Privacy Statement

Last modified: Oct 9, 2024

Overview

At Outreach Corporation., we are committed to maintaining the confidentiality and security of any personal information about our users. Your privacy is always at the top of our priorities. This Privacy Statement explains who we are and spells out how we collect, use, and disclose personal information from or about you and how to exercise your privacy rights. 

If you have any questions or concerns about our use of your personal information, please contact us using the details provided at the bottom of this Privacy Statement. From time to time, we may update this Privacy Statement as we adopt new privacy practices or as applicable laws and regulations change. Each time this Privacy Statement is updated, we will update the “Last Updated” date at the top of the page. If we make any material changes to this Privacy Statement, we will notify you by email or, where permitted by applicable law, by means of a notice on this website.

We adhere to the principles of the EU-U.S. Data Protection Framework (DPF), the Swiss-U.S. DPF, and the UK extension to the EU-U.S. DPF. To learn more, click here.

California consumers can find specific disclosures, including “Notice at Collection” details, by clicking here.

About Us

Outreach is headquartered in Seattle, United States and has offices in Europe. You can find more about us and the Outreach Service here.

What Does this Privacy Statement Cover?

This Privacy Statement applies to our collection, use and disclosure of personal information that we collect from you or that you provide when you engage with Outreach, our website "www.outreach.io" (the “Website”) or the customer engagement platform service at accounts.outreach.io ("Outreach Service") (together the “Services”). Outreach Users can access the Outreach Service via our website www.outreach.io, accounts.outreach.io, applications on Devices, APIs, and third-parties.

This Privacy Statement only applies where we are processing personal information for our own purposes. When we do so, we (Outreach Corporation) are processing your information as a “data controller” under applicable privacy laws. This Privacy Statement does not cover the personal information Outreach collects, uses and discloses on behalf of its Clients (“Client Data”) in connection with the Outreach Service and we invite you to contact the relevant company or organization if you have any questions about their privacy practices.

The Information We Collect

We collect your personal information from different sources, including information you provide directly, information collected automatically and information from third-party data sources. We may also infer or generate information ourselves based on the other data we have collected. We may collect your information both online (for example, through your use of the Outreach Platform) and offline (for example over the phone) and we may combine information collected from disparate sources.

The personal information we collect includes the following categories:

Information you provide directly

Certain parts of our Website or Outreach Service ask you to provide certain information voluntarily. This typically includes:

  • Identification information, such as your name, company and job title
  • Contact information, such as your phone number, email address, and home and/or business postal addresses.
  • Log-in credentials, such as your username and password to access the Outreach Services.
  • Demographic Data. In some cases, such as when you register or participate in surveys, we request that you provide age, gender, and similar demographic details.
  • Payment Information, such as your bank account number; credit card number and associated identifiers and billing address but only when you pay for the Outreach Services.
  • Support data, such as feedback or information about a technical issue you have reported.
  • Marketing information such as your marketing preferences.
  • Communication data, such as any information you include in any enquiry or communications you send us.
  • Any information you choose to provide to us when completing any ‘free text’ boxes in our forms or blogs.

When you are asked to provide personal information, you may decline. However, if you choose not to provide or allow personal information that is necessary for certain services or features, those services or features may not be available or fully functional. 

If you choose to provide us with personal information about another person, you shall ensure that you have obtained the consent of that person to share their information with us.

Information we collect automatically

Like most companies that offer online services, we may automatically collect certain information from your computer or device, about your use of the Outreach Service or our Website. We use this information to provide our Services, ensure the security of our Services, help improve our Services and promote our Services to you. This typically includes:

  • Cookies data: We collect certain information through cookies and other tracking technologies such as your computer or device’s Internet Protocol ("IP") address, browser type, the web page visited before or after you came to our Website, information you search for on our Website, locale preferences and identification numbers associated with your devices. You can learn more about our use of cookies in our Cookie Notice.
  • Location data: We may derive your general location based on your IP address.
  • Activity data: We may also collect information about how you use and interact with our Services, such as the content you view or download and the actions you take and the time and duration of your activities.

