NextLeadAI GDPR Compliance Statement

Effective Date: October 27, 2025

Last Updated: October 27, 2025

At NextLeadAI, we value and respect your privacy. We are committed to complying with the General Data Protection Regulation (GDPR) and ensuring that the personal data of our users, clients, and partners is handled responsibly, securely, and transparently.

1. Who We Are

NextLeadAI (“we,” “our,” or “us”) is an Australian-based company providing AI-powered automation and appointment-booking services for real estate professionals. Although our primary operations are in Australia, we recognise that visitors from the European Union (EU) and European Economic Area (EEA) may access our platform.

2. Personal Data We Collect

We only collect personal data that is necessary to deliver and improve our services. This may include:

Full name

Email address

Phone number

Business or agency name

Message or inquiry details

Technical data such as IP address or browser type (collected automatically for analytics and security purposes)

We do not collect or process sensitive categories of personal data.

3. How We Use Your Data

Your personal information is used only for legitimate business purposes, including:

Responding to inquiries and demo bookings

Providing requested services and product information

Sending relevant updates, reports, or follow-ups

Improving our website and customer experience

Complying with legal obligations

We will never sell or rent your personal data to third parties.

4. Legal Basis for Processing

We process personal data under the following legal bases:

Consent: When you voluntarily submit your details (e.g., via our demo form).

Contractual necessity: When processing is required to deliver services you have requested.

Legitimate interest: For internal analytics, service improvement, and fraud prevention.

5. Your Data Protection Rights

If you are an EU or EEA resident, you have the following rights under GDPR:

Access: Request a copy of your personal data.

Correction: Ask us to correct any inaccuracies.

Erasure (“Right to be forgotten”): Request deletion of your data where legally permissible.

Restriction: Ask us to limit processing of your data.

Portability: Receive your data in a structured, machine-readable format.

Objection: Object to certain processing activities.

To exercise any of these rights, contact us at:

support@nextleadai.co

We may require verification of your identity before fulfilling such requests.

6. Data Retention

We only retain personal data for as long as necessary to fulfil the purpose for which it was collected, or as required by applicable law. Once data is no longer needed, it is securely deleted or anonymised.

7. Data Security

We use reasonable administrative, technical, and physical measures to safeguard your information, including encryption, access controls, and secure hosting environments.

8. International Transfers

Your data may be transferred and processed outside the EU/EEA (for example, in Australia). In such cases, we ensure that appropriate safeguards are in place to protect your data consistent with GDPR standards.

9. Third-Party Processors

We may use trusted third-party service providers for hosting, analytics, CRM, and communication. Each provider is carefully selected and required to comply with GDPR or equivalent privacy frameworks.

10. Contact Information

For any GDPR-related questions or concerns, please contact:

📧 privacy@nextleadai.co

NextLeadAI Pty Ltd

Sydney, NSW, Australia

Summary

We are committed to transparency, accountability, and responsible data handling. GDPR compliance is an ongoing process, and we will continue improving our privacy practices to meet the highest global standards.