Skip to main content

Privacy Policy

Last updated: April 1, 2026

WeLead Lab ("we," "us," or "our") operates the website at weleadlab.com and provides AI-powered advertising management services. This Privacy Policy explains how we collect, use, disclose, and protect your personal information when you use our website or services. By using our website or services, you agree to the terms of this policy.

1. Information We Collect

Information You Provide Directly

  • Contact information: Name, email address, and business information provided through our contact form or discovery call booking.
  • Account information: Business name, billing address, and payment information when you subscribe to a plan.
  • Ad account access: OAuth tokens and API credentials for ad platforms you authorize us to manage (Facebook/Meta, Google, Reddit, TikTok).
  • Communications: Messages, emails, and call recordings (with consent) from our support interactions.

Information Collected Automatically

  • Usage data: Pages visited, time spent, referral sources, and interaction patterns on our website.
  • Device information: IP address, browser type, operating system, and device identifiers.
  • Cookies and tracking: We use essential cookies for site functionality and analytics cookies to understand usage. See our Cookie section below.

Information from Third Parties

  • Ad platform data: Campaign performance metrics, audience data, and billing data provided by the ad platforms we manage on your behalf.
  • Payment processors: Transaction confirmations from Stripe and similar processors (we never store full card numbers).

2. How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our AI advertising management services
  • Set up and configure AI agents for your ad accounts
  • Send performance reports and service communications
  • Process billing and manage your subscription
  • Respond to support requests and inquiries
  • Analyze website usage to improve our marketing and product
  • Comply with legal obligations

We do not sell your personal information or ad account data to third parties. We do not use your ad campaign data to train our AI models for other clients.

3. Third-Party Services

We integrate with or use the following third-party services, each with their own privacy policies:

  • Meta (Facebook): For managing Facebook and Instagram ad campaigns on your behalf.
  • Google: For managing Google Maps and Local Services Ads.
  • Reddit: For managing Reddit advertising campaigns.
  • TikTok: For managing TikTok advertising campaigns.
  • Stripe: Payment processing. Subject to Stripe's Privacy Policy.
  • Cal.com: Meeting scheduling. Subject to Cal.com's Privacy Policy.
  • Cloudflare: Website hosting, performance, and security. Subject to Cloudflare's Privacy Policy.

4. Your Rights (GDPR / CCPA)

For EEA and UK Residents (GDPR)

If you are located in the European Economic Area or United Kingdom, you have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate personal data.
  • Erasure: Request deletion of your personal data ("right to be forgotten").
  • Portability: Receive your data in a structured, machine-readable format.
  • Objection: Object to processing based on legitimate interests or for direct marketing.
  • Restriction: Request that we restrict processing of your data in certain circumstances.

For California Residents (CCPA)

California residents have the right to:

  • Know what personal information we collect, use, disclose, and sell.
  • Delete personal information we hold about you.
  • Opt out of the sale of personal information (we do not sell personal information).
  • Non-discrimination for exercising your privacy rights.

To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.

5. Data Security

We implement industry-standard security measures to protect your information, including:

  • TLS/HTTPS encryption for all data in transit
  • Encryption at rest for sensitive data including ad platform tokens
  • Access controls limiting employee access to client data on a need-to-know basis
  • Regular security reviews of our systems and third-party integrations
  • Secure credential storage — we never store ad platform passwords, only OAuth tokens

No method of electronic transmission or storage is 100% secure. While we use commercially reasonable measures to protect your data, we cannot guarantee absolute security. If you discover a security vulnerability, please contact us at [email protected].

6. Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. When you cancel your subscription, we retain performance data and account records for 90 days before deletion, giving you time to export any data you need. Ad platform access tokens are revoked immediately upon subscription cancellation.

7. Contact

Questions about this Privacy Policy or our data practices? Contact us at:

We may update this Privacy Policy from time to time. We will notify active subscribers of material changes by email and update the "Last updated" date at the top of this page.