Privacy Policy

Last updated: May 08, 2026

Turnkey Leads is a product operated by Alpha Apps, LLC (“Alpha Apps,” “Company,” “we,” “us,” or “our”). This Privacy Policy explains how we collect, use, disclose, retain, and protect personal information when people visit https://www.turnkeyleads.com, use the Turnkey Leads application, interact with Turnkey Leads communications, or submit information through Turnkey Leads lead-capture experiences.

Turnkey Leads helps real estate professionals approve, run, and manage marketing services and related lead workflows. The service includes account authentication, AI-assisted setup and operations, paid-media campaign management, lead capture and routing, SMS and email communications, billing, support, and compliance records.

Who This Policy Covers

This policy applies to:

  • real estate professionals and team members who create or use a Turnkey Leads account;
  • people who visit our websites or landing pages;
  • prospects, leads, homeowners, buyers, sellers, or other contacts whose information is submitted through a Turnkey Leads form, campaign, integration, forwarded email, or customer-directed workflow;
  • people who communicate with Turnkey Leads by web, SMS, email, phone, support request, or another channel.

In this policy, “personal information” or “Personal Data” means information that identifies, relates to, describes, or can reasonably be linked to an individual.

Information We Collect

Account and User Information

When a person creates, verifies, accesses, or manages a Turnkey Leads account, we may collect:

  • name, email address, mobile phone number, business name, role, and team information;
  • account, Tenant, Organization, and role identifiers;
  • verification status for email and phone channels;
  • sign-in, session, account recovery, security, and device information;
  • support requests, preferences, and account-setting changes.

Turnkey Leads uses passwordless authentication. Signup and sign-in flows may ask for email and mobile phone information so we can verify channel ownership and protect account access.

Service Setup, Approval, and Business Information

When a customer configures or approves a Turnkey Leads service, we may collect:

  • business profile and real-estate operating details;
  • target areas, campaign preferences, budgets, approved service parameters, and service history;
  • creative approvals, approval timestamps, approver identity, and related audit evidence;
  • billing contact information, payment status, Stripe customer identifiers, charge metadata, service-ledger records, invoices, credits, refunds, and disputes.

We do not collect or store raw payment card numbers. Payment-method collection is handled by payment processors such as Stripe.

Lead, Prospect, Capture, and Attribution Information

Turnkey Leads may collect information about leads, prospects, or other contacts through customer-approved campaigns, platform-owned landing pages, customer websites, embedded forms, forwarded emails, integrations, APIs, or other customer-directed workflows. This may include:

  • name, email address, phone number, property address, location, real-estate interests, timeline, budget range, property preferences, source, and message content;
  • campaign, landing-page, referral, advertising, provider, click/session, source, or ingestion evidence;
  • consent, revocation, suppression, do-not-contact, and outreach eligibility evidence;
  • routing, ownership, assignment, quarantine, deduplication, fraud, and compliance-review information.

Visitor-provided values are treated as claims until validated through trusted source, attribution, consent, or review processes. A submitted form field, URL parameter, forwarded message, or partner payload does not by itself decide lead ownership, outreach eligibility, or permission to share personal information.

Communications and AI Interactions

Turnkey Leads may process communications through web chat, SMS, email, support tickets, forwarded email, and other channels. This may include message content, conversation history, timestamps, channel identifiers, delivery status, routing metadata, approval records, and AI-generated drafts or actions.

Turnkey Leads uses SMS and email both for account/security workflows and, where separately permitted, for customer-approved service workflows. Consent and eligibility are handled by channel, purpose, seller or sender, recipient, disclosure version, and evidence package. Consent for one channel or purpose does not imply consent for another.

Usage Data, Cookies, and Similar Technologies

We may collect Usage Data automatically, such as IP address, browser type, device type, operating system, referring URLs, pages viewed, time spent, events, diagnostics, and approximate location derived from technical signals.

We use cookies, pixels, web beacons, local storage, and similar technologies to operate the site, remember preferences, secure sessions, measure performance, understand traffic, and support advertising or retargeting where permitted. You can usually configure your browser to reject or delete cookies, but some service features may not work correctly without them.

