LeadBoxOutreachLB

Trust and security at LeadBox

LeadBox is built for practical security, clear access boundaries, and permission-based email workflows.

LeadBox is designed to help small teams manage leads, permission-based email workflows, webforms, triggers, and related customer operations in a practical and controlled way.

We aim to operate LeadBox responsibly, keep access boundaries real, and use sensible safeguards for an early-stage B2B SaaS.

Operations team reviewing systems, access, and customer workflows together
What this page covers
This page gives a high-level overview of how LeadBox approaches:
  • security
  • access control
  • data handling
  • email/compliance safeguards
  • operational visibility
  • support and incident handling

Security approach

Authentication and account access
LeadBox uses Firebase Authentication for login and identity handling. Workspace roles are separated so owners, admins, and members can have different permissions.
Workspace boundaries
LeadBox is built around workspace-scoped data and permissions. Our goal is that users can only access the workspace data and actions they are authorized to access.
Billing and payment handling
LeadBox uses Stripe for subscription and payment handling. LeadBox does not store full payment card details itself.
Email and sending safeguards
LeadBox is intended for permission-based email workflows, with suppression handling, unsubscribe support, sender setup, and delivery-aware controls built in.
Logging and operational visibility
LeadBox uses structured backend error logging and request IDs so issues can be investigated without exposing raw technical details to customers.

Core infrastructure and providers

LeadBox uses established third-party providers for key parts of the service, including authentication, database hosting, frontend/backend hosting, billing, email delivery, and support.

LeadBox uses established third-party providers for key parts of the service, including authentication, database hosting, frontend/backend hosting, billing, email delivery, and support.

Using focused providers for core service areas helps keep the product practical, supportable, and easier to reason about at this stage.

Google Firebase / Google Cloud

MongoDB Atlas

Render

Vercel

Stripe

Postmark

Crisp

Customer responsibility

Customers are responsible for:

  • controlling who they invite into their workspace
  • using the product in compliance with applicable law
  • maintaining appropriate permission and lawful basis for contact data
  • using email and workflow features responsibly
  • reviewing sending, suppression, and compliance-related product signals before launch or use
Support and incident handling
LeadBox currently operates with a best-effort support model.

For major service-impacting problems, updates may be provided through:

  • email
  • in-app notices
  • support chat, where appropriate

What we do not currently claim

We prefer honest, narrower claims over inflated trust language.

SOC 2 certification

ISO 27001 certification

guaranteed uptime SLA

dedicated public status page

enterprise custom security review on demand

Questions?

If you have questions about trust, security, or support, contact:
support@getleadbox.net Contact us