← Back to Pipecrush

Privacy Policy

Last Updated: January 2026

Introduction

Pipecrush ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our sales engagement platform at pipecrush.tech (the "Service").

By using our Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use our Service.

Information We Collect

Account Information

When you create an account, we collect:

  • Your name and email address
  • Organization/company information
  • Authentication credentials (managed securely by our authentication provider, Clerk)

Data You Provide

Through your use of the Service, you may provide:

  • Lead and contact information you upload or enter
  • Email campaign content and templates
  • Calendar booking preferences and availability
  • Phone numbers for calling features

Automatically Collected Information

We automatically collect certain information when you use the Service:

  • Usage data (features accessed, actions taken)
  • Device and browser information
  • IP address and general location
  • Cookies and similar tracking technologies

Google API Services User Data Policy

This section describes how Pipecrush accesses, uses, stores, and shares data obtained through Google API Services. Our use complies with the Google API Services User Data Policy, including the Limited Use requirements.

Data We Access

When you connect your Google account to Pipecrush, we request access to the following:

Gmail (for email sending)

  • Send Email (gmail.send): Allows us to send emails from your Gmail account on your behalf for cold email campaigns and follow-up sequences that you create and authorize.
  • Email Address (userinfo.email): Allows us to verify and display your email address within the platform.

Google Calendar (for appointment booking)

  • View Calendar (calendar.readonly): Allows us to see your existing events to determine your availability for booking links.
  • Create Events (calendar.events): Allows us to create calendar events when prospects book appointments through your booking links.
  • View Availability (calendar.events.freebusy): Allows us to check when you are free or busy without seeing event details.

How We Use Google Data

  • Email Sending: We use the gmail.send permission exclusively to send personalized cold emails and follow-up sequences that you create and schedule in Pipecrush. We only send emails that you explicitly authorize.
  • Booking Links: We use calendar permissions to generate available time slots for your booking links and create calendar events when prospects book meetings with you.

How We Store Google Data

  • OAuth access tokens and refresh tokens are encrypted at rest using AES-256-GCM encryption before being stored in our database.
  • We do not store the content of emails you send. Sent emails reside in your Gmail sent folder.
  • Calendar event details are used only to manage bookings and are stored on your Google Calendar, not in our systems.

How We Share Google Data

We do NOT sell, rent, or share your Google user data with third parties for their marketing or advertising purposes.

Your Google user data may be shared only in these limited circumstances:

  • With infrastructure providers (hosting, database) necessary to operate Pipecrush
  • When required by law (e.g., court orders, legal process)
  • With your explicit consent

Data Retention and Deletion

You can disconnect your Google account at any time through your Pipecrush account settings. When you disconnect:

  • Your OAuth tokens are immediately and permanently deleted from our systems
  • Your email sending capability through that Google account is disabled
  • Your calendar integration is removed

You can also revoke Pipecrush's access to your Google account at any time by visiting: https://myaccount.google.com/permissions

Microsoft API Services User Data

This section describes how Pipecrush accesses, uses, stores, and shares data obtained through Microsoft Graph API when you connect your Microsoft/Outlook account.

Data We Access

When you connect your Microsoft account to Pipecrush, we request access to the following:

Outlook Email (for email sending and reply tracking)

  • Send Email (Mail.Send): Allows us to send emails from your Outlook account on your behalf for cold email campaigns and follow-up sequences that you create and authorize.
  • Read Email (Mail.Read): Allows us to read your inbox to identify and track replies from leads you have contacted through Pipecrush, enabling conversation management within the platform.
  • Email Address (User.Read): Allows us to verify and display your email address within the platform.

Outlook Calendar (for appointment booking)

  • View Calendar (Calendars.Read): Allows us to see your existing events to determine your availability for booking links.
  • Create Events (Calendars.ReadWrite): Allows us to create calendar events when prospects book appointments through your booking links.

