Reachly ("we", "us", or "our") operates the Reachly Chrome extension and website at reachly.pages.dev. This Privacy Policy explains how we collect, use, and protect information when you use our services.
Account information: When you create an account, we collect your email address and a hashed version of your password (via Supabase Auth — your password is never stored in plaintext).
Usage data: We log email lookup queries (name, company/domain, and the result) to power credit tracking, abuse prevention, and service analytics. This data is tied to your account.
Extension storage: The extension stores your credit balance, lookup history, and saved contacts locally in your browser via chrome.storage.local. This data never leaves your device unless you are signed in, in which case it is synced to your account.
Payment information: Payments are processed by Stripe. We never store your credit card number. We store only your Stripe Customer ID to manage your subscription.
We do not sell your personal data to third parties. We do not use your data to train AI models.
Your account data is stored on Supabase (PostgreSQL), hosted on AWS in the US East region. Email caching is stored on Cloudflare's global edge network. All data is encrypted at rest and in transit (TLS).
Row-level security (RLS) policies ensure that users can only access their own data. Our backend uses a service role key that is never exposed to the client.
Reachly finds and verifies email addresses of third parties (people you search for) from publicly available sources and pattern generation. We do not claim ownership of this data. You are responsible for using any discovered email addresses in compliance with applicable anti-spam laws (CAN-SPAM, GDPR, etc.).
We cache verified email results to reduce costs and improve speed. Cached results are automatically expired after 7–30 days depending on verification status.
We use the following third-party services that may process data on our behalf:
Our website uses localStorage to store your Supabase authentication session. We do not use advertising or tracking cookies. We do not use Google Analytics or any behavioral tracking services.
You may request to access, correct, or delete your account data at any time by emailing htwiggs29@gcds.net. Account deletion removes all stored lookup history, saved contacts, and personal data within 30 days.
Reachly is not directed at children under 13. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us immediately.
We may update this Privacy Policy from time to time. We will notify registered users of material changes via email. Continued use of the service after changes constitutes acceptance of the updated policy.
If you have any questions about this Privacy Policy, please contact us at htwiggs29@gcds.net.
© 2026 Reachly. All rights reserved.