We may use tools such as Google Analytics, Google Ads, Meta/Facebook Pixel, or similar services to measure traffic and improve marketing. These tools may process web identifiers and browsing events. We do not use SMS authentication mobile numbers, SMS authentication consent records, phone-verification status, or SMS opt-in/opt-out data to build advertising profiles, target advertising, or send marketing text messages.

How We Use Information

We use personal information to:

  • create, verify, secure, and manage accounts;
  • provide passwordless sign-in, phone verification, email verification, account recovery, and support;
  • operate Turnkey Leads services, including AI-assisted setup, campaign proposal, approval, paid-media execution, lead capture, routing, attribution, reporting, and customer support;
  • process payments, invoices, refunds, disputes, service credits, and billing records;
  • validate capture sources, deduplicate records, detect fraud or abuse, enforce suppression, and decide outreach eligibility;
  • communicate with users, customers, prospects, leads, and support contacts where permitted by law and by our records;
  • provide transactional, administrative, legal, security, and service-related notices;
  • measure and improve site performance, product experience, support, campaign effectiveness, security, and reliability;
  • enforce our Terms of Service, contracts, policies, legal rights, and operational controls;
  • comply with carrier, platform, advertising, real-estate, payment, privacy, tax, audit, and other legal or contractual obligations.

We may send marketing emails where permitted and with required unsubscribe controls. We do not treat account signup, phone verification, email verification, or SMS authentication consent as consent for marketing SMS or unrelated customer-contact SMS.

Lead Routing and Sharing With Real Estate Professionals

Turnkey Leads may disclose lead or prospect information to a real estate professional, team, brokerage, customer Organization, or other recipient when the disclosure is supported by the relevant capture flow, customer-approved service, attribution evidence, consent or legal basis, and Turnkey Leads routing policy.

Lead ownership and routing are not decided solely by geography. Multiple customers may participate in the same market or target area. Paid-campaign leads are routed based on trusted attribution evidence, such as the customer-approved campaign or provider evidence that caused Turnkey Leads to incur the relevant paid-media activity. Customer-ingested leads are routed based on the authenticated or configured customer source. Unattributed or conflicting submissions may be rejected, quarantined, deduplicated, parked for review, or routed according to a documented policy.

Before disclosing personal information for outreach or export, Turnkey Leads may evaluate consent, suppression, source, ownership, jurisdiction, evidence, and recipient lineage. We retain recipient-lineage records where needed to support deletion, correction, revocation, suppression, legal-hold, and audit workflows.

Sharing With Service Providers and Other Parties

We may disclose personal information to:

  • service providers and processors that host, secure, monitor, analyze, support, or operate the service;
  • communications providers, email providers, SMS providers, carriers, webhook processors, and deliverability vendors;
  • payment processors, billing systems, fraud-prevention providers, and accounting or tax vendors;
  • advertising platforms and analytics providers where needed to run, measure, or improve customer-approved campaigns or our own permitted marketing;
  • AI, automation, data-processing, and workflow providers acting on our behalf;
  • customer Organizations, real estate professionals, team members, integrations, CRMs, ad platforms, or other destinations when the relevant workflow, approval, contract, consent, or legal basis supports that disclosure;
  • affiliates under common control with Alpha Apps, subject to this policy;
  • professional advisers, auditors, insurers, lawyers, accountants, and compliance reviewers;
  • public authorities, courts, regulators, law enforcement, or others where required by law or necessary to protect rights, safety, security, or legal compliance;
  • parties involved in a merger, acquisition, financing, sale of assets, bankruptcy, or similar transaction, subject to appropriate safeguards.

We do not sell, rent, lease, or disclose SMS authentication mobile information or SMS consent data to third parties, affiliates, business partners, or lead generators for marketing or promotional purposes. The SMS-specific rule below controls over any broader sharing language in this policy.

SMS Authentication Messages and Mobile Information

This section applies specifically to mobile phone numbers and related information collected or used for Turnkey Leads account signup, phone verification, passwordless sign-in, account recovery, sensitive-action confirmation, and account security.

SMS Authentication Is Not a Marketing Program

SMS authentication messages are transactional account-security messages, including one-time passcodes, phone-verification codes, sign-in codes, and closely related security notices. Agreeing to receive these messages is not an agreement to receive marketing, promotional, sales, lead-nurturing, customer-contact, conversational AI, or other unrelated text messages from Turnkey Leads, Alpha Apps, or any third party.

