Longevity LeadersLongevity LeadersBook a Demo

Privacy Policy

Last updated June 9, 2026

This Privacy Policy (the “Policy”) describes how The Longevity Leaders LLC, together with its affiliates, successors, and assigns (collectively, “the Company,” “we,” “us,” or “our”), collects, uses, processes, discloses, retains, transfers, and otherwise handles information in connection with The Longevity Leaders CRM and any related websites, applications, application programming interfaces, integrations, communications, and services that link to or reference this Policy (collectively, the “Services”). By accessing or using the Services, registering for an account, or otherwise interacting with us, you acknowledge that you have read, understood, and agree to be bound by this Policy in its entirety, together with any agreement governing your use of the Services. If you do not agree, you must not access or use the Services.

Capitalized terms not defined where used have the meanings given in Section 1 (Definitions). Headings are provided for convenience only and do not affect interpretation. This Policy is incorporated by reference into, and forms a part of, the agreement between you and us governing the Services.

1. Definitions

  1. Account Information” means information associated with registration for and administration of an account, including identifiers described in Section 3.1.
  2. Customer Content” means data, records, text, files, and other materials that a Tenant or User submits to, creates within, imports into, or generates through the Services.
  3. Controller” means the entity that determines the purposes and means of processing Personal Information; “Processor” means an entity that processes Personal Information on behalf of, and under the instructions of, a Controller.
  4. Personal Information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular individual or household, as such term (or the analogous term “personal data”) is defined under Applicable Data Protection Law.
  5. Tenant” means an organization or workspace provisioned on the Services; “User” means an individual authorized to access a Tenant.
  6. Applicable Data Protection Law” means all privacy, data protection, and data security laws and regulations applicable to the processing of Personal Information under this Policy, as amended from time to time.
  7. De-identified Information” means information that cannot reasonably be used to infer information about, or otherwise be linked to, a particular individual or household.

2. Scope; Roles of the Parties

2.1. This Policy applies to Users who register for, sign in to, or administer a Tenant, and to visitors who interact with our public websites and communications. It does not modify the terms of any separately executed agreement to the extent of a conflict, in which case the executed agreement controls with respect to the subject matter therein.

2.2. Roles. With respect to Account Information, authentication data, and operational and security telemetry generated by your use of the Services, we generally act as a Controller. With respect to Customer Content, the relevant Tenant is the Controller and we act as a Processor that processes such Customer Content on the Tenant's behalf and in accordance with the Tenant's instructions and the applicable agreement. The individuals and organizations that a Tenant contacts through the Services are data subjects of the Tenant, and the Tenant, not the Company, is responsible for establishing a lawful basis for, and providing any required notices regarding, the processing of their information.

3. Information We Collect

We collect information from and about you from the sources and in the categories described below. The specific information collected depends on how you interact with the Services, the configuration chosen by your Tenant, and the integrations you elect to connect.

3.1 Information you provide or that is provided about you

  • Account & profile data. When you authenticate via a third-party identity provider, we receive basic profile information such as your name, email address, and a verified-email indicator. We do not receive or store your third-party password.
  • Customer Content. The data, records, and other materials you create, upload, import, or transmit through the Services.
  • Integration credentials. If you connect a third-party service, we collect and store the credentials you provide so that the Services can perform the actions you direct.
  • Communications. Information you submit when you contact us for support, sales, or other purposes, including the contents of your communications and any attachments.
  • Billing & transactional data. Information necessary to administer subscriptions and payments, which may be processed by a third-party payment processor on our behalf.

3.2 Information we collect automatically

  • Device & connection data. Internet Protocol (IP) address, browser type and version, operating system, device identifiers, language preferences, and referring/exit pages.
  • Usage & log data. Pages and features accessed, actions taken, timestamps, session identifiers, request and response metadata, diagnostic and crash data, and authentication events including sign-ins and session refreshes.
  • Cookies & similar technologies. As further described in Section 4, we and our service providers use cookies, web beacons, pixels, tags, local storage, and similar technologies.

3.3 Information from third parties

We may receive information about you from identity providers, analytics providers, integrations you or your Tenant connect, and other Users within your Tenant (for example, an administrator who invites you). Where you direct the Services to retrieve data from a connected integration, that data is received subject to the third party's terms and the Tenant's instructions.

