Privacy Policy

Last updated: May 30, 2024

Overloop SRL (“us”, “we”, or “our”) operates the website (the “Service”).

This page informs you of our policies regarding the collection, use and disclosure of Personal Information when you use our Service.

We will not use or share your information with anyone except as described in this Privacy Policy.

We use your Personal Information for providing and improving the Service. By using the Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, terms used in this Privacy Policy have the same meanings as in our Terms of Use, accessible at

What information do we collect?

When you are on our website

  • Usage stats: When you’re using our website, we track your usage which includes statistics such as which pages you visit and how long you look at them.

  • Users details: If you create an account, we ask information such as your email, you name or what company you work for. All this information is used to personalize your experience or send you onboarding emails and invoices.

  • Payment information: If you become a paying customer, we will collect your payment card information through our payment gateway Stripe, Inc. The payment information is never sent to our servers and therefore, we are not collecting/storing it on our own servers.

When you subscribe to a newsletter on our public website (e.g. blog, product updates, …)

  • Contact details: On our public website, we have several forms that allow you to subscribe to different feed of email notifications. Most of these forms only require your email but some of them may ask you for more details (name, position, company, …).

When you use our services

  • Server logs: We monitor your usage, and log requests that you make. Those logs can include IP address, geolocalization information, browser type, etc. The logs are accessible for 1 month and then backed up. The backups are destroyed after 1 year.

When you use our sales prospecting services

  • Contacts details: Whether it is through the API, the website, Zapier or the browser extensions we provide; we collect, store and enrich information regarding to your prospects (first name, last name, email, position, company, country, …). The identity of the prospects is provided by you (as customers). For the enrichment part, we rely on two third-party services:, Inc. (privacy policy) and Briteverify, LLC (privacy policy).

  • Contacts listings: When using our services, you might send us some files (for example, by using the “import” feature). We store your files until you close your account.

When you use our Chrome extension

  • Credentials: By authenticating yourself directly from the extension you’re able to send email verification requests to our servers.

  • Preferences: We customize the extension’s interface according to your needs thanks to your saved settings.

  • URL of the active tab: It helps us determine the domain of the address you would like to find.

  • Web page content and HTTP request responses both contain valuable information when it comes to getting you the email address you’re searching for.

When you use our outreach services

  • Email credentials: Our “outreach” feature allow our users to establish a first contact with their prospects by automating their mailbox. In order to do so, we collect our users email credentials. Those credentials are encrypted with a master key and then stored in a separate database provided by Redis Labs, Inc. (privacy policy).

  • Prospects’ activity: Our users can send emails through our “outreach” feature and get tracking information on them. We’ll let them know if we think their emails have been opened, where and how many times. We may store the location of the person opening the emails using IP addresses. To respect their privacy, the IP addresses collected this way are anonymised.

  • Users conversations: Our users can share the prospecting work they do with their team. To offer this features, we store some information regarding the emails such as the subject, body, sender and the recipient(s).

When you contact our support

  • Support conversation: If you reach out via email or chat, we keep conversations and other data you might send during those exchanges. When you delete your account, those conversations are removed after 90 days.

  • Usage data: in order to offer a first-class customer support, we are recording usage data thanks to third-party service Smartlook (privacy policy).

What do we do with your personal information?

As a data controller, Overloop collects your personal data fairly and lawfully and in accordance with any applicable law (including the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016), with our Terms of Services and with any Data Processing Agreement. The main purpose of collecting personal data is to provide you with a safe, optimal, efficient and personalized experience.

We may use your personal data to:

  • Provide our service: When creating an account, you agree to our Terms of Service which allows us to process your data to give you access to Overloop. This way, you can have an account on our website, save and process prospects, outreach to them, invite other team members, etc.

  • Offer customer support: We provide customer support via email or chat, to help you take full advantage of our service or fix any problem you encounter.

  • Fight fraud: We actively fight credit card fraud and misuse of our services by detecting risk patterns.

  • Market new services: Regularly, we launch new services. We’ll let users know about those releases if they have asked us to keep them up to date.

  • Perform any other function: that we believe in good faith is necessary to protect the security or proper functioning of our Site or the Overloop Services.

Overloop may use the data collected for other purposes, which you will be informed of at the time the data is collected and be asked to accept.