Information we obtain from third-party sources

From time to time, we may receive personal information about you from third party sources but only when these third parties have confirmed to us that they either have your consent or are otherwise legally permitted or required to disclose this information to us. This typically includes:

  • Data Supplementation. We may receive additional demographic information (including your company, job title or business contact details) about you from other sources, including publicly available databases or third parties such as lead generation providers or business intelligence platforms from whom we have purchased data. We combine this data with information we already have about you. This helps us to maintain and improve the accuracy and relevance of our records, identify new opportunities, and send you information about products and services that may be of interest to you in accordance with your marketing preferences.
  • Sign-in information: If you log in to our Services using a third-party sign-in service (such as LinkedIn), we will collect information from that sign-in service that you give us permission to receive. This may include information such as your name, social media profile and location. We only collect this information to provide the Services to you. Please refer to the privacy settings of the third-party sign-in service you use to manage the information that is shared.

Client Data

Please note that as explained above, we also receive personal information about you, in the form of Client Data from our Client. We use such personal information to provide the Outreach Service to our Clients and only as instructed by the Clients. Under these circumstances, we process your information as a processor on our Clients' behalf and it is our Clients, as the controllers of the information, that determine what information we process about you and how we use it. If you have any privacy-related questions or concerns about one of our Client's privacy practices, or the choices a Client has made to share your information with us, you should contact that company or organization directly. We are not responsible for the privacy or security practices of our Clients, which may differ from those described in this Privacy Statement.

How We Use Personal Information

We use personal information about you for the purposes detailed below. In some regions, such as the European Economic Area, the United Kingdom and Switzerland, we need a lawful basis to collect, use and disclose your personal information. Our lawful basis will depend on the information concerned and the context in which it is processed and this is also detailed here.

Unless otherwise disclosed to you, we will only process your personal information (i) where the processing is in our legitimate interests (which are not overridden by your data protection interests or fundamental rights and freedoms); (ii) where we need the information to perform a contract with you; or (iii) where we have collected your consent to do so.

  • Sending promotional information and otherwise marketing to you in accordance with your marketing preferences including combining personal information you provide us with other data we may have about how you interacted with Services in order to show you the most relevant content and services and for marketing purposes. If you are the administrator of a Client account, we may send you marketing communications about Outreach and other services provided by us. We will do this in accordance with your marketing preferences and on the basis of our legitimate interests in building our customer base and promoting our services offered by us, or, where required, with your consent. 
  • Sending technical notices, updates, security alerts, and other support and administrative messages to our Outreach Users: If you are an Outreach User, we may use your personal information to send you administrative messages in reliance on our legitimate interests in administering the Outreach Service, including for security and operational issues that affect multiple Clients or Outreach Users.
  • Providing technical and customer support to Outreach Users: If you are an Outreach User, we use personal information to troubleshoot and diagnose problems, and provide other customer care and support services, including to help us provide, improve, and secure the quality of our products, services, and training, and to investigate security incidents in reliance on our legitimate interests.
  • Responding to questions, requests and feedback from those that interact with us: If you fill out a web form or request support, if you contact us by other means, including via a phone call, we use your personal information in reliance on our legitimate interests in fulfilling your requests and communicating with you.
  • Managing events: We use personal information to plan and host events or webinars for which you have registered or that you attend, including sending related communications to you, in reliance on our legitimate interests in administering and promoting the event, or where required, with your consent.
  • Detecting, preventing and responding to potential fraud, violations of our terms and conditions or other misuse of our Services: We process personal information by tracking use of our Services for the purposes of maintaining their security, including verifying accounts and activity, investigating suspicious activity, and enforcing our terms and policies, in reliance on our legitimate interest in promoting the safety and security of the Services, systems and applications and in protecting our rights and the rights of others.
  • Complying with legal obligations: We process your personal information when cooperating with public and government authorities, courts or regulators in accordance with our legal obligations under applicable laws, to the extent this requires the processing or disclosure of personal information to protect our rights, or is necessary for our legitimate interest in protecting against misuse or abuse of our websites, protecting personal property or safety, pursuing remedies available to us and limiting our damages, complying with judicial proceedings, court orders or legal processes, or to respond to lawful requests.

