Privacy Policy

Last Updated: October 5, 2025

1. Introduction

Nicto LLC, an Ohio limited liability company ("we," "us," "our," or "LeadBehavior"), operates the LeadBehavior.com website and associated services (the "Service"). The Service helps advertisers analyze their website traffic, detect bot-initiated interactions, and correct conversion values in third-party advertising platforms.

This Privacy Policy describes how we collect, use, and disclose information.

2. Definitions and Roles

Clients: Businesses that subscribe to and use our Service on their websites.
End Users: Individuals who visit or interact with our Clients’ websites.
Personal Data: Any information that relates to an identified or identifiable individual. We process data in two distinct capacities:
Data Controller (or Business): We are the Data Controller for information collected directly from Clients to manage their accounts (e.g., registration and billing information) and for information collected from visitors to our own website (LeadBehavior.com).
Data Processor (or Service Provider): We are the Data Processor for information concerning End Users collected on a Client's website. The Client is the Data Controller for this data. We process this data strictly on the Client’s behalf and according to their instructions. If you are an End User, the privacy policy of the website you visited (our Client) governs the collection and use of your data.

3. Information We Collect

A. Information Collected from Clients and Website Visitors (As Data Controller)

Account Information: Name, company name, email address, phone number, and credentials.
Billing Information: Billing details processed by our third-party processor (e.g., Stripe). We do not store full payment card information.
Usage Data: Information about how Clients interact with our dashboard and configure the Service.
Marketing and Tracking Data: When you visit LeadBehavior.com, we use cookies, web beacons, and similar technologies to analyze trends, administer the website, track users' movements, and gather demographic information. This includes data used for advertising and retargeting purposes.

B. Information Collected about End Users (As Data Processor)

To analyze traffic and detect bot activity on behalf of our Clients, we collect:

Behavioral Data: Information regarding the End User's interaction with the Client's website, such as mouse movements, scrolling patterns, interaction speed, and typing cadence.
Technical Identifiers: IP addresses, browser type, operating system, user agent strings, device fingerprints, and referring URLs.
Third-Party Signals: Scores and data received from integrated anti-bot services.
Interaction Content: To determine if a lead event was initiated by a bot, our systems may analyze the data submitted during that interaction (e.g., form content or chat logs). We endeavor to process this data using automated systems designed to minimize unnecessary exposure.

4. How We Use Information

To Provide the Service: We process End User data to detect bot activity and update conversion values on third-party advertising platforms (e.g., Google Ads, Meta Ads) as directed by the Client.
To Maintain and Improve: We use aggregated and anonymized data to improve our bot detection algorithms.
To Communicate: We use Client information for customer support and administrative messages.
For Marketing and Advertising: We use data collected on LeadBehavior.com to market our services. This includes partnering with third-party advertising networks (e.g., Google Ads, Meta Ads) to display targeted advertisements (retargeting) to individuals who have previously visited our website. We may also use aggregated and anonymized Service usage statistics for promotional purposes.
For Security and Compliance: To protect the security of our Service and comply with legal obligations.

5. PROHIBITION ON SENSITIVE DATA (HIPAA and Legal Privilege)

We recognize that Clients in regulated industries, such as healthcare or legal services, handle highly sensitive information.

LeadBehavior is NOT designed, intended, or authorized to process Protected Health Information (PHI) under HIPAA, privileged attorney-client communications, or other highly sensitive personal information.

It is the Client's sole responsibility to ensure that such sensitive information is not transmitted to LeadBehavior. Clients must configure their systems to prevent the transmission of this data to our Service. Nicto LLC explicitly disclaims any role as a Business Associate under HIPAA and will not execute Business Associate Agreements (BAAs).

We do not sell Personal Data processed on behalf of our Clients. We disclose information in the following circumstances:

Service Providers: We use third-party providers for services such as hosting, payment processing, analytics, and advertising support.
Advertising Platforms (Service Delivery): We transmit conversion correction signals to advertising platforms as directed by the Client and as necessary to provide the Service.
Advertising Platforms (Marketing): We share information with advertising partners to facilitate the marketing of our own Service (e.g., retargeting).
Legal Compliance: We may disclose information if required by law, regulation, or legal process.
Business Transfers: In the event of a merger, acquisition, or sale of assets, information may be transferred.

7. Data Security

We endeavor to implement commercially reasonable administrative, technical, and physical safeguards designed to protect the information we process against unauthorized access, use, or disclosure. However, no method of electronic storage or transmission is 100% secure, and we cannot guarantee absolute security.

8. Data Retention

We retain Client account information as necessary to provide the Service and comply with legal obligations. We retain End User data processed on behalf of Clients for a limited period sufficient to perform the analysis and provide reporting, after which it is deleted or anonymized.

9. International Data Transfers

Nicto LLC is based in the United States. Information we collect may be transferred to, processed, and stored in the United States, which may have data protection laws that are different from those of your jurisdiction. We take commercially reasonable steps to ensure that international data transfers comply with applicable laws. When acting as a Data Processor for data originating from jurisdictions with specific transfer requirements (such as the EU/UK), the mechanisms for international transfers are typically outlined in a Data Processing Addendum (DPA) with the Client (Data Controller).

10. Your Data Rights

Clients and Website Visitors: You may access, update, or correct your account information. You can manage cookie preferences through your browser settings and opt out of certain targeted advertising via industry platforms (e.g., the Digital Advertising Alliance).
End Users: As a Data Processor, LeadBehavior has no direct relationship with End Users. An End User who seeks to exercise their privacy rights (e.g., access, deletion) should direct their query to the Client (the Data Controller).

11. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by updating the "Last Updated" date on this page.

12. Contact Us

If you have any questions about this Privacy Policy, please contact us:

Nicto LLC Email: [email protected] State of Operation: Ohio, USA

Privacy Policy ​

1. Introduction ​

2. Definitions and Roles ​

3. Information We Collect ​

A. Information Collected from Clients and Website Visitors (As Data Controller) ​

B. Information Collected about End Users (As Data Processor) ​

4. How We Use Information ​

5. PROHIBITION ON SENSITIVE DATA (HIPAA and Legal Privilege) ​

6. How We Share and Disclose Information ​

7. Data Security ​

8. Data Retention ​

9. International Data Transfers ​

10. Your Data Rights ​

11. Changes to this Privacy Policy ​

12. Contact Us ​