How long do we keep your personal information?

Overloop retains the personal information we process on behalf of our customers for as long as needed to provide the Services to our customers and in accordance with our terms of service. Once it is deleted, Overloop removes almost everything within 90 days. To the extent not deleted by our customers, Overloop may also retain and use certain personal information for a reasonable period of time thereafter as necessary to pursue our legitimate business interests, conduct audits, comply with our legal obligations, resolve disputes, and enforce our terms of service.

What third-party services (sub-processors of data) do we use to process your personal information?

Sub-processor Company NameSub-processor AddressScope of ProcessingTypes of Personal DataProcessing locationApplicable transfer mechanism
Meta Platforms, Inc1 Hacker Way Menlo Park, CaliforniaMarketingName, email addressUSData Privacy Framework
Google LLC1600 Amphitheatre Parkway in Mountain View, CaliforniaMarketingName, email addressUSData Privacy Framework
LinkedIn, Inc1000 West Maude Avenue Sunnyvale, CaliforniaMarketingName, email addressUSData Privacy Framework
Zapier, Inc243 Buena Vista Ave, Sunnyvale, CaliforniaMarketingName, email addressUSData Privacy Framework
Amazon Web Services410 Terry Avenue North Seattle, WashingtonIT ServicesAll dataUSData Privacy Framework
BugSnag, Inc110 Sutter St Ste 1000, San Francisco, CaliforniaIT ServicesAll dataUSStandard Contractual Clauses
Cloudfare, Inc101 Townsend Street, San Francisco, CaliforniaIT ServicesAll dataUSData Privacy Framework
Salesforce, Inc (Heroku)Sandyford Business Park, Dublin, IrelandIT ServicesAll dataIrelandN/A
SolarWinds, Inc (Papertrail)1425 Broadway Ste 20-4242, Seattle, WashingtonIT ServicesAll dataUSStandard Contractual Clauses
ActiveCampaign, Inc (Postmark)1 N Dearborn St Fl 5, Chicago, IllinoisIT ServicesAll dataUSData Privacy Framework
Redis Labs, Inc700 E El Camino Real Ste 250, Mountain View, CaliforniaIT ServicesAll dataUSStandard Contractual Clauses, Inc100 California Street, Suite 700, San Francisco, CaliforniaIT ServicesAll dataUSData Privacy Framework
Twilio, Inc375 Beale Street Suite 300 San Francisco, CaliforniaIT ServicesName, email addressUSData Privacy Framework
Hertza, LLC (ZeroBounce)10 E. Yanonali St., Santa Barbara, CaliforniaData validationEmail addressUSData Privacy Framework
Hunter.io2810 N Church St 50754, Wilmington, DelawareData validationName, email addressUSStandard Contractual Clauses
ForestAdmin, Inc.5 Rue Cadet, 75009 Paris, FranceData managementAll dataFranceN/A
IntercomStephen Court, 18-21 Saint Stephen's Green, Dublin, IrelandCustomer SupportName, address, email address, phone numberIrelandN/A
SupportYourApp Limited9th Floor, Amtel Building, 148 Des Voeux Road Central, Central, Hong KongCustomer SupportName, email addressUkraineStandard Contractual Clauses
Pivotal Tracker875 Howard St Fl 5, San Francisco, California,Customer SupportName, email addressUSStandard Contractual Clauses
SatisMeterBoudníkova 3, 180 00 Praha 8-Palmovka, CzechiaCustomer SupportName, email addressCzechiaN/A
Attlasian Corp (Trello)1098 Harrison Street, San Francisco, CaliforniaCustomer SupportName, email addressUSData Privacy Framework, s.r.o2030/20 Lidicka, Brno, 602 00, CzechiaCustomer ExperienceEmailCzechiaN/A
ProfitWell109 Kingston St floor 4, Boston, MassachusetsAnalyticsName, email addressUSStandard Contractual Clauses
Stripe510 Townsend Street San Francisco CaliforniaPayment servicesName, address, email address, phone numberUSData Privacy Framework
Calendly, LLC271 17th St NW Ste 1000, Atlanta, GeorgiaAppointment managerName, email addressUSData Privacy Framework

What are your rights regarding your personal information?

