Privacy Policy
Last updated: July 17, 2026. This policy outlines how ReachOut secures tenant data assets and subscriber profiles.
1. Introduction
Welcome to ReachOut. Your privacy is important to us. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use our Email Marketing and WhatsApp Marketing platform. By using our services, you agree to the practices described in this Privacy Policy.
2. Information We Collect
We may collect the following information:
Personal Information: Full Name, Email Address, Phone Number, Company Name, Business Address, Billing Information, and GST Number (if applicable).
Account Information: Username, Password (encrypted), Login History, IP Address, Browser Information, and Device Information.
Contact Data: When you upload contact lists or datasets, we process Customer Names, Email Addresses, Phone Numbers, Custom Fields, Tags, and Subscriber Preferences. Database assets are strictly isolated between tenants.
Campaign Data: Campaign Name, Subject Line, Message Content, Attachments, Templates, Delivery Status, Bounce Reports, Open Rates, Click Rates, and Unsubscribe Information.
3. How We Use Your Information
We use your information to:
- Create and manage your tenant account.
- Deliver configured email and WhatsApp campaigns.
- Process subscription payments and invoices.
- Optimize delivery algorithms and improve services.
- Detect fraud, enforce security protocols, and prevent abuse.
- Provide customer support and resolve technical queries.
- Generate analytical insights and campaign reports.
- Send relevant system notifications and product updates.
- Comply with regional legal requirements.
4. Contact Lists & Data Isolation
You are solely responsible for obtaining explicit consent from recipients before importing databases or starting outbound runs. We do not claim ownership of uploaded contact lists, and subscriber data is never shared cross-tenant.
5. Cookies & Tracking Technologies
We use session, performance, security, and analytics cookies to retain your console preferences, analyze traffic flow patterns, and safeguard authorization states.
6. Email & WhatsApp Tracking
Our platform collects transmission metrics (opens, clicks, delivery states, bounces, spam reports, and read receipts) to populate dashboards. These metrics improve your overall delivery score and let you audit active campaign queues.
7. Data Sharing
We do not sell personal details. Information is disclosed only to trusted service partners when mandatory for campaign execution, specifically:
- Cloud Hosting Infrastructure
- Payment gateway processors
- Outbound SMTP relays configured by the tenant
- Meta WhatsApp Business API gateways
- Customer Support ticketing logs
8. Technical Data Security
We enforce industry-standard security safeguards, including SSL/TLS transfer encryption, database passwords salting/encryption, system firewalls, strict role-based access controllers, automated server backups, and activity audit logging.
9. Data Retention
We store customer details while your tenant workspace account remains active. After deletion request, certain metadata may be preserved for a limited timeframe for compliance, audit trails, and tax requirements.
10. GDPR & Indian DPDPA Data Rights
We support standard rights for EEA and Indian residents:
- Right to Access & Portability: Export subscriber databases and campaign delivery logs in structured JSON/CSV format.
- Right to Rectification & Erasure: Permanently delete or modify subscribers directly through the dashboard interface.
- Right to Restrict & Object to Processing: Toggle opt-out variables or archiving options for dynamic campaigns.
- Right to Withdraw Consent: Unsubscribe links are automatically appended to email campaign configurations to process withdrawals immediately.
- DPDPA (2023) Compliance: In accordance with the Digital Personal Data Protection Act of India, ReachOut acts as a Data Processor on behalf of the registered Tenant (the Data Fiduciary). Subscriber (Data Principal) rights can be handled from the workspace console.
11. Marketing Communications
We may send product announcements, security advisories, feature releases, and invoices. You can withdraw from receiving updates via your account console or the email unsubscribe button at any time.
12. Integration Outlets
Integrations such as SMTP providers, WABA portals, or Google/Microsoft integrations operate under their respective platform terms. Please review their privacy notices to inspect credentials management safety.
13. Children's Privacy
Our dashboard is intended for users aged 18 years or older. We do not knowingly record details from children.
14. International Transfers
Cross-border transfers are protected by standard contractual clauses ensuring your database details receive equivalent safety measures in compliance with applicable law.
15. Changes to This Privacy Policy
We may update this Privacy Policy from time to time. Material changes will be communicated through our website, dashboard, or email where appropriate.
16. Contact Us
If you have questions about this Privacy Policy or our data handling practices, please contact us:
- Email: support@reachout.blackhatcommando.com
- Website: reachout.blackhatcommando.com
- Business Hours: Monday to Friday (10AM - 6PM)