3.4 Inferences and derived data

We may generate inferences, metrics, scores, summaries, and other derived data reflecting your use of, and engagement with, the Services, and may combine information described in this Policy across sources to operate, secure, analyze, and improve the Services.

4. Cookies, Pixels & Tracking Technologies

4.1. We use strictly necessary technologies to authenticate Users, maintain sessions, enforce security, and remember preferences. We and our analytics providers may also use performance and analytics technologies to understand how the Services are used. Some technologies persist after you close your browser; others expire at the end of a session.

4.2. You may be able to control certain technologies through your browser or device settings, including blocking or deleting cookies; however, disabling strictly necessary technologies may render portions of the Services non-functional. The Services are not currently designed to respond to browser “Do Not Track” signals; where required by Applicable Data Protection Law, we honor recognized opt-out preference signals as described in Section 19.

5. How We Use Information

We use information for the following purposes:

  1. to provide, operate, maintain, and administer the Services and the features you and your Tenant use;
  2. to authenticate Users, provision Tenants, and enforce per-Tenant isolation, access controls, and role-based permissions;
  3. to secure the Services, including to monitor for, investigate, prevent, detect, and respond to fraud, abuse, security incidents, and violations of our policies or applicable law;
  4. to provide support, respond to inquiries, and send administrative, transactional, and security communications, including invitations, notices, and service-related announcements;
  5. to operate, analyze, measure, debug, and improve the Services and to research and develop new features, products, and services, including as described in Section 6;
  6. to administer billing, subscriptions, and accounting; and
  7. to comply with legal obligations, establish, exercise, or defend legal claims, and enforce our agreements.

We do not sell your Personal Information, and we do not use Customer Content to train models that we own or license to third parties for their independent use. Where a feature relies on a third-party service, that service receives only the content you or your Tenant direct the Services to send to it, and only when the applicable option has been enabled.

6. License and Permissions You Grant Us

6.1. License. Subject to this Policy and your applicable agreement, you (and, where applicable, your Tenant) grant us a worldwide, non-exclusive, royalty-free, fully paid-up, sublicensable (to our service providers and sub-processors), and transferable license to host, store, cache, reproduce, copy, modify, adapt, translate, reformat, create derivative works of, process, transmit, publicly display (within the Tenant), and otherwise use Customer Content and other information described in this Policy, in each case as reasonably necessary to: (a) provide, operate, secure, support, and improve the Services; (b) prevent, detect, and address technical, security, or fraud issues; (c) create De-identified Information and aggregated statistics; and (d) develop, test, and enhance the Services and our other current and future products and features.

6.2. No transfer of ownership. The foregoing license does not transfer ownership. As between you and us, you (or your Tenant) retain all right, title, and interest in and to Customer Content, and we retain all right, title, and interest in and to the Services and all software, technology, and materials underlying or comprising them, including all intellectual-property rights therein.

6.3. De-identified & aggregated data. We may create De-identified Information and aggregated data from any information described in this Policy, and we may use, retain, disclose, and otherwise process such information for any lawful business purpose, including to operate, analyze, benchmark, and improve the Services and to develop new offerings. We commit to maintain and use such information only in de-identified or aggregated form and not to attempt to re-identify it except as permitted by Applicable Data Protection Law.

6.4. Feedback. If you provide suggestions, ideas, or other feedback regarding the Services, you grant us a perpetual, irrevocable, worldwide, royalty-free license to use and incorporate such feedback for any purpose without restriction or compensation to you.

7. Legal Bases for Processing (EEA/UK)

Where Applicable Data Protection Law in the European Economic Area, the United Kingdom, or Switzerland applies, we process Personal Information on one or more of the following legal bases: (a) performance of a contract with you or to take steps at your request prior to entering a contract; (b) our legitimate interests in operating, securing, and improving the Services, where such interests are not overridden by your rights; (c) your consent, where required (which you may withdraw at any time without affecting prior processing); and (d) compliance with a legal obligation. Where we rely on legitimate interests, you may obtain further information by contacting us using the details in Section 25.