Our Services collect personal information for our customers. As a data processor of this personal information on our customer’s behalf, Overloop has limited ability to access personal information our customers submit to our Services. If you are a data subject for whom a customer has submitted personal information to the Services and would like your information not to be disclosed to a third-party or to be used for a purpose that is materially different from the purpose(s) for which the personal information was originally collected, then you should contact the customer directly.

In order to exercise your rights related to privacy as described hereunder, please contact us at

Right of access/portability

The data subject shall have the right to obtain from the controller confirmation as to whether or not personal data concerning him or her are being processed, and, where that is the case, access to the personal data […] The controller shall provide a copy of the personal data undergoing processing.

As a customer, you have access to your personal information through our website (once logged-in). We also offer a feature that allow to export all your personal data in a structured way whenever you like. You can access it from “Settings” > “Subscription”.

If prospects ask you for their data, you can easily give it to them thanks to our “export” feature on the “prospects” page.

Right to rectification

The data subject shall have the right to obtain from the controller without undue delay the rectification of inaccurate personal data concerning him or her. Taking into account the purposes of the processing, the data subject shall have the right to have incomplete personal data completed, including by means of providing a supplementary statement.

As a customer, you can change your personal data right from our website in “Settings” > “My Profile”.

If a prospect asks you to modify its data, you can do it from the “Prospect Details” page.

Right to be forgotten & Right to object

The data subject shall have the right to obtain from the controller the erasure of personal data concerning him or her without undue delay and the controller shall have the obligation to erase personal data without undue delay.

The data subject shall have the right to obtain from the controller restriction of processing.

As a customer, all your users data is erased within 90 days after you cancel your account.

As a user, you can request the deletion of your data at anytime by sending this completed form at After verification of your identity, a written confirmation of the correct deletion will be given within the next 28 days.

If a prospect asks you to be forgotten, you can blacklist him from the “Prospect Details” page.

Do we use Cookies?

A cookie is a small file placed on a device’s hard drive for recording purposes by a web server. Our Site and our Services may use cookies allowing to recognize the User on her/his subsequent uses of the Site and/or Services and to record the User’s clickstream data for many purposes, including: (i) identifying You when You sign-in to our Site, (ii) delivering content, including advertisements, relevant to Your interest, on our Site or on third-party sites, (iii) improving the quality and the navigation on the Site and/or the use of our Services, (iv) creating new features, functionalities and services, (iii) carrying out traffic and statistical analysis.

We use in particular the following cookies:

  • Cookies allowing to manage the User authentication;

  • Cookies allowing audience and statistical measurements on the Site;

  • Cookies allowing to improve your browsing experience, for example by remembering whether you have clicked on the tooltip so as not to show it the next time;

  • Cookies allowing to follow up your preferences.

You are free to block, delete or disable some or all cookies by changing your cookie preferences in your browser settings. However, please note that if you choose to set your browser in this manner, some areas of our Site and/or our Services may not function properly.

Here are some examples of how to change your browser settings:

For Internet Explorer (7, 8, 9):

  • Tools
  • Internet Options
  • Privacy
  • Set up as you wish

For Chrome:

  • Settings
  • Show advanced settings
  • Privacy
  • Set up as you wish

For Mozilla Firefox:

  • Menu “Tools”
  • Options
  • Tab “Privacy”
  • Set up as you wish

For Safari:

  • Preferences
  • Privacy
  • Set up as you wish

How do we secure your data?

We take the security of the data we manage very seriously and always try to keep our methods up-to-date. We describe in more details the actions we take to keep the data safe in our Security Policy.

Children’s privacy

Our Service does not address anyone under the age of 13 (“Children”). We do not knowingly collect personally identifiable information from children under 13. If you are a parent or guardian and you are aware that your Children has provided us with Personal Information, please contact us. If we become aware that we have collected Personal Information from a children under age 13 without verification of parental consent, we take steps to remove that information from our servers.

Changes to this Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page. You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Additional limits on use of your Google User Data

Overloop’s use of information received, and Overloop’s transfer of information to any other app, from Google APIs will adhere to Google API Services User Data Policy, including the Limited Use requirements.

Contact us

If you have any questions about this Privacy Policy, please contact us by email at