LeaseIQ
placeholder

Privacy Policy

Last updated: March 11, 2026

1. Introduction

LeaseIQ ("we", "us", "our") is committed to protecting your personal data. This Privacy Policy explains how we collect, use, store, and share information when you use our website at leaseiq.eu and our lease extraction platform (the "Service"). We process all data in compliance with the General Data Protection Regulation (GDPR — Regulation (EU) 2016/679).

2. Data Controller

LeaseIQ is the data controller for personal data processed through the Service. For questions about data processing, contact us at [email protected].

3. Data We Collect

We collect the following categories of personal data:

  • Account data: name, email address, and password hash when you create an account.
  • Usage data: pages visited, features used, timestamps, and browser/device information collected automatically.
  • Document data: lease PDF files you upload for extraction. These are processed by AI to extract structured data and are stored securely in EU infrastructure.
  • Communication data: information you provide when contacting us via email.

4. Legal Basis for Processing

We process personal data under the following legal bases (Article 6 GDPR):

  • Contract performance (Art. 6(1)(b)): processing necessary to provide the Service you requested, including document upload, extraction, and account management.
  • Legitimate interest (Art. 6(1)(f)): analytics to improve the Service, security monitoring, and fraud prevention.
  • Consent (Art. 6(1)(a)): marketing communications, where applicable. You can withdraw consent at any time.

5. How We Use Your Data

  • Provide, maintain, and improve the lease extraction Service.
  • Process your uploaded documents using AI models to extract structured lease data.
  • Send transactional emails (account verification, password reset, extraction notifications).
  • Respond to support requests and communications.
  • Analyze usage patterns to improve features and user experience.
  • Ensure security and prevent unauthorized access.

6. Data Storage and Security

All data is processed and stored within the European Union. We implement appropriate technical and organizational measures to protect personal data:

  • Encryption at rest and in transit (TLS 1.3).
  • Organization-based data isolation — each organization's data is fully separated.
  • Secure password hashing using industry-standard algorithms.
  • Access controls and authentication for all API endpoints.
  • Regular security assessments of our infrastructure.

7. Data Sharing

We do not sell your personal data. We share data only with:

  • AI processing: document content is sent to Anthropic's Claude API for lease extraction. Anthropic does not use API inputs for training. See Anthropic's Privacy Policy.
  • Email delivery: transactional emails are sent via Resend. Only email addresses are shared.
  • Legal obligations: we may disclose data if required by applicable EU law.

8. Data Retention

We retain your account data for as long as your account is active. Uploaded documents and extracted data are retained until you delete them or close your account. Usage data is retained for up to 12 months. You can request deletion of your data at any time by contacting [email protected].

9. Your Rights (GDPR)

Under the GDPR, you have the following rights:

  • Access (Art. 15): request a copy of your personal data.
  • Rectification (Art. 16): correct inaccurate personal data.
  • Erasure (Art. 17): request deletion of your personal data.
  • Restriction (Art. 18): restrict processing of your data in certain circumstances.
  • Data portability (Art. 20): receive your data in a structured, machine-readable format.
  • Objection (Art. 21): object to processing based on legitimate interest.
  • Withdraw consent (Art. 7(3)): where processing is based on consent, withdraw it at any time.

To exercise these rights, email [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with your national data protection authority.

10. Cookies

LeaseIQ uses essential cookies for authentication and session management. These are strictly necessary for the Service to function and do not require consent under GDPR. We do not use advertising or tracking cookies.

11. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via email or a notice on the Service. The "Last updated" date at the top reflects the most recent revision.

12. Contact

For privacy-related inquiries, contact us at [email protected].