VaultReach← Back to Home

Privacy Policy

Last updated: April 2026

1. Information We Collect

VaultReach ("we," "our," or "us") is a B2B sales outreach platform. When you connect your Google account, we collect your name, email address, and Google OAuth access tokens. These tokens are used solely to authenticate Gmail API calls. We also collect campaign data such as prospect names and message templates authored by you, along with send metadata (timestamps).

2. Gmail Data and Google API Services

VaultReach's use of Google APIs, including the Gmail API (gmail.send scope), is limited to sending emails that you explicitly compose and approve within the VaultReach platform, on your behalf, from your own Gmail account.

We do not read, store, index, scan, share, or sell the contents of your Gmail inbox or any received emails. We do not access your Gmail drafts, labels, contacts, or any data beyond what is required to execute the send action you initiate.

Our use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

3. How We Use Your Information

We use your information to operate the VaultReach platform, send emails on your behalf when you initiate a send action, and display campaign analytics. We do not sell, rent, or share your data with third parties for marketing.

4. Data Retention & Security

We retain email send logs (sender, recipient, timestamp, campaign ID) to provide analytics. OAuth access tokens are stored encrypted at rest (AES-256 or equivalent) and are deleted immediately upon account disconnection. We do not retain the content of sent emails beyond what Gmail's Sent folder retains. All data is transmitted over HTTPS/TLS.

5. User Rights and Google API Revocation

You may revoke VaultReach's access to your Google account at any time by:

  1. Visiting Account Settings → Connected Accounts within VaultReach and clicking "Disconnect Gmail", OR
  2. Visiting https://myaccount.google.com/permissions and removing VaultReach.

Upon revocation, we will delete your stored OAuth tokens within 24 hours. To request full data deletion, email: privacy@vaultreach.ai.

6. Contact

For privacy-related questions or data deletion requests, contact us at privacy@vaultreach.ai.