Privacy & Data Processing Agreement
Last Updated: May 11, 2026
Last Updated: May 11, 2026
This Privacy and Data Processing Agreement ("DPA") outlines how LeadFront AI processes, protects, and manages personal data on behalf of its Customers.
LeadFront acts as a Data Processor for the personal data of Customer's clients (patients). This data is processed for the purpose of missed call recovery, appointment booking, and reactivation campaigns.
LeadFront implements high-grade security measures, including HMAC-signed licensing, encrypted update delivery via signed URLs, and Stripe-standard encryption for all payment data. All incoming Twilio and Stripe signals are enforced for integrity via the Webhook Guard module.
LeadFront is designed to assist Customers in maintaining compliance with modern data privacy regulations (e.g., GDPR/CCPA) by providing full data sovereignty through the Portability Module and automated opt-out handling for SMS messaging.