Resupply
Log inGet started

Legal

Privacy Policy

Effective June 12, 2026

What we are

Resupply is a managed cold-email outreach platform. Customers import their own lead lists, configure an AI agent to draft outreach emails, review and approve those drafts, and send them from their own domain. We process lead data on behalf of our customers (the businesses who pay for the service), not on behalf of the recipients of those emails.

Information we collect

Account data. When a workspace is provisioned we store your name, email address, and a hashed password. We do not store payment card details (billing is handled by our payment processor).

Lead data. You import business records (name, email address, website, location) into Resupply. We store this data to power enrichment, draft generation, and the send pipeline. You own this data and can delete it at any time.

Enrichment data. We scrape publicly available pages on each lead's website to extract business signals used to personalize outreach. We do not scrape authenticated or paywalled content.

Email engagement data. Delivery, open, click, bounce, and complaint events are reported back to us by Resend (our email infrastructure provider) via webhook. We store these events to power your engagement dashboard and to suppress bounced or complained addresses automatically.

Usage and audit data. We log in-app actions (drafts approved, domains configured, etc.) for security and operational purposes.

How we use information

We use the information we collect to operate the service: to enrich leads, generate draft emails, route them through your approval queue, send them from your domain, and report engagement back to you. We do not sell your data or your leads' data to third parties. We do not use your leads' data to train AI models.

Email recipients (lead contacts)

If you received an email sent through Resupply and want to stop receiving further emails, click the unsubscribe link included in every message. Your address will be suppressed immediately and no further emails will be sent to it by the customer who contacted you. If you have concerns about why you were contacted, please reply directly to the email or contact the sender.

Data retention

Lead records and associated drafts are retained for the life of your account. You can delete individual leads or entire import batches from the dashboard at any time. When you close your account, all associated data is deleted within 30 days.

Sub-processors and third parties

We use the following sub-processors to operate the service:

  • Neon — cloud Postgres database (stores all application data)
  • Resend — email delivery infrastructure (sends emails on your behalf)
  • Anthropic — AI model provider (generates email drafts from lead data)
  • Vercel — application hosting

Security

All data is encrypted in transit (TLS) and at rest. Passwords are hashed with bcrypt before storage. Tenant data is isolated at the application layer: every database query is scoped to the authenticated customer and we do not expose cross-tenant data.

Contact

Questions about this policy or requests to delete your data: email us at privacy@resupply.net.