8. How We Disclose Information

We may disclose information in the following circumstances:

  • Sub-processors and service providers. To vendors that perform services on our behalf, subject to contractual obligations to protect information and to process it only as instructed (see Section 9).
  • Within your Tenant. To other Users of your Tenant, in accordance with the roles and permissions configured by your Tenant administrators.
  • Integrations you connect. To third-party services that you or your Tenant elect to connect, with respect to the data you direct the Services to send to them.
  • Business transfers. In connection with, or during negotiations of, any merger, acquisition, financing, reorganization, bankruptcy, receivership, sale of assets, or transition of service to another provider, in which case information may be transferred as a business asset.
  • Legal, safety, and compliance. Where we believe in good faith that disclosure is necessary or appropriate to comply with applicable law, legal process, or governmental request; to enforce our agreements and policies; or to protect the rights, property, safety, or security of the Company, our Users, or the public. We will, where lawful and reasonably practicable, seek to limit overbroad requests.
  • With your direction or consent. For any other purpose disclosed to you at the time we collect the information or with your consent.

9. Service Providers

We engage third-party service providers to support the operation of the Services. Each is engaged under contractual obligations to safeguard information and to process it only as necessary to provide services to us. Such providers fall within categories that may include:

  • cloud hosting, infrastructure, and storage providers;
  • authentication and identity providers;
  • communications and message-delivery providers;
  • analytics, monitoring, and security providers; and
  • billing and payment providers.

A current list of the specific service providers we use is available to Tenants upon request and, where applicable, under our data processing addendum. In addition, where you or your Tenant elect to connect an optional third-party service, that service processes only the data you direct the Services to transmit to it and is governed by its own terms; you may disconnect any optional service at any time through your Tenant's settings.

10. Automated Processing

Certain features use automated processing to generate drafts, summaries, recommendations, and similar outputs based on inputs you provide. Such outputs may be inaccurate or incomplete and are provided for your review; you are responsible for evaluating outputs before relying on or acting upon them. We do not use Customer Content to train models that we own, and any content processed by a third-party service is handled only as described in Section 5.

11. International Data Transfers

We and our sub-processors operate primarily in the United States, and information we collect may be transferred to, stored in, and processed in the United States and other jurisdictions that may not provide the same level of data-protection rights as your jurisdiction. Where required, we implement appropriate safeguards for cross-border transfers, such as Standard Contractual Clauses approved by the relevant authorities. By using the Services, you understand that your information may be transferred to and processed in the United States and elsewhere.

12. Data Security

We maintain administrative, technical, and organizational measures designed to protect information appropriate to the nature of the information and the risks involved, including encryption of information in transit and at rest, access controls, and logging and monitoring. No method of transmission or storage is completely secure, and we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your authentication credentials and for activity occurring under your account.

13. Data Breach Notification

In the event of a security incident affecting Personal Information, we will investigate and, where required by Applicable Data Protection Law, notify affected parties and competent authorities within the timeframes and in the manner prescribed by law. Notification of, or response to, an incident does not constitute an acknowledgment by us of any fault or liability.

14. Data Retention

We retain Account Information and Customer Content for as long as a Tenant remains active and as necessary to provide the Services. Following closure of a Tenant, we will delete or de-identify associated Customer Content within a commercially reasonable period, ordinarily within ninety (90) days, except where retention is necessary to comply with legal, regulatory, tax, accounting, or security obligations, to resolve disputes, or to enforce our agreements, and except for information retained in routine backups for a limited additional period and De-identified or aggregated Information, which may be retained indefinitely.

15. Your Rights & Choices (General)

Subject to Applicable Data Protection Law and to verification of your identity, you may have rights to access, correct, update, port, restrict, or delete certain Personal Information, and to object to or withdraw consent for certain processing. Because we process much Customer Content as a Processor on behalf of a Tenant, requests relating to such Customer Content should generally be directed to the relevant Tenant, and we will provide reasonable assistance to the Tenant in responding. To exercise rights with respect to information for which we are the Controller, please contact us using the details in Section 25.

16. European Economic Area, United Kingdom & Switzerland

If you are located in the EEA, the United Kingdom, or Switzerland, you have the rights described in Section 15 and, additionally, the right to lodge a complaint with your local supervisory authority. We will respond to verified requests within the period required by Applicable Data Protection Law. Where we act as a Processor, we will refer your request to the relevant Controller.

