Privacy Policy
What we collect, what we do with it, who we share it with, and how to delete it.
Effective date: May 14, 2026
1. Who we are
ReachGram is an outreach customer-relationship-management (CRM) product for Instagram, operated by Dapperico Inc. ("ReachGram", "we", "us", "our"), a Canadian corporation based in Toronto, Ontario, Canada. This Privacy Policy describes how we handle personal information when you use the ReachGram web application at reachgram.app(the "Service").
If you have a question about this policy, contact us at hello@reachgram.app.
2. Who this policy applies to
This policy applies to two kinds of people:
- Operators — the agency professionals, founders, and team members who sign up for ReachGram, connect their integrations, and use the product to run outreach campaigns.
- Prospects — individuals whose public Instagram profile information (and, when connected, email correspondence with an operator) the Service processes on behalf of operators.
Operators have a direct relationship with ReachGram and can exercise the rights described in Section 11. Prospects' data is processed on behalf of operators (the "data controller" in GDPR terms); operators are responsible for maintaining their legal basis to process prospects' data.
3. What we collect
3.1 Information operators give us directly
- Account information: name, email address, and authentication identifiers (handled via Clerk — see Section 6).
- Phone number (sign-up verification): if we require phone verification at sign-up to deter abuse, we collect your mobile phone number and a one-time SMS code via Twilio (see Section 6). We store the verified number on your account and the fact that it was verified; we do not use it for marketing or share it with anyone outside our sub-processors. You can request deletion of your number at any time by contacting hello@reachgram.app — note that doing so may require completing re-verification before continuing to use the Service.
- Workspace information: your workspace name, team members you invite, role assignments, billing contact details.
- Payment information: handled exclusively by Stripe (see Section 6). We store only a Stripe customer ID and metadata about your subscription; we never see card numbers.
- Operational settings: Instagram pages you connect, target categories, scoring weights, sender context, daily send caps.
- Content you create: DM drafts (human-written or AI-generated), captured replies, prospect notes, custom templates.
- Email correspondence (optional, only when you connect): described in Section 7 (Gmail) and Section 8 (Outlook).
3.2 Information collected automatically when you use the Service
- Usage events: which pages you visit, which features you use, when you sent or marked messages, time-stamped for product analytics and rate-limiting.
- Device information: browser user-agent string, general location (city level, derived from IP), which mobile devices you have paired (model + browser, not full fingerprint).
- Error logs: when something breaks, our error monitoring tool captures the stack trace and the minimum operator identifiers needed to reach out about the issue.
3.3 Information about prospects, collected from public sources
- Public Instagram profile data: handle, display name, bio, follower count, public post content, profile picture, public contact information (if any). Collected from publicly-accessible Instagram profile views and stored on a per-team basis.
- Public business data:when a prospect is discovered via Google Maps Places, we store the place name, address, category, and rating — all publicly available data Google's API exposes.
- Conversation metadata: the timestamps of DMs you sent to the prospect through Instagram, marked-sent status, and (when you capture them) the text of replies the prospect sends you.
We do NOT scrape private Instagram accounts, bypass Instagram's privacy settings, or access Instagram's internal APIs. The only Instagram data we process is what would be visible to any signed-in Instagram user viewing the prospect's public profile.
4. How we use this information
We use the information described in Section 3 to:
- Provide and operate the Service — render your dashboard, run discovery jobs, generate DM drafts, deliver notifications, etc.
- Generate AI-assisted DM drafts. We send the minimum context necessary — the sender's profile and the prospect's public profile — to a third-party AI model whose API terms prohibit using inputs to train or improve that model.
- Enforce safety guardrails (anti-spam send-rate caps, audit logs, team-level scoping) so accounts don't get flagged by Instagram.
- Process payments (via Stripe) and manage your subscription, send billing-related emails, and prevent fraud.
- Respond to your support requests and otherwise communicate with you about the Service.
- Improve the Service — debug errors, analyze aggregate usage patterns, prioritize what to build next. Aggregated analytics do not identify individuals.
- Meet legal obligations (tax, regulatory, compliance with court orders).
We do not use the data we collect for advertising, sell it to third parties, train AI models on customer content, or provide it to data brokers.
5. Legal bases for processing (for users in the EU/UK)
For users covered by the GDPR or UK GDPR, our legal bases for processing personal information are:
- Performance of a contract: processing necessary to provide the Service you signed up for, including managing your account, generating DMs, and processing your subscription.
- Legitimate interests: running the product securely (error logging, anti-abuse), improving the product (aggregate analytics), and protecting our rights.
- Consent: for optional integrations like Gmail or Outlook, where you explicitly authorize us to access your account. You can withdraw consent at any time by disconnecting (see Section 8).
- Legal obligations: retention of billing records and response to lawful requests from authorities.
