XS Leads is operated by TJF Design LLC. This policy explains what information we collect when you use the platform, how we use it, and what choices you have.

What we collect

When you submit an access request, we collect your name, email address, company name, and the information you provide about your intended use. This is the primary data we use to review and open accounts.

When you sign in, we create a session tied to your email address. We store a session token in an HttpOnly cookie so you stay signed in across visits.

When you browse the site, our server logs standard request data: IP address, browser type, pages visited, and timestamps. We do not use third-party analytics trackers on the site at this time.

If you contact us by email, we retain that correspondence in our email system.

How we use it

We use your access request information to review your application and, if approved, to set up your account. We use your email address to communicate with you about your account, listings, and platform updates. We do not sell your personal information to third parties. We do not use your data for advertising.

Cookies

We set one first-party session cookie (xsl_auth_session) when you sign in. It is HttpOnly, meaning it is not accessible to JavaScript on the page, and it expires when your session ends or after a fixed inactivity period. We do not use third-party advertising or tracking cookies.

Data retention

We retain account and access request data for up to 24 months after your last activity. You can request deletion of your account and associated data at any time by emailing hello@xsleads.com.

Your rights

You can request a copy of the personal data we hold about you, ask us to correct inaccurate data, or ask us to delete your data. To make any of these requests, email hello@xsleads.com from the address associated with your account.

If you are located in the European Economic Area, you have additional rights under the GDPR, including the right to lodge a complaint with your local supervisory authority.

Security

We use industry-standard practices to protect your data, including encrypted connections (HTTPS), HttpOnly session cookies, and access controls on our database. No system is perfectly secure. If you believe your account has been compromised, contact us immediately at hello@xsleads.com.

Changes to this policy

We may update this policy from time to time. When we do, we will update the "Last updated" date at the top of this page. Material changes will be communicated to active account holders by email.

Contact

Questions about this policy? Email us at hello@xsleads.com.