Last modified: October 09, 2020
Some Notes On Our Relationship
This Privacy Statement applies to "www.outreach.io" and the customer engagement platform service at accounts.outreach.io ("Outreach Service" or "the Service"), which are owned and operated by Outreach Corporation (Outreach). At Outreach, we are committed to maintaining the confidentiality and security of any personal information about our users. Your privacy is always at the top of our priorities, and we are focused on protecting it from unauthorized access.
Although the EU-U.S. and Swiss U.S. Privacy Shield Frameworks have been ruled invalid for transfer of data from the EU and Switzerland to the U.S., while government discussions regarding possible replacement mechanisms proceed, we will continue to protect European data according to the standards of the Privacy Shield and applicable EU law and will implement other methods for transferring data to the extent those are available. To learn more about the Privacy Shield Frameworks, visit the U.S. Department of Commerce’s Privacy Shield program site.
Outreach is responsible for the processing of personal data it receives, under the Privacy Shield Frameworks, and subsequently transfers to a third party acting as an agent on its behalf. Outreach complies with the Privacy Shield Principles for all onward transfers of personal data from the EU or Switzerland, including the onward transfer liability provisions.
With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Outreach is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission. In certain situations, Outreach may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.
If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, please contact our U.S.-based third party dispute resolution provider (free of charge) at https://feedback-form.truste.com/watchdog/request.
Under certain conditions, more fully described on the Privacy Shield website, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.
The Information We Collect and Store
We may collect and store the following information when running the Outreach Service:
Information You provide: We collect personal data you provide to us. For example:
- Contact Information. When you use our site and Service, we collect some personal information, such as your name, phone number, email address, and home and/or business postal addresses.
- Content and Files. You have the option of enabling meeting audio and video recording and transcription. When you do so, we capture and store the content of recorded meetings, including transcript of conversations, meeting attendees, and documents shared in meetings. You may also ask us to import your contacts and email history by giving us access to your third party services (for example, your email account) or to use your social networking information if you give us access to your account on social network connection services. In fact, to use our Service, you must link a third-party email account to your Outreach account. We then import, create, and update versions of your address book and emails for you to access in Outreach. You will also have the option to import and update versions of your calendar, social media contacts, and mobile phone call history, and you can later choose to upload files to, or provide comments through, Outreach. When you invite others to join Outreach by using the Service, we send them an email for that invitation at the email addresses assigned to them in your address book. If you or another user uploads a file to Outreach that has been previously uploaded by you or another user, we may associate all or a portion of the previous file with the applicable accounts rather than storing duplicates.
- Demographic Data. In some cases, such as when you register or participate in surveys, we request that you provide age, gender, company name and title, and similar demographic details.
- Payment Information. When we configure and customize deals, or manage and perform recurring billing, we may also ask you to provide information such as your bank account number; credit card number; national ID number, insurance number, social security number; taxpayer identification number, tax file number, passport number, and driver's license number.
Collection and Use of 3rd Party Personal Information
Client Data you provide to us about other people, such as the email addresses of your contacts and meeting attendees, is used for the sole purpose of completing your request or for whatever reason it may have been provided.
User Data Supplementation
We may receive additional demographic information about you from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about you. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to you. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.
Outreach obtains this business contact and company information from third party sources, such as business intelligence platforms. The information obtained by these third-party sources is from publicly available sources such as news articles. This information is used to support Outreach’s marketing and sales efforts. The Outreach sales team may contact you based on this information to gauge your company’s interest in Outreach’s services and technology solutions. You may opt-out of these communications at any time by clicking the unsubscribe link provided in the email or by sending a request to the Outreach Technical Support team by emailing firstname.lastname@example.org.
When you use the Service, we automatically collect certain information from your Device, its software, and your activity using the Service. This may include, for example (but without limitation), the Device's Internet Protocol ("IP") address, browser type, the web page visited before or after you came to our website, information you search for on our website, locale preferences, identification numbers associated with your Devices, your mobile carrier, date and time stamps associated with transactions, system configuration information, metadata, and interactions with the Service, Internet service provider, referring/exit pages, the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, date/time stamp, and/or clickstream data to analyze trends in the aggregate and administer the site.
EU Purpose and Legal Basis for Using Personal Information
If the personal information we process about you is subject to EU data protection law, we rely on one or more of the following EU lawful legal bases:
- Data subject has given consent to the processing of his or her personal data for one or more specific purposes
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract
- Processing is necessary for compliance with a legal obligation to which the controller is subject
- Processing is necessary in order to protect the vital interests of the data subject or of another natural person
- Processing is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller
- Processing is necessary for the purposes of the legitimate interests pursued by the controller or by a third party, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child.
Personal information is or may be used for the following purposes:
- To provide and improve our Service.
- To administer your use of the Service
- To recommend follow-up reminders, assign tasks, or personalize the service,
- To provide or offer software updates and product announcements.
- To ensure our legal compliance obligations.
If you no longer wish to receive communications from us that are not required for the Service, please follow the "unsubscribe" instructions provided in any of those communications or update your account settings information.
Information Sharing and Disclosure by Us (Do Not Sell My Information)
We do not sell directly identifiable personal information to third parties.
If you are a California resident our default cookie settings may constitute a sale of personal information. You can change your cookie settings under the Cookies section above.
