Compliance

GDPR Compliance

Last updated: March 19, 2026. Lead Titan AI is committed to protecting the privacy of EU/EEA residents.

Our Commitment to GDPR

Lead Titan AI, a product of Marketing Titan, Inc., is committed to full compliance with the General Data Protection Regulation (GDPR) (EU) 2016/679. We recognize the importance of data protection and privacy for individuals in the European Union and European Economic Area, and we have implemented comprehensive measures to ensure that our platform, processes, and services meet the requirements of the GDPR.

This page outlines how we comply with the GDPR and the steps we take to protect personal data. It supplements our Privacy Policy with specific information relevant to EU/EEA data subjects.

Data Controller Information

The data controller responsible for the processing of personal data through Lead Titan AI is:

Marketing Titan, Inc.
30 N Gould St, Ste. R
Sheridan, Wyoming 82801
United States

Data Protection Officer: contact@leadtitan.ai

Legal Basis for Processing

We process personal data only when we have a valid legal basis to do so. The legal bases we rely on include:

  • Consent: Where you have given clear, affirmative consent for us to process your personal data for a specific purpose. You may withdraw consent at any time by contacting us.
  • Contractual Necessity: Where the processing is necessary for the performance of a contract to which you are a party, or to take steps at your request prior to entering into a contract (e.g., providing our platform services after you sign up).
  • Legitimate Interest: Where the processing is necessary for our legitimate interests or those of a third party, provided those interests are not overridden by your rights and freedoms. Examples include improving our services, fraud prevention, and internal analytics.
  • Legal Obligation: Where the processing is necessary for compliance with a legal obligation to which we are subject.

Types of Data We Process

We process the following categories of personal data in connection with our services:

Account Data

Information you provide when creating and managing your Lead Titan AI account, including your name, email address, company name, job title, and billing information.

Lead and Contact Data

Business contact information sourced and verified through our platform, including professional names, business email addresses, job titles, company names, company phone numbers, and publicly available business information. This data is collected from publicly available sources and verified in real time.

Usage Data

Information about how you interact with our platform, including search queries, feature usage, session duration, pages visited, IP addresses, browser type, and device information. This data helps us improve our services and provide a better user experience.

Your Rights Under GDPR

If you are an EU/EEA resident, you have the following rights under the GDPR. We are committed to honoring each of these rights in full:

  • Right of Access (Article 15): You have the right to request a copy of the personal data we hold about you, along with information about how and why we process it.
  • Right to Rectification (Article 16): You have the right to request that we correct any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure (Article 17): You have the right to request that we delete your personal data, subject to certain legal exceptions (e.g., when we are required to retain data for legal compliance).
  • Right to Restriction of Processing (Article 18): You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
  • Right to Data Portability (Article 20): You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to transmit that data to another controller.
  • Right to Object (Article 21): You have the right to object to the processing of your personal data based on legitimate interests or for direct marketing purposes. Where you object, we will cease processing unless we can demonstrate compelling legitimate grounds.
  • Rights Related to Automated Decision-Making (Article 22): You have the right not to be subject to a decision based solely on automated processing, including profiling, that produces legal effects or similarly significant effects. Where automated decision-making is used, you have the right to obtain human intervention, express your point of view, and contest the decision.

How to Exercise Your Rights

To exercise any of your rights under the GDPR, please contact our Data Protection Officer at contact@leadtitan.ai. When submitting a request, please include:

  • Your full name and email address associated with your account
  • A description of the right you wish to exercise
  • Any additional information that may help us identify and process your request

We will acknowledge your request within 5 business days and respond substantively within 30 days. If the request is particularly complex or if we receive a large number of requests, we may extend the response period by an additional 60 days, in which case we will notify you of the extension and the reasons for the delay.

There is no fee for exercising your rights. However, if requests are manifestly unfounded or excessive, we may charge a reasonable fee or refuse to act on the request, in accordance with Article 12(5) of the GDPR.

