LeadLogix

LeadLogix Privacy Policy

Last updated: 2 June 2026 — Version 1.0

This Privacy Policy describes how Diggit Software Solutions Co. LLC (“Diggit”, “we”, “us”, or “our”) collects, uses, discloses, and safeguards information when you, or a business entity on whose behalf you act, use our LeadLogix platform (the “Service”). LeadLogix is a multi-tenant marketing automation platform that operates advertising campaigns on behalf of business clients across third-party advertising platforms.

This Policy applies to:

If you are an End User and have questions about how a specific client company processes your personal data, please contact that company directly. LeadLogix processes End-User data only on the instructions of, and under contract with, the client company that is the data controller.

1. Who we are

Controller of personal data:

Diggit is the operator of LeadLogix. Where LeadLogix processes data on behalf of a client company as a processor, the client company is the controller of End-User data.

2. Information we collect

2.1 Information you provide directly

2.2 Information collected automatically

2.3 Information from third parties

2.4 What we do not collect

3. How we use information

We use the information described above to:

4. Legal bases for processing (GDPR / UK GDPR)

Where the General Data Protection Regulation or UK GDPR applies, we rely on the following legal bases:

5. Sharing and disclosure of information

We do not sell personal data. We share personal data only as follows:

6. Multi-tenant data isolation

LeadLogix is engineered as a multi-tenant platform. Every record we hold on behalf of a client company is tagged with a unique client identifier. Application-layer access controls and database query filters ensure that a Client User of one client company cannot access records belonging to another client company. Administrative access by Diggit personnel is limited to operational and support purposes and is logged.

7. Sub-processors and data location

LeadLogix currently uses the following sub-processors. Where personal data is transferred outside the data subject’s jurisdiction, we rely on appropriate transfer mechanisms such as Standard Contractual Clauses, adequacy decisions, or equivalent safeguards.

7.1 Sub-processors

7.2 Primary data residency

8. International transfers of personal data

Because our sub-processors operate globally, personal data may be transferred to, stored, and processed in countries other than your country of residence, including the United States. For transfers from the European Economic Area, the United Kingdom, and the United Arab Emirates, we rely on contractual safeguards such as the European Commission’s Standard Contractual Clauses and the UK International Data Transfer Addendum, supplemented by additional technical and organisational measures.

9. Security

We protect personal data using a combination of technical and organisational measures, including:

No system can be guaranteed completely secure. If you suspect a security issue, contact us promptly at montazir@diggitglobal.com.

10. Data retention

We retain personal data for as long as it is needed to provide the Service, comply with legal obligations, resolve disputes, and enforce agreements. Operational logs and audit-log entries are typically retained for the lifetime of the relevant client account, after which they are deleted or anonymised within a reasonable period. Client companies may request deletion of specific records subject to legal retention requirements.

11. Your rights

Depending on your jurisdiction, you may have rights to:

To exercise these rights, contact us at montazir@diggitglobal.com. If your data is processed by us on behalf of a client company that is the controller, we will direct your request to that company or assist it in responding.

12. Children

LeadLogix is a business-to-business platform intended for use by representatives of organisations who are at least 18 years old. We do not knowingly collect personal data from children. If we learn that we have collected personal data from a child, we will delete it.

13. Changes to this Policy

We may update this Policy from time to time. When we make material changes, we will update the version and date at the top of this document and, where appropriate, notify users through the platform or by email. Continued use of the Service after the effective date of an updated Policy constitutes acceptance of the changes.

14. How to contact us

For privacy inquiries, data subject requests, or questions about this Policy:

15. Jurisdiction-specific notices

15.1 European Economic Area, United Kingdom, and Switzerland

If you are located in the EEA, the UK, or Switzerland, your personal data is processed in accordance with the GDPR or UK GDPR as applicable. The legal bases on which we rely are set out in Section 4. International transfers are governed by the safeguards described in Section 8. You have the right to lodge a complaint with your national supervisory authority.

15.2 United Arab Emirates

If you are located in the United Arab Emirates, your personal data is processed in accordance with Federal Decree-Law No. 45 of 2021 on the Protection of Personal Data (PDPL) and applicable free-zone data-protection regulations. You may contact us with requests regarding access, correction, deletion, or restriction of processing.

15.3 California, United States

If you are a California resident, the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA) provide you with specific rights regarding personal information, including the right to know, the right to delete, the right to correct, the right to opt out of sale or sharing (we do not sell or share personal information for cross-context behavioural advertising), and the right to limit use of sensitive personal information. To exercise these rights, contact us at montazir@diggitglobal.com.

15.4 Singapore

If you are located in Singapore, your personal data is processed in accordance with the Personal Data Protection Act 2012 (PDPA). You may contact us with questions or requests regarding your personal data.