PRIVACY POLICY

Welcome to Reach HR ("we," "our," or "us"). We are committed to protecting your personal information. This Privacy Policy explains how we collect, use, and safeguard your information when you use our platform.

A. Information You Provide to Us:

• Account Information: When you register using Google OAuth, we collect your name, email address, and profile picture URL.
• Campaign Content: We collect the email subject, body text, and resume file you provide for your outreach campaigns.
• Payment Data: We do not store your credit/debit card or bank account details. Our payment processor, Razorpay, handles this information. We only receive a transaction confirmation from them.

B. Information We Collect Automatically:

• Usage Data: We collect data on your interactions with the platform, such as login times and features used, for analytics and security.
• Technical Data: We may collect your IP address for rate limiting and fraud prevention.

We use your information to:

• Provide, operate, and maintain our Service.
• Process your transactions and launch your email campaigns.
• Improve our platform and user experience.
• Communicate with you for support and service updates.
• Prevent fraudulent activity and ensure the security of our platform.

We do not sell your personal data. We share information only with essential third-party services required to operate our platform:

• Google Cloud Platform (GCP): For hosting our application, database (Firestore), and file storage (Cloud Storage).
• SendGrid: To send emails on your behalf. Your email is used as the 'reply-to' address.
• Razorpay: To securely process your payments.

We implement strong security measures, including AES-256 encryption for sensitive data at rest (like Google refresh tokens and contact emails) and TLS encryption for data in transit. We use Google's secure OAuth protocol, meaning we never have access to your Google password.

We retain your account information as long as your account is active. Campaign data, including resumes, may be deleted from our active systems after a period (e.g., 90 days) to manage storage. We retain transaction data as required by law.

You have the right to access, correct, or request the deletion of your personal data. For any such requests or for any grievances regarding the processing of your information, please contact our Grievance Officer:

We will address your concerns in accordance with applicable law.

We may update this policy from time to time. We will notify you of any changes by posting the new policy on this page and updating the "Last Updated" date.