Data Protection Officer

We have appointed a Data Protection Officer (DPO) to oversee our compliance with the GDPR and serve as the point of contact for EU/EEA data subjects and supervisory authorities. You can reach our DPO at:

Data Protection Officer
Marketing Titan, Inc.
Email: contact@leadtitan.ai

International Data Transfers

As Marketing Titan, Inc. is based in the United States, personal data collected from EU/EEA residents may be transferred to and processed in the United States and other countries outside the EU/EEA. We ensure that all such transfers comply with Chapter V of the GDPR by implementing appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs): We use the European Commission-approved Standard Contractual Clauses to govern the transfer of personal data to countries that have not received an adequacy decision from the European Commission.
  • Supplementary Measures: Where required, we implement additional technical and organizational measures to ensure that personal data remains protected during and after transfer, including encryption in transit and at rest, access controls, and data minimization.
  • Transfer Impact Assessments: We conduct transfer impact assessments to evaluate the legal framework of recipient countries and ensure the effectiveness of the safeguards in place.

Data Breach Notification

In the event of a personal data breach, we are committed to meeting our obligations under Articles 33 and 34 of the GDPR:

  • Notification to Supervisory Authorities: We will notify the relevant supervisory authority of a personal data breach within 72 hours of becoming aware of it, unless the breach is unlikely to result in a risk to the rights and freedoms of natural persons.
  • Notification to Data Subjects: Where a data breach is likely to result in a high risk to your rights and freedoms, we will notify affected individuals without undue delay, describing the nature of the breach, the likely consequences, and the measures taken or proposed to address it.
  • Internal Procedures: We maintain documented breach detection, investigation, and response procedures. All suspected breaches are escalated to our Data Protection Officer and security team immediately upon discovery.

Sub-Processors

We engage trusted third-party sub-processors to help deliver our services. Each sub-processor is contractually bound to process personal data only as instructed by us and to implement appropriate technical and organizational security measures. Our current sub-processors include:

Sub-Processor Purpose Location
Amazon Web Services (AWS) Cloud infrastructure and hosting United States / EU
Google Cloud Platform Cloud computing and data processing United States / EU
Stripe Payment processing and billing United States
HubSpot Customer relationship management United States

We will notify customers of any intended changes to our sub-processor list at least 30 days in advance, giving you the opportunity to object. An up-to-date list is maintained and available upon request.

Data Retention

We retain personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Our general retention practices include:

  • Account Data: Retained for the duration of your account and for up to 12 months after account closure, unless a longer retention period is required by law.
  • Lead and Contact Data: Continuously refreshed and re-verified. Data that cannot be re-verified is removed from our platform. Upon request, specific records are deleted within 30 days.
  • Usage Data: Retained in identifiable form for up to 24 months, after which it is either anonymized or deleted.
  • Billing and Transaction Data: Retained for up to 7 years to comply with tax and financial reporting obligations.

When personal data is no longer needed, it is securely deleted or irreversibly anonymized.

Cookies and Consent

Our website uses cookies and similar tracking technologies. In compliance with the GDPR and the ePrivacy Directive, we:

  • Obtain your explicit consent before placing any non-essential cookies on your device
  • Provide a clear and accessible cookie consent mechanism that allows you to accept or reject individual cookie categories
  • Allow you to withdraw your consent or modify your cookie preferences at any time
  • Use only strictly necessary cookies without consent, as permitted by law

For more information about the specific cookies we use and their purposes, please refer to our Privacy Policy.

Updates to This Policy

We may update this GDPR compliance page from time to time to reflect changes in our practices, legal requirements, or regulatory guidance. When we make material changes, we will update the "Last updated" date at the top of this page and, where appropriate, notify you by email or through a notice on our website.

We encourage you to review this page periodically to stay informed about how we protect your personal data and comply with the GDPR.

Contact

If you have any questions about our GDPR compliance, wish to exercise your data protection rights, or have concerns about how we handle personal data, please contact us:

Data Protection Officer
Marketing Titan, Inc.
30 N Gould St, Ste. R
Sheridan, Wyoming 82801
United States
Email: contact@leadtitan.ai

You also have the right to lodge a complaint with a supervisory authority in the EU/EEA Member State of your habitual residence, place of work, or place of the alleged infringement if you believe that our processing of your personal data violates the GDPR.