Last updated: February 2026
LeadBlitz is operated by SH Applications Limited, a company registered in England and Wales, based in Woodley, Reading, Berkshire, UK.
Email: sh@shapplications.com
Your name, email address, and hashed password are collected when you register for an account.
Legal Basis: Contract — necessary to provide you with our services.
We retrieve publicly available business information (name, address, phone number, website, ratings) from the Google Places API based on your search queries.
Legal Basis: Legitimate Interest — processing publicly available business data to deliver our core service.
Our AI analyses publicly accessible websites to generate quality scores and improvement recommendations.
Legal Basis: Legitimate Interest — analysing public websites to provide actionable insights.
If you upload CSV files containing lead data, you remain the data controller and we act as a data processor. Your uploaded data is private to your account and can be deleted at any time.
Legal Basis: Contract — processing data you provide to deliver the service you requested.
All payment processing is handled by Stripe, which is PCI DSS compliant. We never store your full card number. We only retain payment confirmation details, Stripe customer ID, and the last 4 digits of your card for reference.
Legal Basis: Contract — necessary to process your purchases.
If you choose to use contact enrichment features, this is done via Hunter.io using your own API key. We do not store your Hunter.io API key beyond your encrypted settings.
If you send outreach messages through LeadBlitz, you are responsible for ensuring compliance with applicable regulations including PECR (UK), GDPR, and CAN-SPAM (US).
We collect basic usage data (pages visited, features used) to improve the service. We do not use any third-party tracking or analytics services.
We use the following third-party services to operate LeadBlitz:
| Service | Purpose | Notes |
|---|---|---|
| Google Places API | Business search & discovery | Public business data only |
| OpenAI | AI-powered website scoring | Data is NOT used to train models |
| Stripe | Payment processing | PCI DSS compliant |
| Twilio | SMS outreach | User-initiated only |
| Hunter.io | Contact enrichment | Uses your own API key |
| Replit | Application hosting | Infrastructure provider |
We do NOT sell, rent, or share your personal data with third parties for marketing purposes.
Under the UK and EU General Data Protection Regulation, you have the following rights:
To exercise any of these rights, contact us at sh@shapplications.com. We will respond within 30 days.
You also have the right to lodge a complaint with the Information Commissioner’s Office (ICO) at ico.org.uk.
We take the security of your data seriously and implement the following measures:
LeadBlitz uses essential cookies only for session management (keeping you logged in). We do not use any tracking or advertising cookies. Because we only use strictly necessary cookies, no consent banner is required.
LeadBlitz is hosted on Replit, whose infrastructure may involve processing in the United States. Where personal data is transferred outside the UK/EEA, we rely on Standard Contractual Clauses (SCCs) or adequacy decisions to ensure appropriate safeguards are in place.
LeadBlitz is a business tool designed for professionals. We do not knowingly collect personal data from anyone under the age of 18. If you believe a child has provided us with personal data, please contact us immediately.
We may update this Privacy Policy from time to time. For significant changes, we will notify you by email or through an in-app notification. We encourage you to review this page periodically.