Skip to content

Privacy Policy

Last updated: May 2026

This Privacy Policy explains how SalesLeak.io collects, uses, and protects personal data. SalesLeak operates as both a data controller (for merchant account data) and a data processor (for shopper data collected on behalf of merchants).

1. Who we are

SalesLeak.io is an exit intelligence platform for ecommerce merchants. Our servers are located in the United States and Singapore.

2. Data we collect

Merchant account data (data we control):

  • Name, email address, store name, store URL
  • Billing information processed by Stripe — we never store card details directly
  • Account activity and usage data
  • Plan and billing history

Shopper data (data we process on behalf of merchants):

  • Open-text responses submitted through the exit widget
  • The product page URL where the response was submitted
  • Approximate timestamp of submission
  • A session identifier to prevent duplicate widget displays

We do not collect shopper names, email addresses, IP addresses, or any personally identifiable information through the widget.

3. How we use your data

Merchant data:

  • To provide and maintain your SalesLeak account
  • To process billing and send invoices
  • To send account and service emails via Sender
  • To provide customer support

Shopper data:

  • To classify responses into friction themes using OpenAI’s API
  • To calculate estimated sales at risk per friction theme
  • To generate fix recommendations
  • To display results in your SalesLeak dashboard

4. Third party services

We use the following third party services that may process your data:

Stripe — payment processing. Stripe is PCI DSS compliant. Their privacy policy is available at stripe.com/privacy.

OpenAI — AI classification of shopper responses. Response text is sent to OpenAI’s API for processing. OpenAI does not use API data to train its models. Their privacy policy is available at openai.com/privacy.

Sender — transactional and marketing email delivery. Their privacy policy is available at sender.net/privacy.

Google Analytics — website analytics on our marketing site and dashboard. Anonymised usage data only. Their privacy policy is available at policies.google.com/privacy.

Hotjar — session recording and behaviour analytics on our marketing site. Their privacy policy is available at hotjar.com/legal/policies/privacy.

Vercel — hosting and infrastructure. Servers located in the United States. Their privacy policy is available at vercel.com/legal/privacy-policy.

5. Data storage and security

Your data is stored on servers in the United States and Singapore. We use industry standard encryption in transit (HTTPS/TLS) and at rest. Access to production data is restricted to authorised personnel only.

6. Data retention

Merchant account data is retained for the duration of your account plus 90 days after cancellation. Shopper response data follows the same retention schedule tied to your account. After the retention period all data is permanently deleted.

7. Your rights

Depending on your location you may have the right to access, correct, or delete your personal data. You may also have the right to object to processing or request data portability. To exercise any of these rights contact us at privacy@salesleak.io. We will respond within 30 days.

GDPR: If you are located in the European Economic Area or United Kingdom you have rights under the General Data Protection Regulation including the right to lodge a complaint with your local supervisory authority.

CCPA: If you are a California resident you have rights under the California Consumer Privacy Act including the right to know what personal information we collect and the right to request deletion.

8. Cookies

Please see our Cookie Policy below for full details of the cookies we use.

9. Children

SalesLeak is not directed at children under 18. We do not knowingly collect data from anyone under 18.

10. Changes to this policy

We may update this Privacy Policy from time to time. We will notify you by email of any material changes. The updated policy will be effective from the date shown at the top of this page.

11. Contact

For privacy related questions contact us at privacy@salesleak.io