Legal
Privacy Policy
Last updated: 17 July 2026
1. Scope & our two roles
BrokLeads plays two different privacy roles depending on the data involved:
- As a controller — for information about our website visitors, the agency staff who hold BrokLeads accounts, and people who contact us or request a demo. We decide how and why this data is used, and this Policy governs it.
- As a processor— for the lead, contact, listing and sales records that our customers (real-estate agencies) capture and manage inside the Service (“Customer Data”). Here the agency is the controller; we process that data on their instructions under our Terms of Service and applicable data processing terms. If you are an end-customer of an agency, please direct privacy requests to that agency.
2. Information we collect
Information you provide
- Account & profile data — name, work email, phone, company/agency name, role and password when an account is created for you.
- Demo & enquiry data— the details you submit through our “Book a demo” or contact forms (name, work email, company, team size, phone and message).
- Customer Data you enter — leads, clients, contacts, property listings, notes, tasks and sales records you add to the Service.
- Payment & billing data — billing contact and subscription details. Card payments are handled by our payment providers; we do not store full card numbers.
Information collected automatically
- Usage & device data — IP address, browser and device type, pages viewed, referring URLs and timestamps.
- Cookies & similar technologies — see our Cookie Policy. We use a small number of strictly-necessary cookies to keep you signed in and remember your active branch.
Information from connected services
When an agency connects a channel, we receive lead and message data from that provider strictly to deliver the Service, including:
- Meta(Facebook & Instagram Lead Ads) — lead form submissions and the campaign fields configured by the agency.
- WhatsApp Business Platform — inbound and outbound messages for the connected business number.
- Website & other sources (e.g. TikTok, LinkedIn, on-site forms) — enquiries submitted by prospective buyers or renters.
3. How we use information
- Provide, operate, secure and improve the Service.
- Route and distribute leads to the right agents, and power WhatsApp messaging, reporting and sale approvals.
- Authenticate users and protect against fraud, abuse and unauthorised access.
- Respond to demo requests, enquiries and support tickets.
- Send service, security and (where permitted) product update communications.
- Meet legal, tax and accounting obligations.
4. Legal bases
Where data-protection law requires a legal basis, we rely on: performance of a contract (providing the Service and account); our legitimate interests (securing and improving the Service, responding to enquiries); consent (for non-essential marketing, which you may withdraw at any time); and compliance with legal obligations.
5. How we share information
We do not sell personal information. We share it only:
- With service providers — hosting, database, email, analytics, payment and bot-protection (e.g. Cloudflare Turnstile) vendors who process data on our behalf under confidentiality obligations.
- With connected platforms — Meta and the WhatsApp Business Platform, only as needed to deliver the integrations an agency has enabled.
- Within your agency — Customer Data is visible to authorised users of the same branch/agency according to their role and permissions.
- For legal reasons — to comply with law, enforce our terms, or protect the rights, safety and property of BrokLeads, our customers or others.
- In a business transfer — as part of a merger, acquisition or sale of assets, subject to this Policy.
6. International transfers
We and our providers may process data in countries other than yours. Where we transfer data across borders, we use appropriate safeguards (such as contractual protections) consistent with applicable law.
7. Data retention
We keep personal information for as long as needed to provide the Service and for legitimate business or legal purposes. Customer Data is retained according to the agency’s instructions and is deleted or returned after account termination as described in our Terms. Demo and enquiry data is kept only as long as necessary to follow up.
8. Security
We apply technical and organisational measures to protect personal information, including encryption in transit, access controls, per-branch data isolation and least-privilege permissions. See our Security page for more detail. No method of transmission or storage is 100% secure, but we work continuously to protect your data.
9. Your rights & choices
Depending on your location, you may have rights to access, correct, delete, restrict or object to the processing of your personal information, and to data portability. To exercise a right regarding data for which we are the controller, email privacy@brokleads.com. If your data sits inside an agency’s account, please contact that agency, and we will assist them as their processor. You can unsubscribe from marketing emails at any time via the link in the email.
10. Children
The Service is intended for businesses and is not directed to children under 18. We do not knowingly collect their personal information.
11. Changes to this Policy
We may update this Policy from time to time. Material changes will be posted here with a revised “Last updated” date and, where appropriate, additional notice.
12. Contact us
Questions about this Policy or your data can be sent to privacy@brokleads.com or hello@brokleads.com.