Operators acting as data controllers for prospect data should ensure they have their own legal basis (typically legitimate interest in business outreach to commercial accounts) and that their use of the Service complies with applicable direct-marketing laws (CASL in Canada, GDPR / ePrivacy in the EU, TCPA where applicable).
6. Who we share information with
We share personal information only with the third-party service providers we depend on to run the Service. We have agreements in place with each one limiting their use of the data to providing services to us. We share the minimum data necessary and require each provider to protect it to standards at least equivalent to ours.
We name below the third parties whose role is directly visible to you as a ReachGram user, or whose role is required to be disclosed by the integration they power:
| Provider | Purpose | Data shared |
|---|---|---|
| Clerk | Authentication, session management | Email, name, OAuth identifiers |
| Stripe | Subscription billing | Email, billing address, card details (Stripe-hosted) |
| Resend | Transactional email delivery (receipts, alerts) | Recipient email, message body |
| Twilio | Sign-up SMS verification and carrier lookup (anti-abuse). Used once at sign-up to confirm a real mobile number; not used for marketing. | Phone number, one-time verification code, carrier type |
| Google (Gmail integration) | Read email correspondence with prospects (opt-in) | See Section 7 |
| Microsoft (Outlook integration) | Same as Gmail, for Outlook accounts (when available) | See Section 8 |
| Meta / Instagram (when applicable) | Read inbound DM replies via the Instagram Messaging API (subject to Meta App Review approval) | DM thread metadata + bodies for prospects you have actively messaged |
In addition, we rely on commercial sub-processors for back-office functions like application hosting, database, caching, file storage, error monitoring, and the AI model used to generate DM drafts. These providers do not receive Gmail data, are bound by data-processing agreements at least as protective as this Privacy Policy, and are used solely to operate the Service.
ReachGram maintains a complete, up-to-date list of sub-processors, which we will provide on request to any current customer or prospective customer with a legitimate need (for example, vendor review, security questionnaires, or DPAs). Email hello@reachgram.appwith "sub-processor list" in the subject and we will respond within 5 business days. We notify customers at least 30 days before adding any sub-processor that materially changes the data-handling posture of the Service.
We may also disclose personal information if required by law (a valid court order, subpoena, or other legal process), to protect our rights or the safety of users, or in connection with a merger, acquisition, or sale of all or substantially all of our assets (in which case the successor entity will be bound by terms at least as protective as these).
7. Google Gmail integration — Limited Use disclosure
If you connect your Google account to ReachGram, we request the Gmail API restricted scope https://www.googleapis.com/auth/gmail.readonly. This section describes exactly how we use that access. It is provided in addition to (and not in derogation of) the rest of this policy.
What we read
We read only email messages where the sender, recipient, or CC line contains an email address that you have previously linked to a prospect in your ReachGram CRM. We do this by issuing targeted Gmail search queries (e.g.,from:jane@example.com OR to:jane@example.com) against your inbox. We do not sync your full mailbox. We do not scan, read, store, or process emails that do not match a prospect-linked address.
What we store
For each matching email, we store: sender address, recipient addresses, CC addresses, subject line, sent date, plain-text body, and a sanitized HTML body. Body content is encrypted at rest in our database. We do not store email attachments — instead we link out to the original message in Gmail when an operator wants to view them.
What we never do with your email data
- We never use the data to train any artificial intelligence or machine-learning model.
- We never sell it, share it with third parties (other than the sub-processors listed in Section 6 strictly to run the Service), or use it for advertising.
- We never modify your Gmail inbox. The
gmail.readonlyscope is read-only — we cannot send messages, delete messages, modify labels, or take any write action via the Gmail API.
How to revoke access
You can revoke our access to your Gmail at any time, in two ways:
- Inside ReachGram: Settings → Email integration → Disconnect. Disconnecting immediately deletes all email messages we have stored that came from your Gmail account.
- Inside Google: visit myaccount.google.com/permissions and remove ReachGram's access. Once revoked, our background jobs will fail authentication and stop attempting to read your mailbox.
Limited Use Policy acknowledgement
ReachGram's use of information received from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements. We affirm that:
- We will use Google user data only to provide and improve user-facing features that are prominent in ReachGram's user interface.
- We will not transfer Google user data to others except as necessary to provide or improve user-facing features that are prominent in the ReachGram user interface, comply with applicable law, or as part of a merger, acquisition, or sale of assets with user notification.
- We will not use Google user data for serving advertisements, including retargeting, personalized, or interest-based advertising.
- We will not allow humans to read Google user data unless: (a) we have obtained the user's affirmative agreement to view specific messages, (b) it is necessary for security purposes, (c) it is necessary to comply with applicable law, or (d) the data (including derivations) is aggregated and used for internal operations.
