Last updated: February 2026. The service is run by IT Dijaspora.
This service (“Email Outreach Tool”) is a free service operated by IT Dijaspora. We do not charge you to use it. IT Dijaspora operates this service from Germany. IT Dijaspora is responsible for the operation of this service and for handling personal data as described in this policy. For privacy-related inquiries, please contact us at contact@emailoutreach.me or via our contact form.
When you connect your Gmail account:
gmail.send scope).During sending: Your data is processed temporarily in memory to transmit the email.
After sending: We record participation only by a hashed identifier. We immediately remove your OAuth tokens and clear your name and email from our records. We do not store the content of emails after they are sent. We store only a one-way hash of your email address for up to 3 months for “already contributed” checks; this hash cannot be reversed to recover your email address.
Admin users: If you log in to the admin dashboard, we store your session and (if configured) your username, email, and password hash for authentication. Two-factor secrets are stored if you enable 2FA.
Cookies and session: We use session cookies for admin sign-in and, during the send flow, to complete the OAuth and send process. No long-term tracking cookies are set for participants.
We use Google user data only to provide the email-sending functionality you request, to improve security and compliance, and as required by law. We do not use Google user data for advertising, and we do not sell or share it with third parties for marketing or other unrelated purposes. Our use is limited to what is described in this policy and in Google’s User Data Policy.
Google: When you connect Gmail, you sign in with Google and authorise us to send emails on your behalf. Google’s privacy policy applies to that sign-in and to the emails sent via Gmail. We do not share your data with other third parties for marketing.
Hosting: The service may be hosted by IT Dijaspora or a subprocessor. Server logs (such as IP address and request metadata) may be retained for security and abuse prevention purposes for up to 30 days.
We use encrypted connections (HTTPS) and restrict system access to authorised administrators only. OAuth tokens are deleted immediately after use.
Because we do not retain your name or email after you send, there is no identifiable profile to access, port, or correct. If you have questions or want to request erasure of any data that might relate to you, contact us (see below). We will respond in line with applicable law (e.g. GDPR).
Participant email hashes are retained for up to 3 months for “already contributed” checks, then deleted. Anonymised send history may be retained for statistics; it does not identify you. Admin account data is retained while your account is active.
We may update this privacy policy from time to time. The “Last updated” date at the top will be revised. Continued use of the service after changes constitutes acceptance of the updated policy.
For privacy-related questions or requests, contact us at contact@emailoutreach.me or via our contact form.