In general, we will use the personal information we collect only for the purposes described in this Privacy Statement or for purposes that we explain to you at the time we collect your personal information. 

Sometimes we aggregate or de-identify information so that it can no longer identify you, as defined under applicable laws. Where so required by applicable law, we take steps to maintain and use such data in a de-identified data format.

 We may also use your personal information for additional compatible purposes as permitted by applicable data protection laws.

Disclosure of Your Personal Information

We disclose personal information with your consent or as we determine necessary to complete your transactions or provide the services you have requested or authorized. In addition, we may disclose your personal information to the following categories of recipients:

  • Vendors, service providers and partners. We may use certain trusted third-party vendors, service providers and partners who provide data processing services to us (including but not limited to data storage, maintenance services, database management, web analytics, payment processing, and improvement of the Service’s features). These third parties will only process your information on our behalf and for the purposes described in this Privacy Statement or for such other purposes that are notified to you prior to such disclosure.
  • Third-Party Applications. Our Website includes links to other websites  or applications whose privacy practices may differ from those of Outreach. For example, our website includes social media features, such as the Facebook Like button and widgets, such as the "Share This" button for Twitter and LinkedIn. These features allow you to share information about your activities on our Services through social media networks. This Privacy Statement does not apply to your use of any such third party plug-ins and applications and we are not responsible for how those third parties use and disclose your information. Your interactions with these features are governed by the privacy policy of the company providing it.
  • Compliance with Laws and Law Enforcement Requests; Protection of Outreach's Rights. We may disclose to any competent law enforcement body, regulatory, government agency, court or other third party data stored in your Outreach account and information about you that we process only when we have a good faith belief that disclosure is reasonably necessary to (a) comply with a law, regulation, or compulsory legal request, such as to comply with a subpoena; (b) protect the safety of any person from death or serious bodily injury; (c) prevent fraud or abuse of Outreach or its users; or (d) to protect Outreach's rights. 
  • Business Transfers.  Your personal information may be transferred to potential or actual buyers (and their agents and advisers) in connection with a merger, acquisition, or sale of all or a portion of our assets, in which case we will  inform the buyer it must use your personal information only for the purposes disclosed in this Privacy Statement.

 Please note that some of our services also include integrations, references, or links to services provided by third parties whose privacy practices differ from ours. If you provide personal information to any of those third parties, or allow us to share personal information with them, that data is governed by their privacy statements.

Finally, we may disclose de-identified information in accordance with applicable law.

International Data Transfers

Outreach is a US company and our service providers are located in the US and other countries. This means that your personal information may be transferred to, and processed in, countries other than the country in which you are located. These countries may have data protection laws that are different to the laws of your country (and, in some cases, may not be as protective).However, we take appropriate safeguards to ensure that your information remains protected in accordance with this Privacy Statement and applicable data protection laws. 

Transfer of European Personal Information. 

If you are located in the European Economic Area, United Kingdom or Switzerland these safeguards include transferring your information to a country that the relevant authorities have determined provide an adequate level of protection for personal information, transferring your information subject to the Data Privacy Framework as described below or by implementing standard contractual clauses with our customers, third party service providers and partners.

EU-U.S. / Swiss-U.S. Data Protection Framework. 

Outreach also complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF, and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (collectively “DPF”) as set forth by the U.S. Department of Commerce.  

