Lead Compliance & Consent Policy | Prismique

General

Lead Compliance & Consent Policy


Last Updated: November 1, 2025


At Prismique Limited (“we”, “us”, “our”), we generate and supply leads to our clients using compliant data collection methods. We do not conduct telemarketing, do not operate calling services, and do not place outbound calls to consumers. This policy explains how we collect, verify, and manage consumer consent, how we manage opt-outs and DNC requests, and how we ensure compliance with relevant privacy and marketing regulations.

Role as a Lead Generation Provider

We operate strictly as a data and lead provider, not as a telemarketer.

This means:


• We do not make consumer phone calls.

• We do not send SMS messages to consumers.

• We do not hire call centers to contact consumers.

• We do not engage in telemarketing on our behalf or on behalf of clients.


All outbound communication with consumers (phone calls, SMS, emails, etc.) is performed exclusively by our clients and their authorized agents. Each client is responsible for ensuring that their communication practices comply with applicable laws and regulations.

How We Collect Consumer Leads

We collect consumer data only when the individual provides active, informed, and unambiguous consent.


Our lead collection methods include:


• Online forms on owned or controlled landing pages

• Partners or publishers delivering traffic to our landing pages

• Paid media campaigns (Google, Facebook, native, display, and similar)

• Compliance-checked third-party sources where explicit consent has been verified


Each consumer voluntarily submits their information, which may include:


• Name

• Phone number

• Email address

• Postal code / location

• Product or service preferences

• Additional qualifying information depending on the campaign


We do not scrape data, buy unverified lists, or use any non-consensual data collection methods.

Consent Requirements & Wording

All opt-in flows include clear disclosure of:


1. The purpose of data collection

2. The organizations (or categories of organizations) that may contact the consumer

3. The contact methods (phone calls, SMS, email)

4. A link to our Privacy Policy

5. A link to this Compliance & Consent Policy

6. A statement confirming that submitting the form constitutes express consent


Example wording used on our landing pages:


“By submitting this form, you agree to be contacted by our partners and service providers at the phone number and/or email you provided, including by phone or SMS. You also agree to our Privacy Policy and our Consent & Compliance Policy.”


We maintain internal logs of:


• The exact version of the consent text used at the time of submission

• The URL or landing page the consumer submitted from

• The timestamp of consent

• The consumer’s IP address

• Any referrer or partner source data

Verification & Fraud Prevention

We use industry-standard methods to ensure lead quality and consent integrity, which may include:


• Timestamp logging

• IP logging, user agent logging and geolocation verification

• Duplicate entry detection

• Phone number validation

• Third-party fraud detection and other bot filtering tools


We may reject, suppress, or block traffic sources that do not meet our compliance standards.

Do-Not-Call (DNC) & Opt-Out Handling

Even though we do not make phone calls, we maintain an internal suppression system to respect consumer choices.


Consumers may request:


• Removal from future lead generation

• Suppression of their data

• Deletion of previously submitted information


Upon receiving such a request:


• We add the number or email to our Internal Do-Not-Contact List

• We stop delivering that consumer’s information to any clients

• We delete or anonymize the data upon request, unless legally required to retain it

• We confirm the action to the consumer when appropriate


Clients are contractually required to:


• Maintain their own Do-Not-Call (DNC) lists

• Comply with CRTC, TCPA, GDPR, CASL, CPPA, and other applicable regulations

• Honor all consumer opt-out and deletion requests

Data Delivery to Clients

Lead data is delivered securely using one or more of the following:


• API

• Real-time postback

• Encrypted email

• Secure file transfer

• Encrypted storage platforms


Clients must accept, store, and process consumer data in accordance with:


• Their own privacy obligations

• Applicable telemarketing, privacy, and consumer protection laws

• Their contractual obligations with us


Once a lead is delivered to a client, that client assumes full responsibility for any outreach.

Regulatory Compliance

Although we are not a telemarketer and are therefore not required to register with the National Do Not Call List (DNCL) or equivalent telemarketing registries, we comply with relevant laws related to:


• Data privacy (GDPR, CPPA, PIPEDA, CCPA where applicable)

• Consumer consent

• Fair marketing practices

• Honest and transparent data collection

• Anti-spam rules (e.g., CASL)

• Data retention and security standards


We expect all clients and partners to comply with their respective obligations regarding telemarketing and consumer communication.

Protection of Consumer Data

We take privacy and security seriously. Our data protection practices include:


• Encryption of data in transit

• Secure servers and controlled access

• Limited retention of personal data

• Internal access logs and user permissions

• Regular review of data handling processes

• Rapid response to any security concerns or incidents

How Consumers Can Opt Out or Request Deletion

Consumers may contact us at compliance@prismique.com


Requests may include:


• Opt-out from being shared with clients

• Correction of stored data

• Complete deletion of their information

• Questions or concerns about how their data was collected


We aim to respond to all requests within 15 business days.

Client Responsibilities

All clients receiving leads from us must:


1. Comply with all laws governing their communications with consumers

2. Use purchased or supplied leads in accordance with the consent provided

3. Maintain their own telemarketing registrations (DNCL, CRTC, etc.)

4. Observe all Do-Not-Call and Do-Not-Contact rules

5. Maintain accurate logs of calls and consumer communications

6. Honor all consumer opt-out or suppression requests

7. Not share or resell lead data without our written consent


Failure to comply may result in suspension or termination of the client relationship.

Updates to This Policy

We may update this policy from time to time to reflect changes in:


• Regulations

• Industry best practices

• Our internal processes

• Our products and services


The date at the top of this page will always show the latest version.

Contact Information

For any questions about this policy or our compliance practices, please contact:


Compliance @ Prismique Limited

Email: compliance@prismique.com

Address: PRISMIQUE LIMITED, 128 City Road, London, EC1V 2NX, United Kingdom