Privacy Policy

Last updated: March 27, 2026

1. Data Controller

LeadRank is a service operated by Yago Mendoza ("we", "us"). For any questions regarding your personal data, contact us at [email protected].

2. What Data We Collect

Account data: name, email, and profile picture from your Google account.

Email content: subject, sender, and body of your Gmail messages. We access your inbox in read-only mode (gmail.readonly). We never send, modify, or delete emails.

Extracted data: contacts, real estate assets, demands, and opportunities that our system identifies in your emails.

Payment data: handled entirely by Stripe. We do not store credit card numbers or bank details.

Technical data: IP address, browser type, session cookies.

3. How We Use Your Data

We use your data exclusively to:

  • Read your emails and extract relevant professional information.
  • Generate automatic matches between buyers and properties.
  • Manage your subscription and billing.
  • Improve the service (in aggregate, anonymized form).
  • In the future, and always with your prior consent, facilitate cross-user business opportunities. We never share your raw email content — only structured data, and always with your explicit approval.

4. Legal Basis for Processing

Contract performance: we process your emails to deliver the service you subscribed to.

Consent: by connecting your Gmail account via OAuth, you explicitly consent to read-only access.

Legal obligation: we retain billing data as required by Spanish tax law.

5. Who We Share Your Data With

We do not sell your data. We share it only with the providers necessary to operate the service:

  • Anthropic (Claude API): AI processing for entity extraction. Does not use API data for training. EU-US Data Privacy Framework.
  • Supabase: database and authentication. Hosted in the EU.
  • Stripe: payment processing. EU-US Data Privacy Framework.
  • Vercel: web hosting. EU-US Data Privacy Framework.
  • Google: OAuth and Gmail API. EU-US Data Privacy Framework.
  • Sentry: error monitoring. EU-US Data Privacy Framework.

6. International Transfers

Some of our providers are located in the United States. All transfers are carried out under the EU-US Data Privacy Framework (DPF) or Standard Contractual Clauses.

7. How Long We Keep Your Data

Email and entity data: as long as your account is active. Upon deletion, erased within 30 days.

Billing data: 5 years, as required by Spanish tax law.

Technical logs: up to 12 months.

8. Your Rights

You may exercise the following rights at any time: access, rectification, erasure, portability, objection, and restriction.

Contact us at [email protected]. We will respond within 30 days.

You may also file a complaint with the Spanish Data Protection Agency (AEPD) at www.aepd.es.

9. AI and Automated Decisions

We use AI to analyze your emails and extract relevant information. The system also generates automatic matches. These classifications are indicative and you can always correct them manually. We do not make binding decisions based solely on automated processing.

10. Google API Compliance

LeadRank's use of information received from Google APIs adheres to the Google API Services User Data Policy, including Limited Use requirements.

  • No Gmail data is used for advertising.
  • No human accesses your email content. Processing is fully automated.
  • We only use the gmail.readonly scope.

11. Cookies

We use only essential session cookies. No tracking, advertising, or analytics cookies.

12. Changes to This Policy

We may update this policy from time to time. We will notify you of significant changes by email or through the app.