Privacy Policy

Last updated: March 9, 2026

At DealBird, we take your privacy seriously. We want you to feel confident that your data, and the data of the brands you work with, is safe.

1. Information We Collect

Account Information: When you create an account via Google sign-in, we collect your name, email address, and profile picture.

Financial Information: For processing payments through Stripe, we collect your bank details securely. We do not store full credit card numbers.

Proposal Data: We store the content of your proposals, including deliverables, pricing, and the names/emails of brand contacts you share pitches with.

2. Gmail Integration & Google User Data

DealBird offers an optional Gmail integration for outreach campaigns. When you choose to connect your Gmail account, we request the following permissions:

  • Send emails on your behalf (gmail.send) — Used exclusively to send outreach emails that you create and approve through DealBird campaigns.
  • Read email metadata (gmail.readonly) — Used solely to detect replies to outreach emails you sent through DealBird. We only check the “From” header of messages within Gmail threads initiated by DealBird. We do not read, scan, index, or store the content of your personal emails.
  • View your email address (userinfo.email) — Used to identify which Gmail account is being connected.

What we store: We store your Gmail OAuth access token and refresh token (encrypted) to send emails and check for replies on your behalf. We also store the Gmail thread ID and message ID of emails sent through DealBird for reply tracking purposes.

What we do NOT do with your Gmail data:

  • We do not read, scan, or store the content of your personal emails
  • We do not use Gmail data for advertising purposes
  • We do not use Gmail data to train machine learning or AI models
  • We do not sell, rent, or share your Gmail data with third parties
  • We do not use Gmail data for any purpose other than sending your outreach emails and detecting replies

Disconnecting Gmail: You can disconnect your Gmail account at any time from the Settings page. When disconnected, we delete your stored OAuth tokens. Previously sent email records (subject, recipient, status) are retained as part of your campaign history.

3. How We Use Your Information

We use the data we collect solely to provide the DealBird service to you. This includes generating documents, sending email reminders to brands, sending outreach emails via your connected Gmail, detecting replies to outreach, processing payments, and providing customer support.

We do not, and will never, sell your client list or pricing data to third parties. Your deals are your business.

4. Data Tracking & Analytics

We track user behavior within DealBird to improve our product. As a feature, we track IP addresses and timestamps when brands open your proposals or outreach emails to provide you with read receipts and analytics.

5. Data Sharing

We do not sell your personal information. We share data only with the following service providers as necessary to operate DealBird:

  • Stripe — payment processing
  • Google — authentication and Gmail integration (using your authorized OAuth tokens)
  • Resend — transactional email delivery (invoice reminders, proposal notifications)
  • Vercel — application hosting
  • Neon — database hosting

6. Security

We implement industry-standard security measures including HTTPS encryption, secure OAuth token storage, HMAC-signed authentication parameters, and timing-safe comparisons to protect your personal information and documents.

7. Data Retention

Your account data is retained as long as your account is active. Gmail OAuth tokens are stored until you disconnect your Gmail account. Upon account deletion, all associated data is permanently removed within 30 days.

8. Google API Services User Data Policy

DealBird's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Gmail data to provide and improve user-facing features that are visible and apparent to you.
  • We do not transfer Gmail data to third parties except as necessary to provide the service, comply with applicable laws, or as part of a merger/acquisition with prior notice to users.
  • We do not use Gmail data for serving advertisements.
  • We do not allow humans to read your Gmail data unless you provide affirmative consent, it is necessary for security purposes, to comply with applicable law, or the data is aggregated and anonymized for internal operations.

9. Your Rights

You have the right to:

  • Access your personal data
  • Correct inaccurate data
  • Delete your account and all associated data
  • Disconnect Gmail and revoke access at any time
  • Export your data

10. Children's Privacy

DealBird is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the “Last updated” date.

If you have any questions about this Privacy Policy, please contact us at privacy@dealbird.ai.