How We Use Microsoft Data

  • Email Sending: We use the Mail.Send permission exclusively to send personalized cold emails and follow-up sequences that you create and schedule in Pipecrush. We only send emails that you explicitly authorize.
  • Reply Tracking: We use Mail.Read to sync your inbox and identify replies from leads, allowing you to manage conversations within Pipecrush.
  • Booking Links: We use calendar permissions to generate available time slots for your booking links and create calendar events when prospects book meetings with you.

How We Store Microsoft Data

  • OAuth access tokens and refresh tokens are encrypted at rest using AES-256-GCM encryption before being stored in our database.
  • We do not store the content of emails you send. Sent emails reside in your Outlook sent folder.
  • Email replies from leads are synced and stored to enable conversation tracking. Non-lead emails are automatically discarded and not retained.
  • Calendar event details are used only to manage bookings and are stored on your Outlook Calendar, not in our systems.

How We Share Microsoft Data

We do NOT sell, rent, or share your Microsoft user data with third parties for their marketing or advertising purposes.

Your Microsoft user data may be shared only in these limited circumstances:

  • With infrastructure providers (hosting, database) necessary to operate Pipecrush
  • When required by law (e.g., court orders, legal process)
  • With your explicit consent

Data Retention and Deletion

You can disconnect your Microsoft account at any time through your Pipecrush account settings. When you disconnect:

  • Your OAuth tokens are immediately and permanently deleted from our systems
  • Your email sending capability through that Microsoft account is disabled
  • Your calendar integration is removed

You can also revoke Pipecrush's access to your Microsoft account at any time by visiting: https://account.microsoft.com/privacy/app-access

How We Use Your Information

We use the information we collect to:

  • Provide, maintain, and improve our Service
  • Process your transactions and manage your account
  • Send you technical notices, updates, and support messages
  • Respond to your comments, questions, and customer service requests
  • Monitor and analyze usage trends to improve user experience
  • Detect, prevent, and address technical issues and security threats
  • Comply with legal obligations

Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using HTTPS/TLS.
  • Encryption at Rest: Sensitive credentials including OAuth tokens are encrypted using AES-256-GCM before storage.
  • Authentication: User authentication is handled by Clerk, an enterprise-grade, SOC 2 Type II certified authentication provider.
  • Access Controls: We implement row-level security and strict access controls to ensure users can only access their own data.
  • Secure Infrastructure: Our application is hosted on Vercel with data stored in NeonDB, both of which maintain strong security practices.

Data Sharing and Disclosure

We do not sell your personal information. We may share your information in the following circumstances:

  • Service Providers: With third-party vendors who help us operate our platform (hosting, email delivery, analytics)
  • Legal Requirements: When required by law, court order, or governmental authority
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • With Your Consent: When you explicitly authorize us to share your information

Your Rights and Choices

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate personal information
  • Deletion: Request deletion of your personal information
  • Disconnect Integrations: Disconnect connected accounts (Google, Microsoft) at any time through your account settings
  • Export: Request an export of your data in a portable format
  • Opt-out: Opt out of marketing communications at any time

To exercise any of these rights, please contact us through our website.

Cookies and Tracking

We use cookies and similar tracking technologies to:

  • Keep you signed in to your account
  • Remember your preferences
  • Understand how you use our Service
  • Improve our Service based on usage patterns

You can control cookies through your browser settings. Note that disabling cookies may affect the functionality of our Service.

Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal information, please contact us and we will take steps to delete such information.

International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country. We take appropriate safeguards to ensure that your personal information remains protected in accordance with this Privacy Policy.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Payment Processing

We use Stripe, Inc. as our payment processor. When you subscribe to a paid plan, your payment information is transmitted directly to Stripe and governed by Stripe's Privacy Policy. We do not store complete credit card numbers on our servers.

Authentication & Identity Management

We use Clerk, Inc. to manage user authentication and organization accounts. Your email address, name, and authentication credentials are processed by Clerk in accordance with their Privacy Policy. Clerk handles secure storage of passwords and session management on our behalf.

Billing Data Retention

We retain billing records, transaction history, and subscription data for 7 years to comply with financial record-keeping regulations. This data is used for invoicing, dispute resolution, and tax compliance.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact us at support@pipecrush.tech or visit our Contact page.