Effective date: June 3, 2026 · LeadWithEmail.com
LeadWithEmail ("we", "us", "our") provides an AI-powered email outreach platform for wholesale and B2B suppliers. This policy explains what data we collect, how we use it, and your rights. We use plain language intentionally — if anything is unclear, email us at [email protected].
Account information
When you sign up via Google, we receive your name and email address from your Google account through Clerk (our authentication provider). We store this to identify your account.
Gmail OAuth tokens
When you connect your Gmail account, Google issues us an OAuth access token and refresh token. These tokens are encrypted at rest using AES-256 (Fernet symmetric encryption) and stored in our database. They are used solely to send emails from your Gmail account on your behalf. We do not store, read, scan, or analyze your Gmail inbox, sent items, drafts, or any other Gmail content.
Contact lists
When you upload a CSV of buyers or contacts, we store the contact data (name, email, company, and any other columns you provide) in your account. This data belongs to you and is used only to send outreach emails on your behalf.
Email send logs
We store a record of each email sent through the platform, including the recipient email address, subject line, send timestamp, and Gmail message ID. Email body text is stored to allow you to review what was sent.
Open and click tracking events
Each outgoing email contains a tracking pixel (your brand logo, or a 1×1 transparent image) and an optional click-tracking link. When a recipient opens the email or clicks a link, we record the timestamp and whether the open appears genuine or automated (see Section 4).
Billing information
Payment card details are handled entirely by Stripe and never pass through our servers. We store your Stripe customer ID and subscription status.
LeadWithEmail requests the https://www.googleapis.com/auth/gmail.modify scope.
This scope allows us to send emails, read message IDs and thread IDs (to detect replies), and apply labels.
We use Gmail access only to:
We do not use Gmail access to:
Google API Services User Data Policy
LeadWithEmail's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Data received through Google APIs is used only to provide and improve the features described in this policy. We do not use Google user data to serve advertising, and we do not sell Google user data.
Each email sent through LeadWithEmail contains a small image — either your uploaded brand logo
or a 1×1 transparent pixel — hosted at leadwithemail.com/track/[token].
When a recipient's email client loads this image, we record that the email was opened.
This is standard email tracking practice. The pixel is embedded in the HTML version of the email. Recipients using plain-text email clients will not trigger tracking.
The tracking token links to the specific email sent. No personal data about the recipient's device, IP address, or location is collected beyond the open event timestamp.
Apple Mail Privacy Protection (MPP), introduced in iOS 15 and macOS Monterey, causes Apple's mail servers to pre-fetch tracking pixels automatically — even if the recipient never actually opens the email. As of 2025, Apple Mail accounts for approximately 58% of all email client market share.
To reduce false positives, we apply the following filters:
icloud.com, me.com, and mac.com receive automatic Apple MPP considerationFor this reason, all open data in LeadWithEmail is labeled "Estimated Opens" throughout the platform. Reply rate — not open rate — is the primary and most reliable success metric we emphasize.
Each LeadWithEmail account is completely isolated. Your contact lists, email send logs, campaigns, and tracking data are never visible to, shared with, or accessible by other LeadWithEmail users. All database queries are scoped to your account using a unique tenant identifier enforced at the application layer.
We do not sell, rent, or trade any personal data — yours or your contacts' — to any third party, for any purpose, at any price. This includes advertising networks, data brokers, and analytics companies.
Stripe (billing)
Payment processing is handled by Stripe. We never see or store your card number. Stripe's use of your data is governed by Stripe's Privacy Policy.
Clerk (authentication)
Sign-in and session management are handled by Clerk. Your account credentials are managed by Clerk under their Privacy Policy.
Anthropic / OpenAI / Google AI (email generation)
AI-generated email copy is produced by large-language model APIs. The prompt we send includes your brand context and contact details (first name, company, location). We do not send contact email addresses to AI providers. Generated text is not used to train AI models.
Telegram (optional notifications)
If you opt in to Telegram notifications, we send alert messages (e.g., "new hot lead reply") to your Telegram chat ID. This is entirely optional. If you do not connect Telegram, no data is sent there.
Railway / Supabase (infrastructure)
Our application runs on Railway (hosting) and Supabase (database). Data is stored in the United States.
We retain your data for as long as your account is active.
To request deletion: email [email protected] with the subject line "Account Deletion Request". We will permanently delete your account, contact lists, email logs, and all associated data within 30 days. Gmail OAuth tokens are revoked at Google before deletion.
You can also revoke Gmail access at any time from your Google account at myaccount.google.com/permissions. Revoking access does not delete your LeadWithEmail account, but it will stop email sends until you reconnect.
Gmail OAuth tokens are encrypted at rest using Fernet symmetric encryption (AES-128-CBC). The encryption key is stored separately from the database.
All data is transmitted over HTTPS. Database access is restricted by network rules and authenticated credentials.
If you believe you have discovered a security vulnerability, please email [email protected] immediately.
We may update this policy as the platform evolves. If we make material changes, we will notify you by email or by a notice in the app. The "effective date" at the top of this page reflects the date of the most recent revision.
Questions about this policy or your data:
[email protected]
LeadWithEmail.com · New Jersey, USA
Last updated: June 3, 2026