outreachKoiTerms of Use

Privacy Policy

Last updated: May 27, 2025

1. Who we are

outreachKoi ("we", "us", "our") provides a LinkedIn outreach automation platform accessible at outreachkoi.com. This policy explains what data we collect, how we use it, and your rights.

2. What we collect

  • Account data: your name, work email address, and hashed password when you register.
  • Campaign & lead data: LinkedIn profile URLs, names, job titles, companies, and messages you create or import as part of outreach campaigns.
  • Usage data: campaign activity, message delivery status, reply detection timestamps, and analytics you view in the dashboard.
  • Billing data: subscription status and payment events processed by Dodo Payments. We never store card numbers — all payment data is handled by Dodo.
  • Extension token: a secure per-user token stored locally in your Chrome browser to authenticate the Chrome extension with our API. It is never transmitted to LinkedIn.

3. What we do NOT collect

  • Your LinkedIn username or password — we never ask for them and never access them.
  • Your LinkedIn session cookies — automation runs inside your own browser via the Chrome extension.
  • Any data from LinkedIn profiles beyond what you explicitly add to a campaign.

4. How we use your data

  • To operate and deliver the outreachKoi service, including scheduling tasks for the Chrome extension.
  • To send transactional emails (reply notifications, password resets, email verification).
  • To generate AI-personalized outreach messages using your campaign settings (processed by OpenAI — see Section 6).
  • To process billing and manage your subscription via Dodo Payments.
  • To improve the platform based on aggregated, anonymised usage patterns.

5. Data sharing

We do not sell your data. We share it only with:

  • Dodo Payments — for subscription billing.
  • OpenAI — lead name, title, company, and campaign context are sent to generate personalized messages. OpenAI's API data retention policies apply.
  • Amazon Web Services — our servers run on AWS in the US.
  • Law enforcement — if required by applicable law or a valid legal process.

6. AI-generated messages

When you enable AI personalization, we send limited lead context (first name, last name, job title, company, and your campaign goal) to OpenAI's API to generate message drafts. We do not send full LinkedIn profiles or any data beyond what you have explicitly entered. Generated messages are previewed in the dashboard before being sent.

7. Data retention

We retain your account and campaign data for as long as your account is active. If you delete your account, we delete your personal data within 30 days, except where retention is required by law (e.g. billing records).

8. Your rights

You may at any time:

  • Access or export your data by contacting us.
  • Correct inaccurate data from the Settings page.
  • Delete your account and all associated data by emailing us.
  • Opt out of non-transactional emails via the unsubscribe link.

If you are in the EU/EEA, you also have rights under GDPR including the right to lodge a complaint with your local supervisory authority.

9. Cookies

We use a single httpOnly session cookie (outreachkoi_token) to keep you logged in. We do not use tracking or advertising cookies.

10. Security

Passwords are hashed with bcrypt. All data is transmitted over HTTPS. Your LinkedIn session never leaves your browser — the extension communicates with our API using only your extension token.

11. Changes to this policy

We may update this policy from time to time. We will notify you by email for material changes. Continued use of the service after changes constitutes acceptance.

12. Contact

Questions? Email us at saif@outreachkoi.com