We have certified to the U.S. Department of Commerce that we adhere to the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal information received from the European Union in reliance on the EU-U.S. DPF and from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF.  Outreach has certified to the U.S. Department of Commerce that it adheres to the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal information received from Switzerland in reliance on the Swiss-U.S. DPF.  If there is any conflict between the terms in this Platform Privacy Statement and the EU-U.S. DPF Principles and/or the Swiss-U.S. DPF Principles, the Principles shall govern.  To learn more about the Data Privacy Framework (DPF) program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

We are subject to the investigatory and enforcement powers of the U.S. Federal Trade Commission.

Pursuant to the Data Privacy Frameworks, EU, UK, and Swiss individuals have the right to obtain our confirmation of whether we maintain personal information relating to you in the United States. Upon request, we will provide you with access to the personal information that we hold about you. You may also correct, amend, or delete the personal information we hold about you. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data transferred to the United States under the Data Privacy Frameworks, should direct their query to support@outreach.io. If requested to remove data, we will respond within a reasonable timeframe. 

We will provide an individual opt-out choice, or opt-in for sensitive data, before we share your data with third parties other than our agents, or before we use it for a purpose other than which it was originally collected or subsequently authorized. To request to limit the use and disclosure of your personal information, please submit a written request to support@outreach.io.

In certain situations, we may be required to disclose personal information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. 

If third-party agents process personal information on our behalf in a manner inconsistent with the DPF Principles, we remain liable unless we prove we are not responsible for the event giving rise to any damages.

In compliance with the Data Privacy Framework Principles, Outreach commits to resolve complaints about your privacy and our collection or use of your personal information transferred to the United States pursuant to the Data Privacy Frameworks. European Union, United Kingdom, and Swiss individuals with DPF inquiries or complaints should first contact us by email at support@outreach.io.

For any complaints related to the DPF that cannot be resolved with us directly, you may refer the matter to our independent dispute resolution body at https://feedback-form.truste.com/watchdog/request. This service is provided free of charge to you.

Finally, under limited circumstances and after other available dispute resolution mechanisms have been exhausted, binding arbitration is available to address certain residual complaints under the DPF not resolved by other means (for more detail, see https://www.dataprivacyframework.gov/s/article/ANNEX-I-introduction-dpf for details).

Data Protection Rights

We provide a variety of ways for you to control the personal information we hold about you, including choices about how we use that data.

You can access and control the personal information that we process about you as follows:

Account information. If you are a Client Representative and are registered with us, you may review, update, correct, or delete certain personal information provided in your registration or account profile by changing your account settings.

Account closure. If you no longer desire to use our Outreach Service, you may delete your account by making the change in your account settings, although (in some cases) we may retain copies of your information if required by law, to protect our rights, or if it is not technically reasonably feasible to remove it.

Direct marketing. You can opt-out from marketing communications that we send. including our newsletter, at any time. You can do this by clicking on the "unsubscribe" or "opt-out" link in the marketing communications we send, by accessing the email preferences in your account settings page, or by contacting us at support@outreach.io or by using the details provided below.

Additional privacy rights. Depending on your location and applicable data protection laws, you may also have certain rights with regard to the personal information we control about you, including the right to request access to or correction or erasure of your personal information. You may also have the right to request that a copy of your personal information be provided to you in a readily useable format.  In particular, see below for more information about your individual rights under California and European privacy laws.

We respond to all requests we receive from individuals wishing to exercise their privacy rights in accordance with applicable data protection laws. If you would like to exercise any of the rights which are available to you under applicable data protection laws, please contact us at support@outreach.io or by using the details provided below. 

Please note that we may need to verify your identity before we can respond to your request. You may also designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under certain laws. Before accepting such a request from an agent, we may require the agent to provide proof you have authorized it to act on your behalf and may need you to verify your identity directly with us. 

We may, in limited circumstances, refuse to comply with your request or charge you a reasonable fee if your request is clearly unfounded or excessive. In all cases, we will notify you of any fee in advance. Alternatively, we may refuse to comply with the request in such circumstances.   If you receive a response from us informing you that we have declined your request, in whole or in part, you may appeal that decision by submitting your appeal to our data protection officer using the contact method described at the bottom of this privacy statement.

