Privacy Policy

Legal

Last updated June 24, 2026. This Privacy Policy explains how Linkreach collects, uses, shares, and protects your personal data when you use our services.

1. Who we are

Linkreach (“we”, “our”, “us”) operates the LinkedIn outreach automation platform at linkreach.pro. We act as the data controller for the personal data described in this policy. For questions about this policy or your data, contact privacy@linkreach.pro.

2. What data we collect

Account data: your name, email address, hashed password, country, timezone, and workspace settings.
LinkedIn connection data: when you connect a LinkedIn account, we store the connection token issued by Unipile and operational metadata (account status, daily action counters, warmup state). We do not store your LinkedIn password.
Contact lists and outreach content: the prospects you upload, sequences you author, and messages sent or received through connected accounts.
Payment data: processed by our payments provider Paddle.com Market Ltd. acting as Merchant of Record. We receive only the last four digits of your card and the billing country.
Usage data: pages visited, features used, error logs, IP addresses, and browser metadata. Used to operate the service and prevent abuse.
Support communications: any emails or chat messages you send us.

3. Why we use your data (legal basis under GDPR)

To provide the service (contract performance): running campaigns, syncing LinkedIn data, sending emails, generating AI replies, billing.
To secure the service (legitimate interest): detecting abuse, preventing account takeover, throttling.
To comply with law (legal obligation): tax, accounting, responses to lawful requests.
To send product updates (legitimate interest or consent): occasional emails about new features or service status. You can opt out at any time.

4. Sub-processors who help us run the service

We share the minimum data needed with the following sub-processors. All are bound by data-processing agreements with us:

Paddle.com Market Ltd. (Ireland) — payments, invoicing, sales tax.
Zoho Corporation (ZeptoMail) — transactional emails (verification, password reset, billing receipts).
Unipile — LinkedIn API integration that executes actions on connected accounts on your behalf.
OpenRouter — routes AI text generation requests to underlying model providers. Prompts may include your prospect names and sequence content.
Apify, Hunter, Firecrawl, Zernio — enrichment and intent-signal providers used when you opt to enrich prospects.
ElevenLabs — AI voice generation when you use the voice message feature.
Our infrastructure host — application server, PostgreSQL database, and Redis queue (hosted in the EU).

5. International data transfers

Some sub-processors are located outside the European Economic Area. For those transfers we rely on Standard Contractual Clauses (SCCs) approved by the European Commission, or on an adequacy decision where one exists.

6. How long we keep your data

Account data: for as long as your account is active, then deleted within 30 days of account closure.
Outreach data: deleted within 30 days of account closure or on your request.
Billing records: retained for 7 years to meet tax and accounting obligations.
Backups: rolled off within 30 days.

7. Your rights

Depending on where you live, you have the right to access, correct, delete, restrict, or port your personal data, and to object to certain processing. California residents have additional rights under the CCPA, including the right to opt out of the sale or sharing of personal information (we do not sell personal information). To exercise any right, email privacy@linkreach.pro. You can also lodge a complaint with your local data protection authority.

8. Cookies

We use strictly necessary cookies for authentication and security, and limited analytics cookies to understand how the product is used. You can disable non-essential cookies in your browser settings without losing core functionality.

9. Children

Linkreach is not directed to children under 16. We do not knowingly collect data from children. If you believe a child has provided us data, contact us and we will delete it.

10. Security

Passwords are hashed with bcrypt; LinkedIn tokens and other sensitive secrets are encrypted at rest with AES-256. All connections to the service are encrypted in transit via TLS 1.2+. Access to production systems is restricted to a small number of engineers and audited.

11. Changes to this policy

We may update this policy as the service evolves. Material changes will be communicated by email to active users at least 14 days before they take effect.

12. Contact

Privacy questions: privacy@linkreach.pro. General support: mail@linkreach.pro.

2. What data we collect

Account data: your name, email address, hashed password, country, timezone, and workspace settings.
LinkedIn connection data: when you connect a LinkedIn account, we store the connection token issued by Unipile and operational metadata (account status, daily action counters, warmup state). We do not store your LinkedIn password.
Contact lists and outreach content: the prospects you upload, sequences you author, and messages sent or received through connected accounts.
Payment data: processed by our payments provider Paddle.com Market Ltd. acting as Merchant of Record. We receive only the last four digits of your card and the billing country.
Usage data: pages visited, features used, error logs, IP addresses, and browser metadata. Used to operate the service and prevent abuse.
Support communications: any emails or chat messages you send us.

3. Why we use your data (legal basis under GDPR)

To provide the service (contract performance): running campaigns, syncing LinkedIn data, sending emails, generating AI replies, billing.
To secure the service (legitimate interest): detecting abuse, preventing account takeover, throttling.
To comply with law (legal obligation): tax, accounting, responses to lawful requests.
To send product updates (legitimate interest or consent): occasional emails about new features or service status. You can opt out at any time.

4. Sub-processors who help us run the service

We share the minimum data needed with the following sub-processors. All are bound by data-processing agreements with us:

Paddle.com Market Ltd. (Ireland) — payments, invoicing, sales tax.
Zoho Corporation (ZeptoMail) — transactional emails (verification, password reset, billing receipts).
Unipile — LinkedIn API integration that executes actions on connected accounts on your behalf.
OpenRouter — routes AI text generation requests to underlying model providers. Prompts may include your prospect names and sequence content.
Apify, Hunter, Firecrawl, Zernio — enrichment and intent-signal providers used when you opt to enrich prospects.
ElevenLabs — AI voice generation when you use the voice message feature.
Our infrastructure host — application server, PostgreSQL database, and Redis queue (hosted in the EU).

7. Your rights