Since LeadPost only operates in the US, international privacy laws such as GDPR and CASL do not apply. From a US perspective, states are beginning to enact state-level privacy laws, such as California’s CCPA. But these restrictions have been centered around notification of data collection and usage and the ability for users to opt out and/or purge data collected.
Because no personally identifiable information (PII) is being passed, use of the service does not require any additional steps to be taken outside of the ones that you likely already have in place to comply with these laws.
However, your privacy policies should be reviewed to ensure proper disclosure of the use of third-party data collection services as outlined in Section 1.3 of our Terms of Service.