Please note that Outreach has no direct relationship with the individuals to whom the Client Data relates. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate information contained in the Client Data, should direct his query to the Outreach's Client (the data controller).

Additional Information for Europe

If you are in Switzerland, the United Kingdom or the European Union, you may have the right to: 

  • You can request access to, and rectification or erasure of, personal information;
  • If any automated processing of personal information is based on your consent or a contract with you, you have a right to transfer or receive a copy of the personal information in a usable and portable format;
  • If the processing of personal information is based on your consent, you can withdraw consent for future processing at any time;
  • You can object to, or obtain a restriction of, the processing of personal information under certain circumstances; and
  • For residents of France, you can send us specific instructions regarding the use of your data after your death.

To make such requests, please use the contact information at the bottom of this statement. When we are processing data on behalf of another party that is the “data controller,” you should direct your request to that party. You also have the right to lodge a complaint with a supervisory authority, but we encourage you to first contact us with any questions or concerns.

Additional Information for California consumers

If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), the following information also applies to you and supplements the information contained in this Privacy Statement.

Information We Collect and Sources of Information

Our Privacy Statement already describes the information we collect and the sources of information – see the above sections "The Information We Collect” and “How We Use Personal Information". This section organizes that information around the personal information categories set out in the CCPA.

In the past 12 months, we have collected the following information for the following purposes:

  • Identifiers (such as your name, username, email address and cookies). We obtain this information when you provide it to us or otherwise automatically in the course of your interactions with our Services.
  • Business records (such as payment information). We obtain this information directly from you or otherwise automatically in the course of your interactions with our Services.
  • Demographic information / Classification characteristics under California or federal law (such as age or date of birth). We obtain this information if you provide it to us.
  • Commercial information (such as services purchased). We obtain this information directly from you or otherwise automatically in the course of your interactions with our Services.
  • Internet or other electronic network activity information (such as search history and browser information). We obtain this information automatically in the course of your interactions with our Services.
  • Geolocation data (such as your country location based on your IP address). We obtain this information when you provide it to us or otherwise automatically in the course of your interactions with our Services.
  • Audio, video and other electronic data (such as chat and any interaction that you may have with us, for example for customer service purposes). We obtain this information when you provide it to us or otherwise automatically in the course of your interactions with our Services.
  • Professional or employment-related information (such as your job title). We obtain this information when you provide it to us.
  • Profiles and inferences (such as inferences drawn from any of the information identified above to create a profile). We obtain this information automatically in the course of your interactions with our Website.

How We Share your Personal Information:

We do not disclose your personal information except as approved by you or as otherwise described in this Privacy Statement. In the preceding 12 months, we have disclosed the following categories of personal information described above for the business purposes described in this Privacy Statement:

  • Identifiers such as those set forth above;
  • Internet or other electronic network activity information;
  • Demographic information / Classification characteristics;
  • Commercial information;
  • Geo-location data;
  • Audio, video and other electronic data;
  • Professional or employment-related information; and
  • Profiles and inferences.

Under the CCPA, a "sale" is defined very broadly and includes a wide array of data sharing. As the term is defined by the CCPA, we “sold” the following categories of personal information in the last 12 months: identifiers/contact information, Internet or other electronic network activity information, and inferences drawn from the above. We “sold” such information to event sponsors, advertising networks and data analytics providers. The business purposes of “selling” personal information is for third-party companies to perform services on our behalf, such as marketing, advertising, and audience measurement. We do not have any actual knowledge that we "sell" the personal information of consumers under 16 years of age.

Most modern web browsers give you the option to send a Do Not Track signal to the sites you visit, indicating that you do not wish to be tracked. However, there is no accepted standard for how a site should respond to this signal, and we do not take any action in response to this signal.

If you are a California resident our default cookie settings may constitute a sale of personal information. You can change your cookie settings using our cookie consent management tool here.

