Last updated: May 18, 2026
DrewOS ("DrewOS," "we," "us," or "our") is operated by Outpost Preparedness LLC, a California limited liability company. DrewOS is a customer relationship management (CRM) and workflow automation platform that helps small businesses run their sales, marketing, and customer operations using AI agents.
You can reach our privacy team at drew@drewos.ai.
Name, email address, business name, phone number (optional), and authentication identifiers from our identity provider (Clerk).
Contacts, organizations, deals, pipeline stages, notes, tasks, calendar events, email drafts, and any files you upload to your workspace.
When you authorize DrewOS to connect to a third-party platform (Meta/Facebook, Instagram, Google Workspace, Google Business Profile, LinkedIn, X, YouTube, TikTok, Twilio, Square, etc.), we receive:
We do not access connected-platform data for any purpose other than the workflows you configure in DrewOS.
DrewOS operates a first-party analytics tracker for tenants whose marketing site we host. The tracker stores a randomly generated session identifier in a first-party cookie (no personally identifiable cross-site tracking), captures page views, button clicks, form submissions, and UTM parameters, and stores a salted SHA-256 hash of the visitor's IP address (the raw IP is never persisted). Tracker data is used only to attribute traffic to the tenant whose site is being visited.
We collect server logs, error reports, and rate-limit counters to keep the service running and secure. Logs are retained for up to 30 days.
We do not use your business data, connected-platform content, or contact lists to train any general-purpose AI model, and we do not share your data with third parties for their own marketing.
DrewOS uses Anthropic's Claude API to power agent workflows (drafting emails, classifying replies, summarizing activity, etc.). When an agent processes your data, the relevant content is sent to Anthropic's API under their Commercial Terms. Anthropic does not use Commercial API inputs or outputs to train their models.
We share information only with:
When you close your account or request deletion, we remove your data within 30 days from production systems and within an additional 30 days from backups.
You can:
California residents have additional rights under the CCPA / CPRA, including the right to know what we collect, the right to delete, the right to opt out of "sale" or "sharing" (we do not sell or share personal information as those terms are defined under California law), and the right to non-discrimination. EEA and UK residents have rights under the GDPR / UK GDPR.
To exercise any right, email drew@drewos.ai.
DrewOS uses TLS in transit, encryption at rest for stored secrets (OAuth tokens are encrypted with a per-installation key), and scoped access controls. No system is perfectly secure; we will notify affected users of any material breach as required by law.
DrewOS is operated from the United States. If you access the service from outside the U.S., your information will be transferred to and processed in the U.S.
DrewOS is a business tool. It is not directed to children under 13 and we do not knowingly collect personal information from children under 13. If you believe a child has provided us information, contact us and we will delete it.
We use first-party cookies for authentication (Clerk session cookies) and for the analytics tracker described in §3.4. We do not use third-party advertising cookies on the DrewOS application.
We may update this Policy from time to time. If we make a material change, we will notify you by email or in-app notice. The date at the top of this page reflects the most recent revision.
DrewOS / Outpost Preparedness LLC
San Diego, California, USA
drew@drewos.ai