Privacy Policy

Last updated: April 1, 2026

liagent ("liagent", "we", "us", or "our") is committed to protecting your personal data. This Privacy Policy explains what information we collect, how we use it, and your rights under the General Data Protection Regulation (GDPR) and applicable data protection laws.

1. Who We Are

liagent is a B2B SaaS CRM platform. The data controller responsible for your personal data is:

liagent — Sales. Automated.
Contact: hello@liagent.ro

2. What Data We Collect

We collect the following categories of personal data:

• Account data: name, email address, company name, job role
• Profile data: industry, services offered, target markets, contact preferences
• Usage data: features used, leads added, tasks created, sequences sent
• Lead data: contact names, email addresses, phone numbers, company information that you enter into the platform
• Technical data: browser type, IP address (via Supabase), session tokens

3. Legal Basis for Processing

We process your personal data on the following legal bases:

• Contract (Art. 6(1)(b) GDPR): processing necessary to provide the liagent service you subscribed to
• Legitimate interests (Art. 6(1)(f) GDPR): improving the platform, preventing fraud, and ensuring security
• Consent (Art. 6(1)(a) GDPR): where you have explicitly agreed to specific processing (e.g. marketing communications)

4. How We Use Your Data

• Providing and operating the liagent platform
• Sending account-related emails (confirmation, password reset, team invites)
• Processing AI analysis requests using the Anthropic Claude API (your profile data is sent to Claude to generate lead suggestions — only with your explicit action)
• Billing and subscription management via Stripe
• Customer support and communications
• Platform security and fraud prevention

5. Data Storage and Sub-Processors

Your data is stored and processed by the following sub-processors:

• Supabase (database and authentication) — hosted on AWS EU infrastructure
• Anthropic and OpenAI (AI APIs) — receive profile and lead data when you trigger AI features; governed by the respective provider's privacy policy
• Apollo.io and Hunter.io (contact enrichment) — receive company domain/name when you enrich a lead
• Resend (transactional and outreach email) — delivers emails you send from the platform
• Stripe (payments) — processes billing data; governed by Stripe's privacy policy
• Vercel (hosting) — serves the application

6. Data Retention

We retain your personal data for as long as your account is active. When you delete your account, we delete your data from our database within 30 days. Some data may be retained longer if required by law (e.g. billing records for tax purposes — up to 7 years).

7. Your Rights Under GDPR

As a data subject in the EU/EEA, you have the following rights:

• Right of access: request a copy of your personal data
• Right to rectification: correct inaccurate data (via Settings → Profile)
• Right to erasure: delete your account and all data (via Settings → Profile → Delete Account)
• Right to data portability: export your leads as CSV (via Leads → Export)
• Right to object: object to processing based on legitimate interests
• Right to restrict processing: limit how we use your data

To exercise any right, contact us at hello@liagent.ro. We will respond within 30 days.

8. Cookies and Local Storage

liagent uses browser localStorage (not cookies) to store your session, profile data, and leads locally on your device for performance purposes. This data is cleared when you log out or delete your account. We do not use third-party tracking cookies or advertising pixels.

9. AI Features and Your Data

When you use AI features (Lead Generator, ICP Scoring, Deal Coach), your profile information and lead data is sent to a third-party AI provider (currently Anthropic or OpenAI, depending on your settings) to generate results. Under these providers' API terms, your data is not used to train their models. You control when AI features are triggered — they only run when you explicitly initiate them.

If you configure your own API key, it is stored locally in your browser and is never sent to liagent's servers.

10. Security

We implement appropriate technical and organisational security measures including:

• Row-level security (RLS) on all database tables — each company can only access its own data
• HTTPS encryption for all data in transit
• Supabase Auth for secure authentication with email verification
• No plaintext passwords stored anywhere

11. International Data Transfers

Your data may be transferred to and processed in countries outside the EU/EEA (e.g. USA) when using AI providers (Anthropic, OpenAI), contact enrichment providers (Apollo.io, Hunter.io), email delivery (Resend), or payment processing (Stripe). These transfers are subject to appropriate safeguards (Standard Contractual Clauses) as required by GDPR Chapter V.

12. Children's Privacy

liagent is a B2B platform intended for business use only. We do not knowingly collect personal data from individuals under 18 years of age.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or an in-app notification. The "last updated" date at the top of this page will always reflect the current version.

14. Contact and Complaints

For privacy-related questions or to exercise your rights, contact us at: hello@liagent.ro

If you are unsatisfied with our response, you have the right to lodge a complaint with your local data protection authority.