If we offer marketing SMS or other non-authentication SMS in the future, we will request separate consent for that purpose where required. Creating an account, verifying a phone number, verifying an email address, replying START after an opt-out, or using another communication channel does not by itself create consent for marketing or customer-contact SMS.

SMS Authentication Information We Collect

When you sign up for, sign in to, verify, recover, or secure a Turnkey Leads account, we may collect and process:

  • the mobile phone number you provide;
  • phone-verification status, such as pending, verified, unreachable, revoked, or provider-blocked;
  • the date and time of code requests, sends, delivery attempts, successful verifications, failed verifications, expirations, and invalidations;
  • message-delivery metadata received from our SMS provider, such as provider message identifiers, sender identifiers, carrier or routing status, delivery status, delivery-error codes, country code, segment count, and timestamps;
  • inbound opt-out, opt-in, and help signals, such as STOP, STOPALL, UNSUBSCRIBE, END, QUIT, CANCEL, REVOKE, OPTOUT, START, UNSTOP, HELP, or similar supported keywords;
  • limited technical and security information associated with the request, such as account or pending-account identifiers, device, browser, IP address, abuse-prevention, and fraud-prevention data where needed to protect the service.

We do not retain a cleartext one-time passcode after it is used or expires. Our application logs are designed to avoid raw one-time passcodes, full SMS message bodies, provider authentication secrets, and full mobile phone numbers except in controlled systems where needed for lawful operation, security, or compliance.

How We Use SMS Authentication Information

We use SMS authentication information only for service operations such as:

  • account creation and phone verification;
  • passwordless sign-in and account access;
  • account recovery and sensitive-action confirmation;
  • account security, fraud prevention, abuse prevention, and suspicious-activity response;
  • delivery troubleshooting and customer support;
  • local suppression, provider-block, opt-out, opt-in, and help handling;
  • audit logging and compliance with carrier, platform, contractual, and legal requirements.

Message frequency varies based on your signup, sign-in, phone-verification, account-recovery, and account-security activity. Message and data rates may apply.

No Sharing of Mobile Information for Marketing

No mobile information collected or used for Turnkey Leads account authentication, including your mobile phone number, messaging consent, verification status, or opt-in/opt-out data, will be shared, sold, rented, leased, transferred, or otherwise disclosed to third parties, affiliates, business partners, or lead generators for marketing or promotional purposes.

All other categories of information sharing described in this Privacy Policy exclude text-messaging originator opt-in data and SMS consent data. SMS authentication information is not shared with any third party or affiliate for that party’s own marketing or promotional purposes.

SMS Authentication Service Providers

We may disclose SMS authentication information to service providers or processors that help us provide and secure the service. These may include:

  • Twilio Inc., our SMS transport provider, which we use to deliver authentication messages, return delivery status, and process inbound STOP, HELP, START, and similar provider-control signals;
  • mobile carriers and telecommunications providers that transmit messages to and from your mobile device;
  • cloud hosting, logging, security, fraud-prevention, and customer-support providers acting on our behalf.

These service providers may process SMS authentication information only to provide services to us and not for their own marketing or promotional purposes.

Your SMS Choices

You may opt out of SMS authentication messages at any time by replying STOP, STOPALL, UNSUBSCRIBE, END, QUIT, CANCEL, REVOKE, or OPTOUT to any Turnkey Leads message, or by contacting us at support@turnkeyleads.com. We will stop sending SMS authentication messages to that number after processing your request.

Because Turnkey Leads uses SMS as the default factor for sign-in and account security, opting out may prevent you from receiving the verification codes needed to sign in, complete signup, verify your phone, recover your account, or confirm security-sensitive actions. If your email address is already verified and the relevant flow supports it, you may be able to receive a one-time code by email as a fallback. Otherwise, you may need to contact support to regain access or change your verification phone number.

You may reply HELP to any Turnkey Leads message for support information, or contact us at support@turnkeyleads.com.

