Security

How we protect your data.

Leadclosry is a prototype right now — nothing here processes real customer data yet. This page states honestly what's live today and what's planned before we accept real accounts, so you can hold us to it.

🔒

Encryption in transit live

This site is served over HTTPS/TLS. Any future card payment form is provided by Stripe directly (Stripe Elements/Checkout) — card numbers never touch our servers.

🇪🇺

EU-based hosting planned

The plan is to run the database and file storage in an EU region (Supabase EU or a self-hosted EU Postgres instance) so customer data stays within the EU by default.

💳

PCI-DSS payment handling planned

Card payments will run through Stripe, a PCI-DSS Level 1 certified provider. Leadclosry's own servers are designed to never receive or store raw card data.

💾

Automated backups planned

Daily automated database backups with a defined retention window, before any real customer data is accepted.

🔐

Access control & roles planned

Row-level security so each account only ever sees its own leads and pipeline data; Team/Enterprise plans add admin/member roles.

📋

Subprocessors planned

Third parties that will process data on our behalf once live: Stripe (payments), Supabase (database/auth), Anthropic (AI assistant), an email provider (transactional email), and optionally Zoom (call scheduling). Full list and locations will be kept current in our privacy policy.

Found a security issue?

info@leadclosry.com — we'll set up a proper disclosure process before launch.