Legal
Last updated: March 2026
Zero cookies on first load. First-party analytics only. No third-party tracking pixels. No data sales. No AI training on your data. Ever.
When you visit our website, we collect anonymous usage data through privacy-respecting first-party analytics — no cookies required. When you use LEAPCortex or other LEAPWare products, your knowledge objects and agent interactions are your data, isolated at the database level, encrypted, and never used to train AI models. We do not sell, rent, or share your personal data with third parties for their marketing or any other purpose.
LEAPWare ("we," "us") operates leapware.ai and the LEAP product family (LEAPCortex, LEAPControl, LEAPHive, LEAPCrew, LEAPForge, LEAPCapital). This policy covers all LEAPWare web properties and products.
Anonymous page view data through privacy-respecting, cookieless first-party analytics (Plausible or equivalent). No personal identifiers. No IP address storage. No cross-site tracking. No cookies placed without explicit consent.
Name, email address, subject, and message content. Stored only for the purpose of responding to your inquiry. Not added to marketing lists without explicit opt-in.
Account data: Name, email, organization name, billing information. Necessary to provide the service.
Knowledge objects: The nine typed objects you create (Specifications, Decisions, Procedures, Event Records, Metric Definitions, Entities, Threads, Templates, Experiential Knowledge). This is your data. We process it only to provide the service. We do not access, read, or analyze your knowledge objects except as necessary for technical support at your explicit request.
Agent interaction data: VIRT actions, tool calls, and inter-agent communications within your instance. Logged for audit trail purposes within your tenant. Not accessible to LEAPWare staff without your authorization.
Operational metadata: Anonymized system telemetry (response times, error rates, feature usage counts). Contains no tenant-identifying information. Used to maintain and improve service reliability.
Provide, operate, and maintain the Services. Respond to support requests and inquiries. Send service-related communications (outage notifications, security alerts, billing). Analyze aggregate, anonymized usage patterns to improve product quality. Comply with legal obligations.
We do not: Sell personal data. Share personal data with third parties for marketing. Use customer knowledge objects or agent data to train, fine-tune, or improve AI models. Serve targeted advertising. Build behavioral profiles for purposes other than providing the service.
Each customer's data lives in a dedicated database schema — structurally isolated from every other tenant. Your VIRT agents can only access knowledge within your instance's governed scope. Full isolation architecture described at leapware.ai/security.
First load: Zero cookies. No tracking scripts. No pixels.
After authentication: Essential session cookies only (authentication, CSRF protection). Strictly necessary for product operation.
Non-essential cookies: Require explicit opt-in via a consent mechanism. You can use every LEAPWare product with non-essential cookies disabled.
LEAPWare uses cloud infrastructure providers for hosting and LLM providers for AI inference. These providers process data under data processing agreements with contractual privacy obligations. We do not send identifiable customer data to analytics services, advertising platforms, or data brokers.
Active accounts: Data retained for the duration of subscription plus 30-day recovery window after cancellation.
Post-cancellation: All customer data permanently deleted within 60 days of the recovery window, including backups.
Contact form submissions: Retained for 12 months, then deleted.
Analytics data: Anonymized and aggregated. No individual-level retention.
Under GDPR (EU), CCPA (California), and other applicable privacy laws, you have the right to:
To exercise any right: operations@leapware.ai. We respond within 30 days (GDPR) or 45 days (CCPA).
LEAPWare processes data in the United States. If you are located outside the US, your data is transferred to the US for processing. We ensure appropriate safeguards through standard contractual clauses and data processing agreements.
LEAPWare Services are not directed to individuals under 16. We do not knowingly collect personal data from children. If we become aware of such collection, the data is deleted immediately.
Material changes are communicated at least 30 days in advance via email and a notice on our website. The "last updated" date at the top reflects the most recent revision.
Data protection inquiries: operations@leapware.ai
LEAPWare is the data controller for personal data collected through our website and services.