Legal
Last updated: April 2026 · iTYZER Ltd, Company No. 16817299
This Data Processing Agreement (DPA) forms part of the LeadTYZER Terms of Service between iTYZER Ltd (Processor) and the client (Controller). It governs the processing of personal data by iTYZER Ltd on behalf of the client.
LeadTYZER processes B2B contact data, company names, business email addresses, professional titles, business phone numbers, and company LinkedIn profiles, for the purpose of generating verified B2B lead lists for the client's legitimate commercial outreach activities.
Processing occurs for the duration of an active subscription. Delivered lead data is retained for 90 days in verified inventory before re-verification.
Processing is conducted under Legitimate Interests (Article 6(1)(f) GDPR). All data pertains exclusively to B2B professionals in their professional capacity. Personal consumer data is never collected or processed.
Sub-processors include: Supabase (database, EU hosted), Vercel (hosting), Resend (transactional email), Hunter.io (email verification), Anthropic (AI scoring, data not retained per Anthropic terms), Stripe (payments, PCI compliant).
Data subjects may exercise rights under GDPR including the right to erasure via our opt-out endpoint at leadtyzer.com/optout. All requests are processed within 5 business days.
We implement encryption at rest and in transit (TLS 1.2+), Row Level Security on all database tables, role-based access control, API key hashing (SHA-256), and regular security audits.
The client (Controller) is responsible for ensuring their use of delivered leads complies with applicable data protection laws in their jurisdiction, including GDPR, PECR (UK), and CAN-SPAM (US).
For DPA queries: hello@leadtyzer.com, iTYZER Ltd, England & Wales, Company No. 16817299.