17. California Privacy Rights (CCPA/CPRA)

17.1. This Section applies to California residents whose Personal Information we process as a business. In the preceding twelve (12) months, we have collected the categories of Personal Information described in Section 3, derived from the sources described therein, for the business and commercial purposes described in Section 5, and have disclosed such categories to the categories of recipients described in Sections 8 and 9.

17.2. No sale or sharing. We have not sold, and do not sell, Personal Information, and we have not “shared” Personal Information for cross-context behavioral advertising, as those terms are defined under California law.

17.3. Rights. Subject to verification, California residents have the right to know/access, to correct, and to delete Personal Information; the right to opt out of sale or sharing (which is not applicable as stated above); the right to limit the use of sensitive Personal Information; and the right not to receive discriminatory treatment for exercising these rights. You may use an authorized agent to submit a request, subject to our verification of the agent's authority.

18. Other U.S. State Privacy Rights

Residents of certain other U.S. states (including, where applicable, Virginia, Colorado, Connecticut, Utah, Texas, Oregon, and others) may have rights to access, correct, delete, and obtain a copy of their Personal Information, and to opt out of certain processing such as targeted advertising, the sale of Personal Information, or certain profiling. We do not engage in targeted advertising or the sale of Personal Information as those terms are defined under such laws. You may exercise applicable rights as described in Section 25, and, where provided by law, appeal a decision regarding your request.

19. Opt-Out Preference Signals

Where required by Applicable Data Protection Law, we will treat recognized opt-out preference signals (such as Global Privacy Control) transmitted by your browser or device as a valid request to opt out of sale or sharing for that browser or device, to the extent applicable.

20. Children's Privacy

The Services are intended for use by businesses and are not directed to children under the age of sixteen (16). We do not knowingly collect Personal Information from children. If you believe a child has provided us with Personal Information, please contact us and we will take appropriate steps to delete it.

21. Third-Party Services & Links

The Services may contain links to, or interoperate with, third-party websites, products, and services that we do not own or control. This Policy does not apply to those third parties, and we are not responsible for their content, practices, or privacy policies. We encourage you to review the privacy notices of any third party before providing information to it.

22. Changes to this Policy

We may modify this Policy from time to time. If we make material changes, we will provide notice through the Services or by other means as required by law, and will update the “Last updated” date above. Your continued access to or use of the Services after the effective date of a revised Policy constitutes your acceptance of the revised Policy. If you do not agree to the changes, you must stop using the Services.

23. Governing Law

This Policy and any dispute arising out of or relating to it or the Services are governed by the laws of the State of [State of Formation] and the applicable laws of the United States, without regard to conflict-of-laws principles. Subject to Section 24, the state and federal courts located in [State of Formation] shall have jurisdiction, and you consent to the personal jurisdiction of, and venue in, such courts.

24. Dispute Resolution; Arbitration; Class-Action Waiver

24.1. Please read this Section carefully: it affects your legal rights. To the fullest extent permitted by applicable law, you and the Company agree that any dispute, claim, or controversy arising out of or relating to this Policy or the Services that cannot be resolved informally shall be resolved exclusively through final and binding individual arbitration, rather than in court, except that either party may bring an individual action in small-claims court and either party may seek injunctive or equitable relief for actual or threatened infringement or misappropriation of intellectual property or confidential information.

24.2. Class-action waiver. To the fullest extent permitted by applicable law, you and the Company agree that each may bring claims against the other only in an individual capacity, and not as a plaintiff or class member in any purported class, consolidated, or representative proceeding. The arbitrator may not consolidate more than one person's claims and may not preside over any form of a representative or class proceeding.

24.3. Opt-out. You may opt out of the arbitration and class-action-waiver provisions in this Section by sending written notice of your decision to opt out to the contact address in Section 25 within thirty (30) days after first accepting this Policy. This Section survives termination of your relationship with us.

25. How to Contact Us

The Longevity Leaders LLC is the entity responsible for the processing of Personal Information described in this Policy where we act as a Controller. Questions, requests, or complaints regarding this Policy or our information practices may be directed to sandy@thelongevityleaders.com. We will respond to verified requests within the timeframe required by Applicable Data Protection Law and, where no timeframe is specified, within a commercially reasonable period.

© 2026 The Longevity Leaders LLC. This document is provided for transparency and does not constitute legal advice.