Privacy Policy

Last updated: April 1, 2025

liagent ("liagent", "we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Who We Are

liagent is a B2B SaaS CRM platform. The data controller responsible for your personal data is:

liagent — Sales. Automated.
Contact: hello@lia.ai

2. What Data We Collect

We collect the following categories of personal data:

Account data: name, email address, company name, job role
Profile data: industry, services offered, target markets, contact preferences
Usage data: features used, leads added, tasks created, sequences sent
Lead data: contact names, email addresses, phone numbers, company information that you enter into the platform
Technical data: browser type, IP address (via Supabase), session tokens

3. Legal Basis for Processing

We process your personal data on the following legal bases:

Contract (Art. 6(1)(b) GDPR): processing necessary to provide the liagent service you subscribed to
Legitimate interests (Art. 6(1)(f) GDPR): improving the platform, preventing fraud, and ensuring security
Consent (Art. 6(1)(a) GDPR): where you have explicitly agreed to specific processing (e.g. marketing communications)

4. How We Use Your Data

Providing and operating the liagent platform
Sending account-related emails (confirmation, password reset, team invites)
Processing AI analysis requests using the Anthropic Claude API (your profile data is sent to Claude to generate lead suggestions — only with your explicit action)
Billing and subscription management via Stripe
Customer support and communications
Platform security and fraud prevention

5. Data Storage and Sub-Processors

Your data is stored and processed by the following sub-processors:

Supabase (database and authentication) — hosted on AWS EU infrastructure
Anthropic (Claude AI API) — receives profile data when you trigger AI features; governed by Anthropic's privacy policy
Stripe (payments) — processes billing data; governed by Stripe's privacy policy
Vercel (hosting) — serves the application

6. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, we delete your data from our database within 30 days. Some data may be retained longer if required by law (e.g. billing records for tax purposes — up to 7 years).

7. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

Right of access: request a copy of your personal data
Right to rectification: correct inaccurate data (via Settings → Profile)
Right to erasure: delete your account and all data (via Settings → Profile → Delete Account)
Right to data portability: export your leads as CSV (via Leads → Export)
Right to object: object to processing based on legitimate interests
Right to restrict processing: limit how we use your data

To exercise any right, contact us at hello@lia.ai. We will respond within 30 days.

8. Cookies and Local Storage

liagent uses browser localStorage (not cookies) to store your session, profile data, and leads locally on your device for performance purposes. This data is cleared when you log out or delete your account. We do not use third-party tracking cookies or advertising pixels.

9. AI Features and Your Data

When you use AI features (Lead Generator, ICP Scoring, Deal Coach), your profile information and lead data is sent to the Anthropic Claude API to generate results. This data is not used to train Anthropic's models (pursuant to Anthropic's API terms). You control when AI features are triggered — they only run when you explicitly initiate them.

Your Claude API key is stored locally in your browser and is never sent to liagent's servers.

10. Security

We implement appropriate technical and organisational security measures including:

Row-level security (RLS) on all database tables — each company can only access its own data
HTTPS encryption for all data in transit
Supabase Auth for secure authentication with email verification
No plaintext passwords stored anywhere

11. International Data Transfers

Your data may be transferred to and processed in countries outside the EU/EEA (e.g. USA) when using Anthropic's Claude API or Stripe. These transfers are subject to appropriate safeguards (Standard Contractual Clauses) as required by GDPR Chapter V.

12. Children's Privacy

liagent is a B2B platform intended for business use only. We do not knowingly collect personal data from individuals under 18 years of age.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notification. The "last updated" date at the top of this page will always reflect the current version.

14. Contact and Complaints

For privacy-related questions or to exercise your rights, contact us at: hello@lia.ai

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.