To opt out of all other sales/sharing of your data with third parties for the purposes described above, please complete the form here.

California Privacy Rights

If you are a California resident, you may have the following consumer privacy rights:

  • Right to Know - You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information in the past 12 months. Note that we have provided much of this information in this privacy statement. You may make such a “request to know” by contacting through the Outreach Data Subject Rights Request Portal.
  • Right to Request Deletion - You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request, please complete the form in the Outreach Data Subject Rights Request Portal.
  • Right to Opt-Out - You have a right to opt-out from future “sales” or “shares” of personal information. Note that the CCPA defines “sell” and “personal information” very broadly, and some of our data sharing described in this privacy statement may be considered a “sale” or “share” under those definitions as explained above. If you would like to request Do Not Sell/Share of your information, please complete the form located here.
  • Right to Limit Use and Disclosure of Sensitive personal information. You have a right to limit our use of sensitive personal information for any purposes other than to provide the services or goods you request or as otherwise permitted by law. Note that we do not use sensitive personal information for any such additional purposes.
  • Right to be Notified of Financial Incentives: You have the right to be notified of any financial incentive offers and their material terms, the right to opt-out of such incentives at any time, and may not be included in such incentives without your prior informed opt-in consent. We do not offer any such incentives at this time.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of these rights.

Data Retention

Outreach will retain personal information we process for as long as reasonably necessary to fulfill the purposes outlined in this Privacy Statement, comply with legal 

If you wish to cancel your account or request that we no longer use your information to provide you Services, you may delete your account. 

Please note that Outreach may retain your personal information for longer where there is a legal, tax or accounting obligation, contractual, or legitimate interest, including resolving disputes and enforcing our agreements and rights. obligations, resolve disputes, and enforce our agreements, and for other legitimate and lawful business purposes. Because our needs can vary for different data types in the context of different services, actual retention periods can vary significantly based on criteria such as user expectations or consent, the sensitivity of the data, the availability of automated controls that enable users to delete data, and our legal or contractual obligations.

When we no longer have an ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your information has been stored in backup archives), then we will securely store your information and isolate it from any further processing until deletion is possible. Please note that Outreach will retain Client Data that we process on behalf of our Clients for as long as needed to provide services to our Clients and in accordance with our agreements with our Clients.

Blogs

If the personal information we process about you is subject to EU data protection law, we rely on one or more of the following EU lawful legal bases:

  • Data subject has given consent to the processing of his or her personal information for one or more specific purposes
  • Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
  • Processing is necessary for compliance with a legal obligation to which the controller is subject
  • Processing is necessary in order to protect the vital interests of the data subject or of another natural person
  • Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
  • Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal information, in particular where the data subject is a child.

Personal information is or may be used for the following purposes:

  • To provide and improve our Service.
  • To administer your use of the Service
  • To recommend follow-up reminders, assign tasks, or personalize the service,
  • To provide or offer software updates and product announcements.
  • To ensure our legal compliance obligations.

If you no longer wish to receive communications from us that are not required for the Service, please follow the "unsubscribe" instructions provided in any of those communications or update your account settings information.

Google API Services Usage Disclosure

Outreach's use and transfer of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Security

Outreach stresses its privacy and security standards. Although no one can guarantee absolute security, we regularly re-evaluate our privacy and security policies in order to adapt to new challenges. We follow industry-standard security measures designed to protect your information from unauthorized access, alteration or destruction. 

Contacting Us

If you have any questions about our use of personal information, please contact us at support@outreach.io, or at Outreach Corporation, 333 Elliott Ave W, Seattle, WA 98119. Or by calling at 1 (888) 938-7356.

You can also contact:

  • Our EU Representative: Rivacy at: Rivacy GmbH, Mexikoring 33, 22297 Hamburg, Germany or at info@rivacy.eu
  • Our UK Representative: Rivacy Ltd., 87, Warriner Gardens, Unit G1/G2, London, SW11 4DX, United Kingdom or at info@rivacy.co.uk