8. Microsoft Outlook integration
Where ReachGram offers an Outlook integration via Microsoft Graph, the same posture as Section 7 applies, with Mail.Read in place of the Gmail scope. Microsoft Graph data is governed by Microsoft's privacy commitments for the API surface we use; we do not use the data for any purpose other than rendering email correspondence on the operator's prospect timeline.
9. International data transfers
ReachGram is operated from Canada. Many of our sub-processors (listed in Section 6) operate primarily in the United States and may store and process your personal information in the United States or other jurisdictions. We rely on the relevant data-protection commitments those providers offer (e.g., Standard Contractual Clauses, EU-US Data Privacy Framework certifications where applicable) to ensure your data is protected at a level equivalent to the jurisdiction in which it was collected.
10. Data retention
We retain personal information for as long as it is needed to provide the Service, comply with our legal obligations, resolve disputes, and enforce our agreements. Specifically:
- Active account data is retained for the life of your account.
- Email correspondence stored via the Gmail or Outlook integration is deleted immediately when you disconnect the integration.
- Cancelled accounts: 90 days after account closure, we delete or anonymize personal data, except records we are required to retain (e.g., billing records for tax compliance — up to 7 years per Canadian regulations).
- Backups: our database backups roll over within 35 days. Data deleted from the live database persists in backups for this period and is then overwritten.
- Aggregated analytics (with no personal identifiers) may be retained indefinitely.
- Phone numbers used for sign-up verification are retained for the life of your account so we can re-verify if your account is challenged for abuse. The one-time verification code itself is hashed and deleted as soon as it is used or expires (10 minutes), whichever comes first. You may request deletion of your verified phone number — see Section 11.
11. Your rights
You have rights over your personal information regardless of where you live. The exact list varies by jurisdiction, but here's the practical floor:
- Access: request a copy of the personal information we hold about you.
- Correction: ask us to correct inaccurate information.
- Deletion: request that we delete your personal information (subject to retention obligations described in Section 10).
- Portability: request your data in a structured, machine-readable format.
- Objection: object to processing based on legitimate interests.
- Withdraw consent for optional features (Gmail / Outlook integration, marketing emails). Doing so does not affect the lawfulness of processing done before withdrawal.
- Complaint:lodge a complaint with your local data protection authority (in Canada: the Office of the Privacy Commissioner of Canada; in the EU: your member state's authority).
To exercise any of these rights, email hello@reachgram.app. We respond within 30 days. If you are a prospect (i.e., you are not an operator with a ReachGram account but you appear in an operator's CRM), please reach the operator directly — they are the data controller for your information in their workspace. If you cannot identify the operator, write to us and we will help you contact them.
California residents (CCPA / CPRA)
ReachGram does not sell personal information as defined by the CCPA. Specific California rights — including the right to know, delete, and opt out of "sharing" — are covered by the broader rights listed above.
12. Cookies and tracking
We use cookies and similar technologies to keep you signed in (session cookies), remember your preferences, and measure aggregate usage of the Service. We do not use third-party advertising cookies and do not allow third-party advertising networks to track you through ReachGram. You can disable cookies in your browser; some parts of the Service won't function correctly if you do (e.g., sign-in will not persist).
13. Security
We protect your personal information with technical and organizational measures appropriate to the risk:
- All connections to ReachGram are encrypted in transit via TLS 1.2+.
- Sensitive credentials (OAuth refresh tokens, API keys, email body content) are encrypted at rest in our database using AES-256-GCM.
- Access to production systems is limited to authorized personnel.
- We log meaningful actions for audit purposes and use error monitoring to surface anomalies quickly.
- We use cryptographically secure session tokens. Mobile pairing codes are short-lived (10 minutes) and single-use.
No system is perfectly secure. We do not warrant that the Service is free from unauthorized access or breach. If we become aware of a breach that affects your personal information, we will notify you without undue delay as required by applicable law.
14. Children
ReachGram is a business product. It is not intended for, and we do not knowingly collect personal information from, anyone under the age of 16. If you believe we have inadvertently collected information from a child, contact us and we will delete it.
15. Automated decisions
ReachGram uses automated logic to rank prospects (the Score field) and to generate AI DM drafts via Claude. These are decision-support features for the operator; the operator reviews and decides whether to send any given message. No fully-automated decision with legal or similarly significant effect is made about you by ReachGram.
16. Changes to this Privacy Policy
We may update this Privacy Policy from time to time. When we make a material change, we will update the "Effective date" at the top of this page and, for current customers, notify you via email or an in-app banner at least 14 days before the change takes effect. Continued use of the Service after the effective date of an updated policy constitutes acceptance of the changes.
17. Contacting us
For any privacy-related questions or requests:
- Email: hello@reachgram.app
- Mail: Dapperico Inc., Toronto, Ontario, Canada (specific mailing address available on request).