LeadResponseAI

LEGAL

Privacy Policy

Last updated: 29 March 2026

1. Who we are

LeadResponseAI is a product of KJM Media Ltd, a company registered in England and Wales.

We act as the data controller for personal data collected through this website and through our AI-powered lead response platform. Where we process personal data on behalf of our customers (businesses using our platform), we act as a data processor.

2. What data we collect

We may collect and process the following categories of personal data:

  • Identity data: First name, last name, job title, company name.
  • Contact data: Email address, phone number (mobile and/or landline), postal address.
  • Communication data: SMS message content, voice call recordings and transcripts, opt-in and opt-out records.
  • Usage data: IP address, browser type, pages visited, time on site, referral source.
  • Marketing preferences: Record of consent to receive SMS and voice communications, and any opt-out requests.
  • Technical data: Device identifiers, cookies, and similar tracking technologies.

We collect this data directly from you (when you submit a form or email us), from our customers (when they upload lead data to our platform), and automatically via our website analytics tools.

3. How we use your data

We process personal data for the following purposes:

  • To deliver our AI lead response services (SMS and voice outreach) on behalf of our customers.
  • To respond to enquiries and provide customer support.
  • To operate and improve our platform and website.
  • To comply with legal obligations, including telecommunications regulations and data protection law.
  • To prevent fraud and ensure the security of our systems.
  • To send marketing communications where you have given consent or we have a legitimate interest.

Our legal bases for processing under UK GDPR are: consent, contract performance, legal obligation, and legitimate interests (specifically, the interest of operating an efficient and compliant lead response platform).

4. SMS consent and opt-out

Where our platform sends SMS messages on behalf of a customer, those messages are sent only to individuals whose contact information has been provided by the customer. Our customers are responsible for ensuring they have the necessary legal basis (such as prior consent or a legitimate interest) to contact their leads.

Every SMS we send includes a clear opt-out instruction (e.g. "Reply STOP to unsubscribe"). When an individual opts out, that number is immediately suppressed in our system and no further messages will be sent.

In the United Kingdom, we check the Telephone Preference Service (TPS) registry before sending any outbound SMS or voice communication to a UK number. Numbers registered with the TPS are excluded from outbound marketing communications unless the individual has given explicit consent to the specific organisation contacting them.

In the United States, all SMS traffic is sent via A2P 10DLC registered numbers, and we comply with TCPA requirements including clear disclosure, opt-out mechanisms, and time-of-day restrictions.

5. Voice AI and call disclosure

All outbound voice calls made by our AI are preceded by a clear disclosure that the caller is an AI assistant. This disclosure is provided at the start of every call, before any qualifying questions are asked. Call recordings may be made and retained in accordance with applicable telecommunications law and for quality assurance purposes.

6. Data sharing and third parties

We may share your personal data with:

  • Our platform customers — who have uploaded your contact details and on whose behalf we are operating.
  • Service providers — including cloud hosting providers, SMS gateway operators, voice AI infrastructure providers, and analytics tools. All such providers are subject to data processing agreements.
  • Regulators and law enforcement — where required by law or to protect our legal rights.

We do not sell personal data to third parties. We do not use personal data for profiling or automated decision-making that produces legal or similarly significant effects on individuals.

7. Data retention

We retain personal data for no longer than is necessary for the purposes for which it was collected. As a general guide:

  • Lead contact data: retained for the duration of the customer engagement plus 12 months.
  • Opt-out records: retained indefinitely to ensure suppression is maintained.
  • Call recordings and SMS transcripts: retained for up to 6 months, unless a longer period is required by law or the customer's instructions.
  • Website analytics data: retained for up to 26 months.

8. Your rights

Under UK GDPR, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Ask us to correct inaccurate or incomplete data.
  • Erasure: Ask us to delete your data (subject to legal exceptions).
  • Restriction: Ask us to pause processing of your data.
  • Objection: Object to processing based on legitimate interests.
  • Portability: Receive your data in a structured, machine-readable format.

To exercise any of these rights, contact us here. We will respond within 30 days. You also have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.

9. Cookies

This website uses cookies for analytics and to improve user experience. Essential cookies are necessary for the site to function. Analytics cookies are set only with your consent. You can manage your cookie preferences at any time.

10. International transfers

Where personal data is transferred outside the UK or EEA, we ensure appropriate safeguards are in place, such as standard contractual clauses approved by the UK ICO or equivalent mechanisms.

11. Changes to this policy

We may update this Privacy Policy from time to time. The latest version will always be available at this URL. Material changes will be notified to our customers via email.

12. Contact

For any privacy-related questions, contact us here.