Trust & security
LeadCall is built for clinics, agencies, and sales teams that need phone attribution without compromising customer data. This page summarizes how we protect the platform and the information processed through it.
Last updated: June 2026
LeadCall production services run on reputable cloud infrastructure with network isolation, managed databases, and monitored uptime.
We use industry-standard providers for application hosting, databases, and object storage. Infrastructure access is restricted to authorized personnel on a need-to-know basis.
Data in transit is protected with TLS (HTTPS) between clients, our API, and integrated services.
Sensitive fields such as phone numbers are encrypted at rest using AES-256-GCM. Company-scoped hashes support deduplication and lookup without storing readable numbers in plain text in the database layer.
Dashboard access uses authenticated sessions with role-based permissions for company owners, managers, and reps.
API and webhook endpoints require valid credentials. We follow least-privilege principles for internal tooling and production access.
Production databases are backed up on a regular schedule with point-in-time recovery options where supported by our database provider.
We design for resilience: retries on CRM sync failures, review queues for ambiguous matches, and operational monitoring to detect outages quickly.
LeadCall processes customer data only for the purpose of providing call attribution, CRM synchronization, reporting, and related platform functionality.
Customers retain ownership of their data.
LeadCall does not sell customer data.
We capture call metadata needed for attribution (such as timestamps, duration, direction, and campaign assignment) — not call audio, and we do not require microphone access on work phones. For retention, subprocessors, and your rights, see our Privacy Policy.
LeadCall relies on trusted third-party providers for infrastructure, authentication, payment processing, analytics, and CRM integrations — including Vercel (application hosting), Clerk (authentication), Stripe (payment processing), and Zoho (CRM integrations when you connect an account).
Access to customer data is limited to what is necessary for those services to perform their functions.
Security questions: privacy@leadcall.tech · support@leadcall.tech