Back to Home

Privacy Policy

Effective date: January 1, 2026

DealSphere ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform for deal management and email outreach. This policy applies to all users of the DealSphere application and related services.

Information We Collect

We collect the following categories of information:

Account Information

When you sign up, we collect your name, email address, and organization details through our authentication provider (Clerk). We do not store your password directly.

Deal and Lead Data

Information you input about your business deals, leads, contacts, and pipeline activity. This data is provided by you and stored to operate the platform.

Usage Data

We automatically collect information about how you interact with the platform, including pages visited, features used, and actions taken. This helps us improve the service.

Email Data Access

When you connect your email account (Gmail, Outlook, or SMTP), we request only the minimum permissions necessary to provide our services:

Gmail (Google Workspace)

  • Send emails: To send outreach campaigns on your behalf
  • Read email metadata: To track delivery status, opens, and replies
  • Email address: To identify your connected account

We do NOT request permission to delete emails, modify labels, or access your entire inbox history.

Outlook (Microsoft 365)

  • Send emails: To send outreach campaigns on your behalf
  • Read emails: To track delivery status and detect replies
  • User profile: To get your email address

SMTP Connections

  • We store your SMTP credentials (host, port, username, password) to send emails
  • Credentials are encrypted using AES-256 encryption before storage

Google API Services User Data Policy

DealSphere's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Limited Use Disclosure

DealSphere's use of data received from Google APIs is limited to the following:

  • We only use Google user data to provide and improve the email sending and tracking features you have explicitly authorized.
  • We do not use Google user data for serving advertisements.
  • We do not allow humans to read your email data unless: (a) we have your explicit consent, (b) it is necessary for security purposes (such as investigating abuse), (c) it is necessary to comply with applicable law, or (d) our use is limited to internal operations and the data has been aggregated and anonymized.
  • We do not transfer or sell Google user data to third parties except as necessary to provide or improve user-facing features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with notice to users.

How We Use Your Information

We use the information we collect to:

  • Provide, operate, and maintain the DealSphere platform
  • Send emails on your behalf through connected email accounts
  • Track email delivery status, opens, and replies for your campaigns
  • Display your deal pipeline, leads, and analytics
  • Communicate with you about your account, service updates, and support
  • Detect, prevent, and address security issues and abuse
  • Improve the platform based on aggregated and anonymized usage patterns

How Credentials Are Stored

We take security seriously. All sensitive credentials are protected using industry-standard encryption:

  • 1
    OAuth tokens (Gmail/Outlook) are encrypted using AES-256-CBC before being stored in our database
  • 2
    SMTP passwords are encrypted using the same AES-256-CBC encryption
  • 3
    Encryption keys are stored separately from the database and rotated regularly
  • 4
    Database access is restricted to authorized services only, with audit logging

We never store your Google or Microsoft passwords. OAuth tokens are the only credentials we receive, and these can be revoked at any time.

Data Sharing & Third Parties

We do not sell your data. Your email content, credentials, and personal information are never sold to third parties.

We may share data only in the following limited circumstances:

  • Service providers: We use third-party services for cloud hosting (data encrypted at rest and in transit), authentication (Clerk), and email delivery infrastructure. These providers only process data as necessary to provide their services to us.
  • Legal requirements: We may disclose your information if required by law, subpoena, or other legal process, or to protect the rights, property, or safety of DealSphere, our users, or others.
  • Business transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

We do not share Google user data with any third parties except as described above and in compliance with the Google API Services User Data Policy.

Data Retention

Email Credentials

Stored while your mailbox is connected. Permanently deleted when you disconnect or delete your account.

Email Content

We store email subjects and metadata for campaign tracking. Email body content is not permanently stored after sending.

Tracking Data

Open rates, click rates, and reply data are retained for analytics and reporting purposes while your account is active.

Account Data

Your profile and organization data are retained until you request account deletion.

Account Deletion

When you delete your account, we permanently remove all your data within 30 days, including: email credentials, OAuth tokens, campaign data, lead information, and tracking metrics. Some anonymized aggregate data may be retained for analytics purposes.

How to Revoke Access & Delete Data

You can revoke DealSphere's access to your email and request data deletion at any time:

Option 1: Within DealSphere

  1. Go to Settings → Integrations → Email
  2. Click the trash icon next to the mailbox you want to disconnect
  3. Confirm the disconnection

This will immediately revoke our OAuth token with Google/Microsoft and delete your stored credentials.

Option 2: Google Account Settings

  1. Visit myaccount.google.com/permissions
  2. Find "DealSphere" in the list of connected apps
  3. Click "Remove Access"

Option 3: Microsoft Account Settings

  1. Visit account.microsoft.com/privacy/app-access
  2. Find "DealSphere" in the list
  3. Click "Remove these permissions"

Full Account & Data Deletion

To request complete deletion of your account and all associated data, contact us at privacy@dealsphere.io. We will process your request within 30 days.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you.
  • Correction: Request that we correct any inaccurate or incomplete data.
  • Deletion: Request the deletion of your personal data.
  • Portability: Request an export of your data in a machine-readable format.
  • Objection: Object to certain processing of your data.
  • Withdraw consent: Withdraw your consent at any time where we rely on consent for processing.

To exercise any of these rights, please contact us at privacy@dealsphere.io. We will respond to all requests within 30 days.

Children's Privacy

DealSphere is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.

Questions?

If you have any questions about this Privacy Policy or our data practices, please contact us:

privacy@dealsphere.io