Service Providers, Business Partners and Others
Compliance with Laws and Law Enforcement Requests; Protection of Outreach's Rights
European Union Data Protection Rights
Upon request Outreach will provide you with information about whether we hold, or process on behalf of a third party, any of your personal information. If you are a registered user, you may review, update, correct, or delete certain personal information provided in your registration or account profile by changing your account settings. If your personal information changes, or if you no longer desire our Service, you may update or delete it by making the change in your account settings, although (in some cases) we may retain copies of your information if required by law, to protect our rights, or if it is not technically reasonably feasible to remove it. You may at any time withdraw any consent that you have provided to us to process your information, or exercise any of the following rights by contacting us as provided below . Please note that we may ask you to verify your identity before taking further action on your request, for security purposes.
- Right of Access - the right to be informed of and request access to the personal data we process about you;
- Right to Rectification - the right to request that we amend or update your personal data where it is inaccurate or incomplete;
- Right to Erasure - the right to request that we delete your personal data;
- Right to Restrict - the right to request that we temporarily or permanently stop processing all or some of your personal data;
- Right to Object - the right, at any time, to object to us processing your personal data on grounds relating to your particular situation and to processing data for direct marketing purposes;
- Right to Data Portability - the right to request a copy of your personal data in electronic format and the right to transmit that personal data for use in another party’s service; and
- Right not to be subject to Automated Decision-making
For questions about your personal information on our Service, please contact email@example.com or by contacting us by telephone or postal mail at the contact information listed below. We will respond to your inquiry within 30 days.
California Privacy Rights
If you are a California resident and the processing of personal information about you is subject to the California Consumer Privacy Act (“CCPA”), you have certain rights with respect to that information.
- Right to Know. - You have a right to request that we disclose to you the personal information we have collected about you. You also have a right to request additional information about our collection, use, disclosure, or sale of such personal information. Note that we have provided much of this information in this privacy statement. You may make such a “request to know” by contacting us at firstname.lastname@example.org.
- Right to Request Deletion - You also have a right to request that we delete personal information under certain circumstances, subject to a number of exceptions. To make a request to delete, contact us at email@example.com.
- Right to Opt-Out - You have a right to opt-out from future “sales” of personal information. Note that the CCPA defines “sell” and “personal information” very broadly, and some of our data sharing described in this privacy statement may be considered a “sale” under those definitions. In particular, we let advertising and analytics providers collect IP addresses, cookie IDs, and mobile IDs through our sites and Service when you use our online services, but do not “sell” any other types of personal information. For more information, including how to opt-out, please see the Cookies section of this statement.
You may designate, in writing or through a power of attorney, an authorized agent to make requests on your behalf to exercise your rights under the CCPA. Before accepting such a request from an agent, we will require the agent to provide proof you have authorized it to act on your behalf, and we may need you to verify your identity directly with us.
Further, to provide or delete specific pieces of personal information we will need to verify your identity to the degree of certainty required by law.
Finally, you have a right to receive notice of our practices at or before collection of personal information, and you have a right to not be discriminated against for exercising these rights set out in the CCPA.
For more information regarding data rights requests, refer to the Contact Us section below.
Outreach will retain personal data we process on behalf of our Clients for as long as needed to provide services to our Clients and in accordance with our agreements with our Clients. Outreach will retain personal data we process about Client Personnel for as long as we have a legitimate business purpose to do so. If you wish to cancel your account or request that we no longer use your information to provide you services, you may delete your account. Please note, that Outreach may retain your personal data for longer where there is a legal obligation, contractual, or legitimate interest, including resolving disputes and enforcing our agreements and rights, or if it is not technically reasonably feasible to remove it, unless these interests are overridden by the individual’s fundamental rights; in those cases data will be removed once it is no longer needed for those purposes. Consistent with these requirements, we will try to delete your information quickly upon request. In addition, we do not provide access, transfer, change, or delete information from our servers’ files where that right adversely affects the rights of others.
If you wish to subscribe to our newsletter(s), we will use your name and email address to send the newsletter to you. You may choose to stop receiving our newsletter or marketing emails by following the unsubscribe instructions included in these emails, accessing the email preferences in your account settings page, or you can contact us at firstname.lastname@example.org.
Our website offers publicly accessible blogs or community forums. You should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at email@example.com. In some cases, we may not be able to remove your personal information. If this is the case, we will let you know and indicate why.
Outreach stresses its privacy and security standards. Although no one can guarantee absolute security, we regularly re-evaluate our privacy and security policies in order to adapt to new challenges. We follow generally accepted standards to protect the information submitted to us, both during transmission and once we receive it.
For European Union data subject, you have the right to lodge a complaint with a supervisory authority concerning Outreach’s data processing activities. For questions, or to exercise your rights as an EU data subject, please contact our EU Representative, Rivacy at: Rivacy GmbH, Hammerbrookstraße 90, 20097 Hamburg, Germany.
Outreach acknowledges that you have the right to access your personal information. We collect information for our clients. If you are a customer of one of our Clients and would no longer like to be contacted by one of our Clients that use our service, please contact the client that you interact with directly.
Service Provider, Sub-Processors/Onward Transfer
Outreach may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the provisions in this Policy regarding notice and choice, as well as the service agreements with our Clients. A list of Sub-Processors can be made available upon request.
Access to Data Controlled by our Clients
Outreach has no direct relationship with the individuals whose personal data it processes as Client Data. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data, should direct his query to the Outreach's Client (the data controller). If the Client requests Outreach to remove the data, we will respond to the request within 30 business days.
Google API Services Usage Disclosure
Outreach’s use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.