Data Compliance

The Lead Forensics Product

The Lead Forensics product is a market-leading B2B sales and marketing enablement tool. SaaS (Software as a Service) provides businesses with insight into website visitors. Lead Forensics works based on reverse business IP tracking. A small tracking code is placed on a business website, enabling it to identify website visitors’ business IP addresses. Lead Forensics matches the identified business IP address to a wholly-owned global database of businesses and business information. Lead Forensics customers also can implement a cookie alongside the code to enhance the software’s tracking capabilities.

The Lead Forensics software is almost entirely focused on leveraging business-related information to effectively match a business IP address with broader business data to provide valuable business-related visitor information to our customers. Lead Forensics does not identify any personal IP addresses, mobile devices or any other data than that associated with the business.

Contact Data

An additional feature of Lead Forensics, aside from the primary solution, is to provide customers with the contact information of key decision-makers at the organisations that have proactively visited the company website. As this information contains details including first name, last name, email address and LinkedIn profile, this aspect of Lead Forensics constitutes the processing of personal data and, therefore, is required to comply with UK GDPR.

Lead Forensics will only ever collect business IP addresses, which are then matched to a business profile; from there, Lead Forensics offers customers the opportunity to purchase the contact details of relevant decision-makers within the matched business. The data available will only relate to decision-makers at the organisations that have pro-actively visited a customer’s website; in this regard, it is anticipated that the Lead Forensics customer base will leverage this data under the lawful basis of ‘Legitimate Interests’. It is expected that Lead Forensics customers will select the most appropriate point of contact from the data provided by Lead Forensics to convey a highly relevant, targeted message either by email, telephone or by post to the business address and the point of contact. Any correspondence will be based upon their likely interest in the organisation’s product or service following their visit to its website.

Lead Forensics will only process necessary personal data, limited to first name, last name, LinkedIn profile URL and email address. Lead Forensics will process further business-related data such as business IP, business name, job function and business telephone numbers. No sensitive personal data will be collected or processed in any way.

Lead Forensics customers can use Lead Forensics without leveraging contact data. If a customer opts to use the contact data feature of Lead Forensics, it is deemed that this will be leveraged under the lawful basis of ‘Legitimate Interests’; however, the customer will be responsible for ensuring the data used is processed within their business in a method that is compliant with UK GDPR – each customer will be responsible for conducting their due diligence checks and producing their policies as applicable to their business.

Legitimate Interest Assessment (LIA)

Lead Forensics has carried out a Legitimate Interest Assessment (LIA) as advised by the ICO. Based upon that assessment, it is deemed that the rights and freedoms of the data subjects would not be overridden in our processing of the personal data. In no way would a data subject be caused harm by the Lead Forensics processing. Based upon our segmentation by the organisation and by specific job function, coupled with our processing of personal data within the context of a business environment, it is deemed that any data processing will be limited to business matters and, therefore, any risk of personal compromise is improbable. It is also believed that direct marketing and sales are necessary for following up with website visitors to serve visitors better and generate business sales.

Per the ICO guidance, Lead Forensics can confirm:

We have checked that legitimate interests are the most appropriate basis.
We understand our responsibility to protect the individual’s interests.
We have conducted a Legitimate Interests Assessment (LIA) and kept a record of it to ensure that we can justify our decision.
We have identified the relevant legitimate interests.
We have checked that the processing is necessary and there is no less intrusive way to achieve the same result.
We have done a balancing test and are confident that the individual’s interests do not override those legitimate interests.
We only use individual’s data in ways they would reasonably expect.
We are not using people’s data in ways they would find intrusive or which could cause them harm.
We do not process the data of children.
We have considered safeguards to reduce the impact where possible.
We will always ensure there is an opt-out/ability to object.
Our LIA did not identify a significant privacy impact, and therefore we do not require a DPIA.
We keep our LIA under review every six months and will repeat it if circumstances change.
We include information about our legitimate interests in our privacy notice.

Personal Data

Lead Forensics collection and processing of personal data is limited to:

First name
Last name
Email address
LinkedIn profile URL

Lead Forensics procures this personal data in the following ways:

Primary research – Lead Forensics has a UK-based in-house team who gathers data relating to critical decision-makers at organisations from publicly available sources, including each business’s website.
Secondary research – Lead Forensics has a UK-based in-house team who uses publicly available sources to gather information relating to key decision-makers, including the Directors’ Register at Companies House, Dun & Bradstreet, Duedil and LinkedIn.
Purchase – Lead Forensics purchases data from selected third-party data vendors with key segmentation criteria to ensure that only decision-makers from registered businesses are procured. All third-party data vendors have been checked for UK GDPR compliance to confirm the validity and accuracy of data.

