Overflow Privacy Policy

Last updated: 1/8/25 | Effective: 1/8/25

Our Privacy Philosophy

We built Overflow for conscious entrepreneurs who ask hard questions - including questions about privacy and data use. This policy is written in plain language because we believe transparency means you shouldn't need a law degree to understand what happens to your data.


The short version: We collect only what's publicly visible on social media. You control everything. We never sell your data. AI helps draft messages, but you always approve them before sending. You can delete everything anytime (just ask).

We built Overflow for conscious entrepreneurs who ask hard questions - including questions about privacy and data use. This policy is written in plain language because we believe transparency means you shouldn't need a law degree to understand what happens to your data.


The short version: We collect only what's publicly visible on social media. You control everything. We never sell your data. AI helps draft messages, but you always approve them before sending. You can delete everything anytime (just ask).

We built Overflow for conscious entrepreneurs who ask hard questions - including questions about privacy and data use. This policy is written in plain language because we believe transparency means you shouldn't need a law degree to understand what happens to your data.


The short version: We collect only what's publicly visible on social media. You control everything. We never sell your data. AI helps draft messages, but you always approve them before sending. You can delete everything anytime (just ask).

We built Overflow for conscious entrepreneurs who ask hard questions - including questions about privacy and data use. This policy is written in plain language because we believe transparency means you shouldn't need a law degree to understand what happens to your data.


The short version: We collect only what's publicly visible on social media. You control everything. We never sell your data. AI helps draft messages, but you always approve them before sending. You can delete everything anytime (just ask).

What We Collect

Public Social Media Data

When you create a campaign, Overflow searches Instagram and/or LinkedIn for prospects who match your criteria. We collect:

  • Public profile information (bio, username, profile photo)

  • Public posts and captions

  • Publicly listed followers/following (if relevant to search)

  • Hashtags and location tags

"Public" means: Information visible to anyone without logging in. We never access private accounts, locked profiles, or direct messages.

"Public" means: Information visible to anyone without logging in. We never access private accounts, locked profiles, or direct messages.

"Public" means: Information visible to anyone without logging in. We never access private accounts, locked profiles, or direct messages.

Your Campaign Data:

  • Prospects you select for outreach

  • Messages you create and approve

  • Comments you draft and post

  • Notes you add about prospects

  • Campaign performance (who responded, who booked calls)

Account Information

  • Email address

  • Payment information (processed by Stripe - we never see your full card number)

  • Name and any profile details you provide

Technical Data

  • Browser type and device info

  • IP address

  • How you use Overflow (which features, when)

What We DON'T Collect

Let's be clear about boundaries:

Private messages or DMs (yours or your prospects')

Data from locked/private social media accounts

Your social media passwords or login credentials

Anything behind authentication walls

Data from people who haven't given Overflow permission

How We Use Your Data

To Help You Find Aligned Clients

  • AI analysis: We use AI (Anthropic's Claude) to analyze public profiles and identify values, mission, and alignment signals from bios and posts

  • Message drafting: AI generates personalized message drafts based on prospect profiles

  • Campaign tracking: We track who you contacted, who engaged, who responded

Critical: Nothing sends automatically. You review and approve every message. AI is your assistant, not your autopilot.

To Improve Overflow

  • Understand which features work well (and which don't)

  • Fix bugs and improve performance

  • Develop new features based on how people actually use the platform

To Communicate With You

  • Send campaign notifications

  • Respond to support requests

  • Share product updates (you can opt out)

The AI Question

"Does AI send messages on my behalf?"

No. Never. Here's exactly how it works:

No. Never. Here's exactly how it works:

No. Never. Here's exactly how it works:

  1. Overflow finds prospects matching your criteria

  1. AI drafts personalized messages based on their public profiles

  1. You review, edit, and approve every message

  1. You manually post/send the message yourself

  1. You track responses in your campaign dashboard

"Do you train AI models on my data?"

No. We use Anthropic's Claude API for processing, but we don't use your data to train AI models. Your campaigns, messages, and prospect data stay yours.

"What does the AI see?"

Only what you explicitly put into a campaign: public profile data you're researching and message drafts you're creating.

Who Sees Your Data

You: Full access, always.

You: Full access, always.

You: Full access, always.

You: Full access, always.

Overflow team: Limited access for customer support only.

Overflow team: Limited access for customer support only.

Overflow team: Limited access for customer support only.

Overflow team: Limited access for customer support only.

Service providers we use:

  • Anthropic (Claude AI): Processes prospect data and generates message drafts. Their privacy policy

  • [Your hosting provider]: Stores encrypted data. [Their privacy policy]

Who we DON'T share with:

Advertisers

Data brokers

Marketing companies

Anyone else, ever

We will never sell your data. Period.

