security
All traffic is encrypted in transit (HTTPS). We do not store your password. Our database and internal services are not exposed to the public internet, and access is limited to the people who operate the service. No system is perfectly secure, but we take reasonable measures to protect your data.

Cookies and local storage
To keep you signed in, we store sign-in tokens in your browser: a short-lived access token and a refresh token that lasts up to 30 days. They are used only for authentication and are cleared when you sign out. We also store a small cookie that remembers your feed filters between visits. We do not use third-party advertising or cross-site tracking cookies.

Our analytics tools — Google Tag Manager, Google Analytics, and Microsoft Clarity — may set their own cookies in your browser to recognize a session and stitch together page views for usability analysis. These cookies are used only for aggregate product analytics and are not used for advertising.

Children
LeadHuntHQ is a business tool intended for adults. It is not directed at children, and we do not knowingly collect data from anyone under 16. If you believe a child has provided us data, contact us and we will delete it.

Contact
Questions about privacy? Reach us at [email protected].