Outreach is a tool that connects to your Gmail account to send cold outreach emails on your behalf through Claude AI. We take your privacy seriously. This policy explains exactly what we collect, how we use it, and your rights.
1. Who we are
Outreach ("we", "us", "our") is operated by an independent developer. You can reach us at [email protected].
2. What information we collect
We collect only what is necessary to provide the service:
- Email address — collected from Stripe at checkout to create your account and send you your access key.
- Stripe billing data — payment is processed entirely by Stripe. We store your Stripe customer ID and subscription ID to manage your access. We never see or store your card details.
- Gmail OAuth token — when you connect your Gmail account, Google issues a secure token that we store locally on our server. This token allows us to send emails on your behalf. We do not store, read, or transmit your email content to any third party.
- Outreach history — a local log of businesses you have contacted (name, email, date, notes) stored in a local database on our server. This is used only to prevent duplicate outreach.
3. How we use Google user data
Outreach uses your Google account solely to send emails you explicitly request through the Claude AI interface. Specifically:
- We request the
gmail.sendscope only — the minimum permission needed to send email. - We do not read, index, or analyze your inbox or any existing emails.
- We do not share your Gmail data with any third parties.
- Your OAuth token is stored securely on our server and used only to fulfill send requests you initiate.
- You can revoke access at any time from your Google Account permissions page.
Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.
4. How we share your information
We do not sell, rent, or trade your personal information. We share data only with:
- Stripe — for payment processing. Subject to Stripe's Privacy Policy.
- Google — OAuth is handled directly between you and Google. Subject to Google's Privacy Policy.
5. Data retention
We retain your data for as long as your subscription is active. If you cancel your subscription and request deletion, we will remove your account data, outreach history, and Gmail token within 30 days. Email us at [email protected] to request deletion.
6. Security
OAuth tokens are stored with restricted filesystem permissions. Stripe webhooks are verified using HMAC signatures. We do not log email content. Connections to our server are encrypted via HTTPS/TLS.
7. Your rights
You have the right to:
- Request a copy of the data we hold about you
- Request correction or deletion of your data
- Revoke Gmail access at any time via Google Account settings
- Cancel your subscription at any time
To exercise any of these rights, email [email protected].
8. Children's privacy
Outreach is not directed at children under 13. We do not knowingly collect data from children.
9. Changes to this policy
We may update this policy from time to time. If we make material changes, we will notify subscribers by email. Continued use of the service after changes constitutes acceptance.
10. Contact
Questions about this policy? Email us at [email protected].