Data Retention & Deletion

Campaign data: Stored for 90 days after a campaign ends, then automatically deleted (unless you explicitly save it).

Campaign data: Stored for 90 days after a campaign ends, then automatically deleted (unless you explicitly save it).

Campaign data: Stored for 90 days after a campaign ends, then automatically deleted (unless you explicitly save it).

Campaign data: Stored for 90 days after a campaign ends, then automatically deleted (unless you explicitly save it).

Account data: Kept until you delete your account.

Account data: Kept until you delete your account.

Account data: Kept until you delete your account.

Account data: Kept until you delete your account.

Prospect data: Deleted when the campaign ends (90 days) or when you manually delete it.

Prospect data: Deleted when the campaign ends (90 days) or when you manually delete it.

Prospect data: Deleted when the campaign ends (90 days) or when you manually delete it.

Prospect data: Deleted when the campaign ends (90 days) or when you manually delete it.

How to Delete Your Data

  • Delete a campaign: Go to Campaign Settings → Delete Campaign. All associated data is removed within 7 days.

  • Delete your account: Settings → Delete Account. Everything is permanently deleted within 30 days.

  • Export your data: Settings → Export Data. We'll send you a complete copy of everything we have.

Your Rights

You have the right to:

Access your data anytime (it's all in your dashboard)

Access your data anytime (it's all in your dashboard)

Access your data anytime (it's all in your dashboard)

Access your data anytime (it's all in your dashboard)

Export everything we have about you

Export everything we have about you

Export everything we have about you

Export everything we have about you

Correct inaccurate information

Correct inaccurate information

Correct inaccurate information

Correct inaccurate information

Delete your account and all data

Delete your account and all data

Delete your account and all data

Delete your account and all data

Opt out of marketing emails (unsubscribe link in every email)

Opt out of marketing emails (unsubscribe link in every email)

Opt out of marketing emails (unsubscribe link in every email)

Opt out of marketing emails (unsubscribe link in every email)

Object to data processing (though this means Overflow won't work)

Object to data processing (though this means Overflow won't work)

Object to data processing (though this means Overflow won't work)

Object to data processing (though this means Overflow won't work)

For EU users (GDPR): You have additional rights including data portability and the right to lodge a complaint with your local data protection authority.

For California users (CCPA): You have the right to know what personal information we collect, delete it, and opt out of any "sale" (which we don't do anyway).

Security

We take security seriously:

  • All data is encrypted in transit (HTTPS) and at rest

  • All data is encrypted in transit (HTTPS) and at rest

  • All data is encrypted in transit (HTTPS) and at rest

  • All data is encrypted in transit (HTTPS) and at rest

  • Access to data is limited to essential team members only

  • Access to data is limited to essential team members only

  • Access to data is limited to essential team members only

  • Access to data is limited to essential team members only

  • We use industry-standard security practices

  • We use industry-standard security practices

  • We use industry-standard security practices

  • We use industry-standard security practices

  • Regular security audits

  • Regular security audits

  • Regular security audits

  • Regular security audits

If there's a breach: We'll notify you within 72 hours and explain what happened, what data was affected, and what we're doing about it.

Children's Privacy

Overflow is not intended for anyone under 18. We don't knowingly collect data from children. If we discover we have, we'll delete it immediately.

International Users

Overflow is based in the United States. If you're using Overflow from outside the US, your data may be transferred to and processed in the US. By using Overflow, you consent to this transfer.

We comply with GDPR for EU users and CCPA for California users.

Changes to This Policy

If we make significant changes to this privacy policy, we'll:

  1. Email you at least 30 days before changes take effect

  1. Post a notice in your Overflow dashboard

  1. Update the "Last updated" date at the top of this page

Continued use of Overflow after changes take effect means you accept the updated policy.

Questions? We're Here.

We know privacy matters to you. If you have questions, concerns, or just want to understand something better:

Email us: joseph@overflowthrive.com

Response time: Within 2 business days

The Bottom Line

Your data is yours. We collect only what's publicly available and what you explicitly create in campaigns. You control everything. AI helps you work faster, but you're always in charge. We never sell your data. You can delete everything anytime.

If something in this policy doesn't make sense or feels off, please tell us. We built Overflow for people who ask hard questions, and we want to earn your trust.

Overflow

OverflowThrive.com

OverflowThrive.com

© 2025 Overflow. Stop marketing. Start connecting.

© 2025 Overflow. Stop marketing. Start connecting.