Privacy Policy

How ReachClaw handles account data, integrations, analytics, and security.

Privacy PolicyTerms of Use

Privacy Policy

Last updated: March 1, 2026

ReachClaw ("ReachClaw", "we", "us", or "our") provides AI-assisted email software for support and outbound sales. This Privacy Policy explains what we collect, how we use it, and the choices you have.

By using ReachClaw, you agree to this Privacy Policy.

1. Information We Collect

1.1 Account and authentication data

  • Name and email address.
  • Encrypted authentication/session data managed by our auth provider.
  • Login metadata such as IP address and user agent.

1.2 Workspace/customer data

  • Company name and website URL.
  • Onboarding and subscription status.
  • Plan, billing status, and Stripe customer/subscription identifiers.

1.3 Gmail connection data

  • Connected mailbox address and profile display name.
  • Encrypted OAuth tokens for the connected Gmail account.
  • Email data needed to run the product, including sender/recipient info, subject lines, message content, thread/message IDs, draft/approval states, and send status.

1.4 Outreach and engagement data

  • Leads data you add or generate (for example: name, email, company, role, status, notes, score).
  • Campaign configuration and generated/sent outreach emails.
  • Engagement events (opens, clicks, replies), including event metadata and anti-bot fields.
  • For engagement events we may store hashed IP values and user-agent strings for abuse/bot detection.

1.5 Knowledge base data

  • Website pages crawled from URLs you provide.
  • Content you add manually to knowledge.
  • Uploaded documents (such as PDF, TXT, CSV), including filename, MIME type, size, and storage URL.
  • AI file references linked to your configured AI provider key.

1.6 AI configuration data

  • Encrypted customer AI API keys when you provide them.
  • AI usage metrics (for example token counts and cost tracking) for billing/operations.

1.7 Usage, diagnostics, and analytics

  • Product usage and operational logs.
  • In-app rate limiting and security telemetry.
  • Website analytics via Google Analytics and Ahrefs analytics scripts on public pages.

2. How We Use Information

We use your information to:

  • Provide and operate ReachClaw features.
  • Authenticate users and secure accounts.
  • Connect and process Gmail activity you authorize.
  • Generate, track, and send drafts/campaigns.
  • Crawl and index knowledge sources you select.
  • Process billing/subscription events.
  • Maintain reliability, prevent abuse, and improve performance.
  • Communicate service updates and account notices.
  • Comply with legal obligations.

3. Legal Basis (where applicable)

Depending on your location, we process data based on:

  • Contract performance (providing the service you request).
  • Legitimate interests (security, diagnostics, product improvement).
  • Consent (where required, including certain integrations/cookies).
  • Legal obligations.

4. Sharing and Disclosure

We do not sell your personal information.

We share data only with providers needed to run the service, such as:

  • Google APIs (for Gmail features you authorize).
  • Stripe (billing and subscriptions).
  • Anthropic (AI processing when enabled).
  • Cloudflare R2 (document storage, if enabled).
  • Resend (transactional email delivery).

We may disclose information if required by law or to protect rights, safety, and service integrity.

5. Google API Data

If you connect Gmail, our use and transfer of information received from Google APIs is limited to providing and improving user-facing features in ReachClaw and follows applicable Google API policy requirements, including the Google API Services User Data Policy (including Limited Use requirements).

6. Cookies and Similar Technologies

ReachClaw uses cookies and similar technologies for:

  • Authentication/session management.
  • Security and fraud prevention.
  • Product and website analytics on public pages.

You can manage cookies through your browser settings, but essential auth cookies are required for core login functionality.

7. Data Retention

We retain data for as long as needed to provide the service, comply with legal obligations, resolve disputes, and enforce agreements. Retention duration varies by data type and account status.

When feasible and requested, we delete or anonymize data that is no longer required.

8. Security

We apply technical and organizational safeguards, including:

  • Encryption for sensitive stored secrets (for example OAuth/API credentials).
  • Access controls and customer data isolation by workspace.
  • Monitoring and rate limiting for abuse protection.

No security system is perfect, and we cannot guarantee absolute security.

9. International Transfers

Your information may be processed in countries other than your own. Where required, we use appropriate safeguards for cross-border data transfers.

10. Your Rights and Choices

Depending on your location, you may have rights to:

  • Access personal data we hold about you.
  • Correct inaccurate data.
  • Delete data.
  • Object to or restrict certain processing.
  • Request portability of certain data.

To make a request, contact us at [email protected].

11. Children's Privacy

ReachClaw is not directed to children under 13 (or equivalent minimum age in your jurisdiction), and we do not knowingly collect personal data from children.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will update the "Last updated" date and, when required, provide additional notice.

13. Contact

Questions about this Privacy Policy: [email protected]