Lead Forensics also uses automated scripts and algorithms to collect, process and validate both business data and the personal data detailed above. These automated processes are subject to the same compliance checks as all manual processes.

How we Ensure Data Validity and Currency

Lead Forensics has a UK-based in-house data verification team responsible for ensuring the validity and currency of the data contained within the Lead Forensics solution. The team continually cleanse the data held within the Lead Forensics software, completing an entire cleanse cycle of both business and personal data at least once every 12 months. Any out-of-date records are placed into a deletion queue that is securely purged four times in 12 months.

The data verification team uses manual methods and automated scripts and algorithms via an extensive multi-staged process to ensure the maximum validity and currency of data. Lead Forensics takes data cleansing exceptionally seriously, providing a highly compliant and high calibre solution for all Lead Forensics customers.

This policy was last reviewed on the 13th of June 2022

Our Ref: DC.004 LF Product Data Compliance Policy v5.0 13.06.22

For questions relating to this policy, please get in touch with:
data-compliance@leadforensics.com

Cookie	Duration	Description
AWSALBCORS	7 days	This cookie is managed by Amazon Web Services and is used for load balancing.
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__zlcmid	1 year	__zlcmid is a cookie set by Zopim to help identify a user's chat session between page loads.
bcookie	2 years	LinkedIn sets this cookie from LinkedIn share buttons and ad tags to recognize browser ID.
bscookie	2 years	LinkedIn sets this cookie to store performed actions on the website.
lang	session	LinkedIn sets this cookie to remember a user's language setting.
lidc	1 day	LinkedIn sets the lidc cookie to facilitate data center selection.
UserMatchHistory	1 month	LinkedIn sets this cookie for LinkedIn Ads ID syncing.

Cookie	Duration	Description
__gtm_campaign_url	session	This cookie is used to collect campaign information from the referring URL, used to improve campaign relevance.
__gtm_referrer	session	This cookie is used to identify and store the referring URL to improve the quality of campaigns.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_M827Q9YV22	2 years	This cookie is installed by Google Analytics.
_gat_UA-22580480-1	1 minute	A variation of the _gat cookie set by Google Analytics and Google Tag Manager to allow website owners to track visitor behaviour and measure site performance. The pattern element in the name contains the unique identity number of the account or website it relates to.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_session_id	14 days	Cookie set by G2 to store the visitor’s navigation by recording the landing pages. This allows the website to present products and indicate the efficiency of the website.
Hotjar	1 year	In order to process data about your visit to a website, Hotjar stores first-party cookies on your browser.
lfuuid	9 years 8 months 7 days 9 hours	This cookie is used to store information on user preferences, to provide offers that are targeted to individual interests.
site_identity	1000 days	This cookie is set when the email recipient clicks through a Live Web Tracking tracked link. This cookie is for scout.salesloft.com. We do this to allow multi-site tracking.
sli_token	30 days	This cookie is set when the email recipient clicks through a Live Web Tracking tracked link.
sliguid	12 months	This cookie provides an anonymous user identifier across multiple requests.
slireg	7 days	This cookie identifies the Salesloft server region that the Team’s data is on.
slirequested	12 months	Once the sliguid cookie has been confirmed against a central server, this cookie is set for every request that comes in.
Unbounce	Session	Cookies to track page stats and attribute a conversion event back to a specific page using the page ID and variant letter. Unbounce cookies do not store any personally identifiable information and cannot be used to identify an individual based on the information stored in them directly.
undefined	never	Wistia sets this cookie to collect data on visitor interaction with the website's video-content, to make the website's video-content more relevant for the visitor.

Cookie	Duration	Description
_fbp	3 months	This cookie is set by Facebook to display advertisements when either on Facebook or on a digital platform powered by Facebook advertising, after visiting the website.
fr	3 months	Facebook sets this cookie to show relevant advertisements to users by tracking user behaviour across the web, on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
NextRoll	13 months	NextRoll cookies are being used for the purpose of advertising.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
AnalyticsSyncHistory	1 month	No description
li_gc	2 years	No description
loglevel	never	No description available.
zte2095	session	No description

Data Compliance

The Lead Forensics Product

Contact Data

Legitimate Interest Assessment (LIA)

Personal Data

How we Ensure Data Validity and Currency

This policy was last reviewed on the 13th of June 2022

Start your website demand capture now

Speak to an expert

Product

Customers

Resources

About Us

Get a demo