You may also revoke consent to receive SMS messages from Turnkey Leads through any other reasonable method, including by emailing support@turnkeyleads.com. We will honor revocation requests as soon as practicable and no later than the deadline required by applicable law.

Replying START or UNSTOP may remove a provider-level block and restore this SMS authentication program where permitted by provider rules, our security policies, and applicable law. START or UNSTOP does not create marketing, sales, lead-nurturing, customer-contact, or other SMS eligibility.

Retention of SMS Authentication Information

We retain your mobile number for as long as your Turnkey Leads account is active and as needed to provide authentication and account-security services. We retain consent, opt-out, provider-block, delivery, and authentication-event records for as long as reasonably necessary for account security, abuse prevention, suppression management, delivery troubleshooting, audit and compliance records, dispute resolution, and legal obligations.

Our launch retention defaults are generally five years for TCPA, outreach consent, revocation, suppression, do-not-contact, call, and SMS attempt evidence, and seven years for durable compliance or audit evidence such as privacy operations, sensitive authorization, support-access, billing, or legal records, unless a shorter or longer period is required by law, legal hold, contract, or counsel-approved policy.

Retention and Deletion

We retain personal information for the period reasonably necessary to provide the service, operate security and compliance controls, resolve disputes, enforce agreements, maintain lawful audit evidence, and satisfy legal obligations.

Different categories of information may have different retention periods. For example:

  • account and service records are retained while the account or customer relationship is active and for a reasonable period afterward;
  • billing, payment, tax, and financial records are retained as required for accounting, tax, dispute, and legal obligations;
  • consent, suppression, delivery, outreach, audit, and recipient-lineage records may be retained after operational personal information is deleted where needed to prove compliance, honor revocations, prevent unlawful contact, or propagate deletion and correction instructions;
  • raw subject-linkable telemetry is retained for shorter periods unless promoted to an evidence, security, aggregate, or legal-hold class.

When deletion applies, we may delete, de-identify, aggregate, or separate erasable personal information from immutable audit, attribution, consent, payment, or event-provenance records. Retained suppression records are used to block contact, sharing, or use, not to restart marketing or rehydrate deleted identities.

Security

We use administrative, technical, and physical safeguards designed to protect personal information. These safeguards may include access controls, encryption, logging controls, secure transport, monitoring, vendor review, and data minimization. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

Your Choices and Rights

Depending on your location and relationship with Turnkey Leads, you may have rights to request access, correction, deletion, portability, restriction, objection, or information about certain processing. You may also have rights to opt out of certain sharing, targeted advertising, sale, or marketing uses where applicable law provides those rights.

You may update some account information in the Turnkey Leads application when account access is available. You may also contact us at support@turnkeyleads.com. We may need to verify your identity and authority before responding.

Some records cannot be deleted immediately because we need them for security, suppression, legal compliance, dispute resolution, audit integrity, billing, fraud prevention, or another lawful reason.

United States State Privacy Notices

Certain U.S. state privacy laws may define “sale,” “share,” “targeted advertising,” or “personal information” broadly. Turnkey Leads may use advertising and analytics tools on our websites, and we may disclose lead or prospect information to customers or recipient Organizations where the relevant capture flow and legal basis support that disclosure.

We do not sell SMS authentication mobile information or SMS consent data. We do not share SMS authentication mobile information or SMS consent data with third parties or affiliates for marketing or promotional purposes.

To exercise applicable state privacy rights, contact support@turnkeyleads.com.

International Transfers

Turnkey Leads is operated from the United States. If you access the service from outside the United States or provide information about someone outside the United States, information may be processed in the United States and other locations where our service providers operate. Those locations may have privacy laws that differ from the laws where you live.

Children’s Privacy

Turnkey Leads is intended for adults and business users. We do not knowingly collect personal information from children under 18. If you believe a child has provided personal information to us, contact support@turnkeyleads.com.

The service may link to websites, platforms, integrations, or services we do not operate. We are not responsible for their privacy practices. Review their privacy policies before providing information to them.

Changes to This Policy

We may update this Privacy Policy from time to time. The updated version will be posted on this page with a revised “Last updated” date. Material changes may be announced through the service or by another reasonable method.

Contact Us

If you have questions about this Privacy Policy or privacy requests, contact us: