Legal

Privacy Policy

Last updated: May 16, 2026

1. Information We Collect

We collect information you provide directly: email address (required for login), domain and sender configurations, campaign content, and imported contact lists. We also collect usage data including campaign analytics, open/reply events, and log data for debugging.

2. How We Use Your Information

Your data is used to operate and improve the Service: delivering outreach campaigns, providing analytics, processing payments via Stripe, and sending transactional emails. We do not sell your data to third parties.

3. Contact List Data

Contact data you import (names, emails, URLs, company info) is used solely to execute your campaigns. You represent that you have a lawful basis to contact these individuals. You are the data controller for imported contacts; Outgi acts as processor. Enterprise customers requiring a Data Processing Agreement (DPA) may request one at support@outgi.com.

4. Data Storage and Security (Canadian Data Residency)

All data is stored exclusively on servers located in Canada. This includes your campaign data, contact lists, email content, analytics, and account data. Data never transits through US data centres. This makes Outgi the only B2B outreach platform that provides true Canadian data residency — a requirement for many regulated industries in Canada including legal, financial services, and healthcare under PIPEDA. We use AES-256 encryption at rest and TLS 1.3 in transit. Passwords are never stored — we use magic-link OTP authentication only. File attachments are stored in isolated, encrypted Canadian object storage. Backups are retained for 30 days and are also encrypted. Sub-processors (Anthropic for AI, Google for research) receive only the minimum data necessary and their transfers from Canada are governed by Standard Contractual Clauses.

5. Data Retention

Active account data is retained while your subscription is active. Cancelled accounts retain data for 90 days then deleted. You may request immediate deletion by contacting support@outgi.com.

6. Cookies and Tracking

We use session cookies for authentication. Analytics tracking within the platform is limited to open and reply tracking pixels for emails you send — these are disclosed to your recipients in the email footer.

7. Third-Party Services

We use Stripe for payment processing (subject to Stripe's Privacy Policy), Anthropic Claude for AI message generation, Google Gemini for research synthesis, and SignalWire for SMS and voice delivery. These services receive only the minimum data necessary to perform their function. Anthropic and Google are US-based sub-processors; data transfers from the EU/EEA are covered by Standard Contractual Clauses (SCCs) as provided in their respective DPAs.

8. Your Rights (GDPR / CCPA / PIPEDA / CASL)

You have the right to access, correct, or delete your personal data. EU/EEA residents have additional rights under GDPR including data portability and the right to restrict processing. Canadian residents have rights under PIPEDA (Personal Information Protection and Electronic Documents Act), including: (1) the right to know what personal information we hold about you; (2) the right to withdraw consent at any time (with notice); (3) the right to request correction; and (4) the right to file a complaint with the Office of the Privacy Commissioner of Canada. Under CASL, all commercial electronic messages include a functioning unsubscribe mechanism and we process unsubscribes immediately. Submit all data rights requests to support@outgi.com — we respond within 30 days.

9. Changes to This Policy

We may update this policy and will notify you via email of material changes. Continued use after notification constitutes acceptance.

10. Contact

Privacy questions: support@outgi.com · Outgi Inc., Toronto, Canada

Terms of Service← Back to Home