Legal
Security
Last updated July 2026
Secrets management
All credentials live in environment variables or a vault with least-privilege scopes — never in source, logs, or the client bundle.
Encryption
TLS everywhere in transit; sensitive fields such as phone numbers are encrypted at rest.
Access control
Role-based access gates campaigns and raw contact data. Sessions use secure, HTTP-only cookies.
Webhooks
Inbound webhooks (Twilio, email providers) are signature-verified before their payloads are trusted.
Reporting
Found an issue? Email security@leadskonnect.com — we respond quickly and credit responsible disclosure.
This is a template document for LeadsKonnect and not legal advice. Replace with counsel-reviewed text before launch.