How Octanist Keeps Your Lead Data Secure

At Octanist, security, safety, and compliance are top priorities. We highly value the privacy of both the leads you collect and the users on our platform. In this article, we explain the key principles behind how we handle data and maintain security at Octanist.

Octanist's DPA outlines how we process personal data securely and responsibly on behalf of our clients. It complies with the GDPR and ensures that data is only processed based on the client's clear instructions. The agreement details what types of data are involved, who the data belongs to, and why it’s being processed. We never share data with third parties unless legally required or explicitly approved by the client. We are committed to confidentiality and data protection, and if any data is processed outside the EU, it will only happen with prior permission. The agreement remains active until all personal data is either returned or securely deleted.

All personal data managed under the DPA is securely stored on servers located in Germany, within the European Union. We use Hetzner Online GmbH as our hosting provider—a trusted company certified with ISO 27001 and other security standards. This means your data is protected according to strict EU privacy laws, including the GDPR.

Only the people you explicitly grant access to within your Octanist account can view your collected leads. Not even Octanist employees have access to this data.

In rare, exceptional cases, a single authorized Octanist engineer may access the database, but only to resolve urgent technical issues. For example, if a user forgets their password or if an account is compromised, limited access may be required to fix the issue quickly and safely.

Lead data collected in Octanist never leaves our platform. We do not send email addresses, names, phone numbers, or any other personally identifiable information (PII) to advertising or analytics platforms.

Instead, we only use anonymous click identifiers (Click IDs) to link a user’s action (offline) back to an ad click (online). This means it’s not necessary to send personal data to ad platforms in order to track conversions.

Even though platforms like Google and Meta encourage businesses to send First-Party Data (e.g., through Enhanced Conversions), Octanist does not participate in that. Your users’ personal data stays private and secure within Octanist.

Before you start using Octanist, your company must accept our Data Processing Agreement (DPA). This ensures you're fully informed about how we handle personal data, as explained in both the DPA and this blog post.