This Privacy Policy explains how Corstrate SASU, a French société par actions simplifiée unipersonnelle (SIREN 847766136), registered office 20 chemin des Yvelines, 06530 Peymeinade, France (“Corstrate”, “we”, “us”), processes personal data in connection with the Corstrate Email Tool — a targeted B2B outreach service that sends personalised emails from a connected business mailbox and tracks the responses.
Data controller. For the personal data processed through the Corstrate Email Tool, Corstrate acts as the data controller within the meaning of the EU General Data Protection Regulation (GDPR): we determine the purposes and means of the processing and we are responsible for compliance with applicable data-protection law. This allocation of responsibility is set out in our contracts with clients.
Contact for any privacy matter: ijelassi@corstrate.com. Data Protection Officer: Imen Jelassi (ijelassi@corstrate.com).
This policy covers the data processed when an operator connects a business mailbox to the Corstrate Email Tool via OAuth — either Microsoft 365 (Microsoft Graph) or Google Workspace (Gmail API) — and when the tool conducts outreach. It does not cover third-party websites or services linked from our pages.
| Data | Purpose |
|---|---|
| Outbound email content (subject, body, recipient) | Sending the personalised outreach and follow-ups |
| Inbound reply metadata (sender, subject, internet message ID, headers) | Matching a reply to the originating outreach |
| Inbound reply content — first ~1,000 characters, stripped of HTML | Showing the operator a reply summary |
| Bounce notification details (recipient address, error code) | Marking a recipient undeliverable and stopping further sends |
| Out-of-office notifications | Pausing outreach to that recipient until a later date |
| Signed-in user profile (display name, email address) | Identifying the operator’s mailbox during authentication |
The Corstrate platform stores derived data (sender address, message ID, classification, reply excerpt) — not a full copy of the mailbox. Full email content remains in the provider’s storage at all times.
To run B2B outreach we process business-context personal data of the prospects contacted: name, professional email address, job title, employer/company, and publicly available professional information (e.g. LinkedIn profile, company website). We do not process special categories of personal data.
Access is per-user and delegated; it is limited to the mailbox of the operator who signs in and consents. There is no tenant-wide, cross-mailbox or administrative access.
| Scope | Purpose |
|---|---|
Mail.Send | Send outreach from the operator’s mailbox |
Mail.ReadWrite | Read inbound replies to classify them; move bounce/out-of-office messages into sub-folders. No email is deleted or forwarded outside the mailbox. |
User.Read | Read the signed-in user’s basic profile during sign-in |
offline_access | Refresh the access token so the operator need not re-authenticate every hour |
| Scope | Purpose |
|---|---|
gmail.send | Send outreach from the operator’s mailbox |
gmail.modify | Read inbound replies to classify them and organise bounce/out-of-office messages into labels. Includes read access; no email is deleted. |
Every outreach email identifies the sender and offers a clear way to opt out. We do not use the data for advertising profiling or automated decision-making producing legal effects.
All persistent processing by Corstrate takes place within the European Union. We use the following sub-processors:
| Sub-processor | Role | Region |
|---|---|---|
| OVH SAS | Primary hosting (database & backend) | Roubaix, France 🇫🇷 |
| Scaleway | Encrypted backup storage | Paris, France 🇫🇷 |
| Teable (Community Edition, self-hosted by Corstrate) | Operational database (PostgreSQL) | Roubaix, France 🇫🇷 |
| Cloudflare, Inc. | CDN / edge routing / web hosting — TLS termination only, no email content stored at the edge | Global edge, EU routing preference |
| Microsoft Corporation | Microsoft Graph API (mailbox access) | The client tenant’s own data residency |
| Google LLC | Gmail API (mailbox access) | The client’s Google Workspace data residency |
Mailbox content itself remains in the client’s Microsoft 365 / Google Workspace storage. Corstrate stores only the derived data described in §3.
Persistent storage is in the EU (France). Where a sub-processor is US-headquartered (Cloudflare, Microsoft, Google), processing occurs under that provider’s GDPR commitments and EU data-residency / Standard Contractual Clauses frameworks. The Cloudflare edge performs TLS termination only and does not persistently store mailbox content.
| Data | Retention |
|---|---|
| Outreach campaign data (sent metadata, reply summaries, tracker history) | For the duration of the engagement; deleted on request |
| Encrypted daily backups (Scaleway) | 1 year, then automatic deletion |
| Operational logs | 30 days, then automatic rotation |
| OAuth refresh tokens (operator’s device Keychain) | Until access is revoked |
Specifically, data obtained through Google Workspace (Gmail) APIs is used only to provide and improve the user-facing outreach features described in this policy. It is never sold, never used for advertising, and never used to train generalised AI/ML models. Human access to this data occurs only where strictly necessary for security, to comply with law, or with the user’s consent.
As the data controller, Corstrate handles requests directly. Subject to applicable law, you may request access to, rectification or erasure of your personal data, restriction of or objection to processing, and data portability. To exercise these rights, or to opt out of outreach, contact ijelassi@corstrate.com. You also have the right to lodge a complaint with your supervisory authority (in France, the CNIL).
A connected mailbox can be disconnected at any time: Microsoft 365 users via myapps.microsoft.com → remove “Corstrate Email Tool”, or by a tenant admin in Entra ID → Enterprise Applications; Google users via Google Account → Security → Third-party access, or by a Workspace admin. Access ends on the next token refresh.
We may update this policy; the “Last updated” date above reflects the latest version. Material changes will be communicated to clients.