Outsprint ("we," "our," or "us") is committed to protecting the privacy of individuals who visit our website, register for our services, or otherwise interact with our platform. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our customer relationship management platform and related services (collectively, the "Service").
By accessing or using the Service, you agree to the terms of this Privacy Policy. If you do not agree with the practices described here, please do not use the Service.
Information You Provide
We collect information that you voluntarily provide when using the Service, including:
- Account Information: Name, email address, company name, job title, and phone number when you register for an account.
- Billing Information: Payment card details and billing addresses are processed by our payment provider, Stripe. We do not store full payment card numbers on our servers.
- CRM Data: Contacts, companies, deals, activities, notes, emails, and other customer relationship data you input into the platform.
- Communications: Messages you send through our chat interface, support requests, and feedback you provide.
- Migration Data: Data you import from other CRM platforms, including HubSpot, during migration.
Information Collected Automatically
When you access the Service, we automatically collect certain information, including:
- Usage Data: Pages visited, features used, actions taken, timestamps, and interaction patterns within the platform.
- Device Information: Browser type, operating system, device identifiers, and screen resolution.
- Log Data: IP addresses, access times, referring URLs, and error logs.
- Cookies and Tracking: Information collected through cookies, web beacons, and similar technologies as described in the Cookies section below.
Information from Third Parties
We may receive information about you from third-party services you connect to your account, such as:
- Email Providers: Gmail and Outlook email content and metadata when you connect your email account for CRM sync.
- OAuth Providers: Basic profile information from Google or Microsoft when you use single sign-on.
- Integration Partners: Data from connected services such as Slack when you enable integrations.
How We Use Your Information
We use the information we collect for the following purposes:
- Provide the Service: To operate, maintain, and improve the Outsprint CRM platform, including AI-powered features that analyze your CRM data to surface insights and automate workflows.
- Personalization: To tailor the experience to your preferences and usage patterns, including customizing AI responses and suggestions.
- Communication: To send you service-related notices, security alerts, and support messages. With your consent, we may also send marketing communications.
- Analytics: To understand how users interact with the Service and identify areas for improvement.
- Security: To detect, prevent, and respond to fraud, abuse, and security incidents.
- Legal Compliance: To comply with applicable laws, regulations, and legal processes.
AI and Machine Learning
Outsprint uses AI models to power conversational CRM features. Your CRM data is processed by our AI systems to generate responses, surface insights, and automate workflows within your account. We do not use your CRM data to train general-purpose AI models. AI processing is performed within our secure infrastructure and is subject to the same security and privacy controls as all other data processing.
We do not sell your personal information. We share your information only in the following circumstances:
- Service Providers: We share data with third-party service providers who perform services on our behalf, such as cloud hosting (AWS), payment processing (Stripe), email delivery (Resend), and analytics. These providers are contractually obligated to protect your information.
- Within Your Organization: Information you add to Outsprint is accessible to other authorized members of your organization's account, subject to role-based access controls.
- Legal Requirements: We may disclose information if required by law, regulation, legal process, or governmental request.
- Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.
- With Your Consent: We may share your information for other purposes when you have given us explicit consent.
Data Security
We implement industry-standard security measures to protect your information, including:
- Encryption of data at rest using AES-256 and in transit using TLS 1.3.
- Isolated database infrastructure for Enterprise customers with dedicated tenancy.
- Role-based access controls and audit logging for all data access.
- Regular security assessments and penetration testing.
- Monitoring and alerting for suspicious activity through Datadog.
While we strive to protect your information, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
Your Rights (GDPR / CCPA)
Depending on your location, you may have certain rights regarding your personal information:
For EEA and UK Residents (GDPR)
- Access: Request a copy of the personal data we hold about you.
- Rectification: Request correction of inaccurate or incomplete data.
- Erasure: Request deletion of your personal data, subject to legal obligations.
- Portability: Receive your data in a structured, commonly used format.
- Restriction: Request that we restrict processing of your data.
- Objection: Object to processing of your data for certain purposes.
- Withdraw Consent: Withdraw previously given consent at any time.
For California Residents (CCPA)
- Right to Know: Request information about the categories and specific pieces of personal information we collect.
- Right to Delete: Request deletion of personal information we have collected.
- Right to Opt-Out: We do not sell personal information, so no opt-out is necessary.
- Non-Discrimination: We will not discriminate against you for exercising your privacy rights.
To exercise any of these rights, contact us at privacy@gooutsprint.com. We will respond within 30 days.
Data Retention
We retain your personal information for as long as your account is active or as needed to provide the Service. When you close your account, we delete or anonymize your CRM data within 30 days, unless we are required to retain it for legal or compliance purposes.
Backup copies may persist in our systems for up to 90 days after deletion before being permanently removed. Aggregated, anonymized data that cannot identify you may be retained indefinitely for analytics and service improvement.
Cookies and Tracking Technologies
We use cookies and similar technologies to:
- Essential Cookies: Enable core functionality like authentication and session management. These cannot be disabled.
- Analytics Cookies: Help us understand how visitors interact with our website and identify areas for improvement.
- Preference Cookies: Remember your settings and preferences, such as language and theme choice.
We do not use third-party advertising cookies. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect the functionality of the Service.
Children's Privacy
The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal information, we will take steps to delete that information. If you believe a child has provided us with personal data, please contact us at privacy@gooutsprint.com.
Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website and, where appropriate, by email notification. Your continued use of the Service after such changes constitutes acceptance of the updated policy.
If you have questions or concerns about this Privacy Policy or our data practices, contact us at: