START FREE TRIAL
START FREE TRIAL

Privacy Policy & Terms of Use

Last Updated: 01Feb2026

Onspot Social (“we,” “our,” “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, share, and protect personal information when you visit our website, use our services, or interact with us in any way.

This Privacy Policy is designed to comply with the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA/CPRA), and all applicable U.S. state privacy laws, including those in Virginia, Colorado, Connecticut, Utah, Texas, Montana, Oregon, and Tennessee, as well as relevant federal privacy regulations.

By accessing our website or using our services, you acknowledge this Privacy Policy.

This Privacy Policy applies to Onspot Social (“the Company”).

Onspot Social acts as the data controller for personal information collected through our website and marketing activities.

For full contact information, see the Contact Us section of this privacy policy.

We collect personal information in several ways, depending on how you interact with our website and services.

A. Information You Provide Directly

This includes information you submit:

  • Contact forms
  • Newsletter signups
  • Calendly scheduling
  • Event registrations
  • Uploaded files
  • Email correspondence
  • Business inquiries 

Examples include your name, email, phone number, company name, and any information you choose to share with us.

B. Information Collected Automatically

When you visit our website, we automatically collect:

  • IP address
  • Device identifiers
  • Browser and operating system
  • Website interactions
  • Scroll depth, click events, session recordings
  • Heatmaps and engagement metrics (Plerdy or Clarity)
  • Referring URLs
  • Pages viewed
  • Time on site
  • Cookies and similar technologies 

Collected through tools such as GA4, GTM, Meta Pixel, LinkedIn Insight Tag, Bing UET, Plerdy, and Clarity.

C. Advertising & Audience Data

If you interact with our digital ads, we may receive:

  • Conversion events
  • Retargeting identifiers
  • Ad engagement data
  • Interest-based categories
  • Matched or custom audience segments 

From advertising platforms including Google Ads, Meta Ads, LinkedIn Ads, and Microsoft Advertising.

D. CRM & Client Data

If you engage with us as a client or prospect, we may store:

  • Contact details
  • Company and project information
  • Meeting notes
  • Communications
  • Files or documents provided

E. System & Storage Information

Personal information may be stored or processed in secure cloud-based systems, including analytics platforms, data warehousing systems, and CRM tools that support our business operations.

F. Sensitive Personal Information

Onspot Social does not intentionally collect or process sensitive personal information as defined under the GDPR or CPRA.

We use personal information for the following purposes:

A. Service Delivery and Operations

  • To operate, maintain, and improve our website and digital services
  • To respond to inquiries and communicate with you
  • To schedule meetings and manage appointments
  • To provide and deliver our marketing and advertising services
  • To fulfill contractual obligations with clients and partners

B. Analytics, Personalization, and Experience Improvement

  • To analyze website usage and measure performance
  • To understand how visitors interact with our content
  • To personalize your experience on our website
  • To develop new services and improve our offerings

C. Advertising, Marketing, and Retargeting

  • To run digital advertising campaigns
  • To measure campaign performance
  • To create custom and lookalike audiences
  • To perform retargeting and interest-based advertising
  • To send marketing emails or newsletters (with your consent where required)

D. Security, Safety, and Abuse Prevention

  • To detect, prevent, and respond to fraud or security threats
  • To protect our website, systems, and users
  • To maintain the integrity of our services

E. Legal, Regulatory, and Compliance Purposes

  • To comply with applicable laws, regulations, and legal obligations
  • To establish, exercise, or defend legal claims
  • To maintain appropriate business and financial records

F. Other Purposes With Your Consent

Where required by law, we may use personal information for additional purposes with your explicit consent.

If you are located in the European Economic Area (EEA) or the United Kingdom, we process your personal data under the following legal bases:

A. Contract – GDPR Article 6(1)(b)

We process personal data as necessary to:

  • Respond to inquiries
  • Provide our services
  • Communicate with clients and prospects
  • Manage appointments and scheduling
  • Perform contract-related obligation

B. Legitimate Interests – GDPR Article 6(1)(f)

We process personal data to pursue our legitimate interests, including:

  • Operating, maintaining, and improving our website
  • Performing analytics and measuring website performance
  • Marketing and business development
  • Creating advertising audiences and measuring ad performance
  • Retargeting and interest-based advertising
  • Preventing fraud and maintaining security
  • Managing CRM records
  • Improving our services and user experience

We balance our legitimate interests with your privacy rights and freedoms.
 You have the right to object to processing based on legitimate interests.

C. Consent – GDPR Article 6(1)(a)

We rely on consent for:

  • Non-essential cookies and similar technologies
  • Retargeting and ad personalization where required
  • Sending marketing emails to users in the EEA/UK
  • Collecting analytics data that requires prior consent

You may withdraw your consent at any time through our Cookie Management Platform or by contacting us.

D. Legal Obligations – GDPR Article 6(1)(c)

We process personal data to:

  • Comply with tax, accounting, and financial laws
  • Respond to lawful requests and legal processes
  • Maintain compliance and proper business records

E. Automated Processing & Profiling

Onspot Social does not make decisions based solely on automated processing that produce legal or similarly significant effects under GDPR Article 22.

However, we do use:

  • Interest-based categories
  • Retargeting
  • Lookalike audiences
  • Advertising segmentation
  • Analytics and performance modeling

These are used only for marketing and measurement purposes and do not produce legal effects.

We share personal information only as described in this Privacy Policy and only for legitimate business purposes, service delivery, advertising, or legal compliance.

A. Service Providers (Processors)

We share personal information with third-party vendors who process data on our behalf (“processors”) to support our operations, including:

  • Website hosting and cloud storage
  • Email service providers
  • Customer relationship management (CRM) tools
  • Scheduling tools
  • Analytics and measurement services
  • Security and fraud prevention services

These processors are contractually bound under GDPR Article 28 to use personal data only as instructed by Onspot Social.

B. Advertising and Marketing Partners

We share personal information with advertising platforms who act as independent controllers, including:

  • Google Ads (if applicable)
  • Meta  (if applicable)
  • LinkedIn (if applicable)
  • Microsoft Advertising (if applicable)

We share limited personal information (e.g., cookie identifiers, device IDs, hashed emails where applicable) to:

  • deliver and measure advertising
  • create custom or lookalike audiences
  • perform retargeting
  • improve ad performance

Under California law (CPRA), this constitutes “sharing” for cross-context behavioral advertising.”

Users may opt out at any time.

C. Analytics Providers

We share usage and device data with analytics services such as:

  • Google Analytics
  • Plerdy (if applicable)
  • Microsoft Clarity (if applicable)

These tools help us understand site performance and user behavior.

D. Business Operations and CRM Integrations

We may share necessary personal information with:

  • Infusionsoft
  • Calendly (scheduling)
  • Email and ticketing systems
  • Payment processors (if applicable)

E. Legal, Compliance, and Protection

We may disclose personal information:

  • to comply with legal obligations
  • to respond to lawful requests from authorities
  • to protect the rights, property, and safety of Onspot Social, our users, or others
  • to detect, investigate, or prevent fraud or security incidents

F. Mergers or Corporate Transactions

If Onspot Social undergoes an acquisition, merger, or asset sale, personal information may be transferred as part of that event, in compliance with applicable privacy laws.

G. No Sale of Personal Information

Onspot Social does not sell personal information for monetary consideration.

We may “share” personal information for advertising purposes as defined under CPRA, but we do not sell data.

We use cookies and similar tracking technologies to:

  • Ensure the website functions
  • Understand how users interact with the site
  • Personalize experiences
  • Enable advertising and retargeting
  • Measure campaign performance

Where required by law (GDPR, UK GDPR, and certain U.S. states), we do not load non-essential cookies until you provide consent.

Cookie Declaration (CMP Reference)

We use a Cookie Management Platform (CMP) that provides a complete, automatically updated Cookie Declaration. This declaration lists every cookie and similar technology used on our site, along with its provider, purpose, duration, and category. You can view or update your cookie preferences at any time through our CMP, which also allows you to withdraw consent for non-essential cookies whenever you choose.

We do not sell personal information for monetary consideration.
However, we may share personal information for the purpose of cross-context behavioral advertising as defined under the California Privacy Rights Act (CPRA). This may include sharing identifiers or device data with advertising partners to support retargeting, audience creation, and campaign measurement.

You may opt out of this type of sharing at any time through:

  • Our “Do Not Sell or Share My Personal Information” link
  • Our Cookie Management Platform (CMP)
  • Browser-level opt-out signals such as Global Privacy Control (GPC)

We honor applicable opt-out preferences as required under California and other U.S. state privacy laws.

Depending on where you live, you may have certain rights regarding your personal information. These rights may include:

  • Access – You may request a copy of the personal information we hold about you.
  • Correction – You may request that we correct inaccurate or incomplete information.
  • Deletion – You may request that we delete your personal information, subject to certain exceptions.
  • Portability – You may request a copy of your information in a portable format.
  • Restriction or Objection – Where applicable, you may request that we limit or stop certain types of processing.
  • Withdraw Consent – If we rely on consent, you may withdraw it at any time.
  • Opt Out of Sale/Sharing or Targeted Advertising – You may opt out of the use of your information for targeted advertising or retargeting.
  • Right to Appeal – For certain U.S. states, you may appeal a decision if we deny a rights request.

To exercise these rights, please contact us using the details provided in the Contact Us section of this privacy policy. We may need to verify your identity before processing your request.

We retain personal information only for as long as necessary to:

  • Provide our services and operate our business
  • Fulfill the purposes described in this Privacy Policy
  • Comply with legal, tax, and regulatory requirements
  • Resolve disputes and enforce our agreements

Retention periods may vary depending on the type of data and how it is used. When personal information is no longer needed, we securely delete or anonymize it in accordance with applicable laws and our internal policies.

You may opt out of the use of your personal information for targeted or cross-context behavioral advertising at any time. Options include:

  • Using our “Do Not Sell or Share My Personal Information” link
  • Updating your preferences in our Cookie Management Platform (CMP)
  • Enabling browser-level signals such as Global Privacy Control (GPC)
  • Adjusting ad settings on individual platforms (e.g., Google, Meta, LinkedIn)

We honor valid opt-out requests and recognized opt-out signals as required under the CPRA and other applicable U.S. state privacy laws.

Because Onspot Social operates in the United States, personal information may be transferred from your location to the U.S. or other countries that may have different data protection laws than your home jurisdiction.

When we transfer personal data from the European Economic Area (EEA), the United Kingdom, or other regions with data transfer restrictions, we use lawful safeguards such as:

  • Standard Contractual Clauses (SCCs) approved by the European Commission or UK authorities
  • Data Processing Agreements with our service providers
  • Supplementary measures where required
  • Transfers to providers certified under recognized transfer mechanisms, where applicable

These safeguards are designed to ensure your personal information receives a level of protection consistent with applicable laws.

If you would like more information about our data transfer mechanisms, please contact us using the details in the Contact Us section of this privacy policy.

We take reasonable technical and organizational measures to protect your personal information. This includes encryption, access controls, system monitoring, and trained personnel. While no method of transmission or storage is completely secure, we work to protect your information and maintain appropriate safeguards.

Our website and services are not directed to children under 13, and we do not knowingly collect personal information from children under 13. If we learn that we have collected information from a child in violation of applicable laws such as COPPA, we will delete it as soon as possible. If you believe a child has provided us with personal information, please contact us using the details in the Contact Us section of this privacy policy.

If you have questions about this Privacy Policy, our data practices, or wish to exercise your privacy rights, you can contact us at:

Onspot Social
2053 Sturbridge Dr, Jamison, PA 18929
 Email: info@onspotsocial.com

We will respond to your request as required by applicable privacy laws.

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, or legal requirements. When we make updates, we will revise the “Last Updated” date at the top of this page. Significant changes will be posted on our website or communicated directly when required by law.

Your continued use of our website or services after any updates means you acknowledge the revised Privacy Policy.

This section applies to California residents under the California Consumer Privacy Act (CCPA/CPRA).

Categories of Personal Information We Collect

We collect the following categories of personal information:

  • Identifiers (name, email, IP address)
  • Internet or device activity (pages viewed, interactions, referring pages)
  • Commercial information (inquiries, purchases, subscriptions)
  • Inferences (preferences or interests)
  • Professional or business information (if provided)

We collect this information for the business purposes described in our Privacy Policy.

Sale or Sharing of Personal Information

We do not “sell” personal information for money.

We may “share” personal information for cross-context behavioral advertising (for example, through Meta, Google, LinkedIn, or other ad platforms).

You may opt out at any time through our “Do Not Sell or Share My Personal Information” link or through our CMP.

Your CPRA Rights

California residents have the right to:

  • Know what personal information we collect
  • Receive a copy of personal information
  • Delete personal information
  • Correct inaccurate personal information
  • Opt out of the sale or sharing of personal information
  • Limit the use of sensitive personal information (we do not use sensitive data in a way that triggers this right)
  • Be free from discrimination for exercising these rights

Submitting CPRA Requests

You may submit requests through:

We will verify your identity before fulfilling your request.

This section applies to residents of states with privacy laws, including Virginia, Colorado, Connecticut, Utah, Texas, Oregon, Montana, and Tennessee.

Your State Privacy Rights

Depending on your location, you may have the right to:

  • Access the personal information we hold
  • Delete personal information
  • Correct personal information
  • Obtain a copy of your personal information in a portable format
  • Opt out of targeted advertising
  • Opt out of the sale of personal data (we do not sell data for money)
  • Opt out of profiling in furtherance of decisions that produce legal or similarly significant effects (we do not engage in this)

How to Submit a Rights Request

You can submit a request via:

If we deny your rights request, you may submit an appeal by replying to our decision or contacting us at:

Onspot Social
2053 Sturbridge Dr, Jamison, PA 18929
info@onspotsocial.com

We will provide a written response explaining the outcome of your appeal.

Privacy Policy & Terms of Use

OnSpot Social LLC, the makers of OnSpot Social, takes your right to privacy seriously and wants you to feel comfortable using this application. This privacy policy deals with personal information (“Data”) that may be collected by OnSpot Social (“App”). This policy does not apply to other entities that are not owned or controlled by the App or that are not under the App’s control. Please take time to read this app’s Terms of Use.

Collection of Data

This app collects minimal data about its users. When logging into a third party site such as Facebook or Twitter the app does not store any login information provided by each party. No passwords are stored within the app. As with many apps, the app may also record information about your device such as make, model, unique identifier and IP address. However unlikely, this information could render you personally identifiable but will not be displayed on any web site, application or any other media. In order to best serve our customers and properly maintain client accounts, we may collect minimal information, such as name, email and IP address, when customer service is contacted, particularly but not limited to utilization of our Contact Us form.  This information is only used for internal OnSpot Social usage reports and customer service and will never be shared with outside parties.

Use of Data

Data may be used to customize and improve your user experience on this app. Efforts will be made to prevent your data from being made available to third parties unless (i) provided for otherwise in this Privacy Policy; (ii) your consent is obtained, such as when you choose to opt-in or opt-out for the sharing of data; (iii) a service provided on our app requires interaction with a third party, or is provided by a third party, such as an application service provider; (iv) pursuant to legal action or law enforcement; (v) it is found that your use of this app violates the app’s policy, terms of service, or other usage guidelines, or if it is deemed reasonably necessary by the app developer to protect the app developer’s legal rights and/or property; or (vi) this app is purchased by a third party, in which case that third party will be able to use the data in the same manner as set forth in this policy. In the event you choose to use links displayed on this app to visit other applications and web sites, you are advised to read the privacy policies published on those sites.

No Guarantees

While this privacy policy states standards for maintenance of data, and while efforts will be made to meet the said standards, the app developer is not in a position to guarantee compliance with these standards. There may be factors beyond the app developer’s control that may result in disclosure of data. Consequently, the app developer offers no warranties or representations as regards maintenance or non-disclosure of data.

Account Creation

Upon creation of an OnSpot Social account, you are agreeing to the stated Terms of Use. Also, by creating an OnSpot Social account, you are agreeing to receive emails from OnSpot Social which relate to your account, subscriptions, and OnSpot Social in general. At any time you have the right to opt-out of receiving email communication from OnSpot Social.

 

GDPR Compliance

What is GDPR?

GDPR stands for General Data Protection Regulation, which is a set of legal guidelines for collection and use of personal data for people who live in the EU (European Union).   The GDPR regulations center around Transparency, Fairness and Lawfulness.  The regulations are in place for EU residents as a means of protection.

How is OnSpot Social GDPR Compliant?

Transparency and Lawful Use Of Data:  Our privacy policy, lawful use of data, and privacy policies are laid out clearly and precisely in our Terms and Conditions. Changes and updates may be made to this policy from time to time. You will be notified of substantial changes to this policy via a posting of a prominent announcement on the app and/or the OnSpot Social web site: www.onspotsocial.com. You may also check this page periodically for any changes in policy.

 

Data Security:  OnSpot Social takes steps to stay compliant with GDPR guidelines.  In compliance with GDPR guidelines, any collected data is encrypted for protection.

 

OnSpot Social team members/employees are informed and trained to follow internal security policies and are made aware of best practices involving data security.  In the event of a data breach, clients and the proper authorities are promptly contacted and made aware of the breach.

 

Further, the app is set up to be compliant with affirmative opt-in guidelines per the below:

  • While collecting contact information from users, OnSpot Social clients can use multiple choice questions to confirm opt-in from their customers.
  • The Terms and Conditions question feature, as well as signature capture option, can be set up to align with opt-in requirements.
  •  

All data collected by an OnSpot Social client, via the app, is able to be accessed and deleted by the client at any time.

 

Accountability: Our GDPR Data Protection Officer is responsible for overseeing adherence to GDPR policies company-wide and actively ensures compliance.  Employees are regularly updated and informed about GDPR policy and compliance measures.

 

Privacy:  Customers can contact us at any time to retrieve any and all personal data we have collected. A copy of their data is able to be sent in a document format that is easily transferred or reproduced, per request.  Data is also deleted upon request, typically by the end of the business day.

 

The data collected by OnSpot Social clients, through the app, is completely owned by the client and not shared or sold to any other parties.  Clients are in control of their collected data and any user permissions.  Collected data can be easily deleted by the client via their admin account.

Contact Information and Opting Out

If you have any questions about this policy or about this app, or you would like to opt out of our email list, please contact us.
On ads served by AdRoll for our advertisers, look for an AdChoices logo (the blue triangle) in the corner of the ad. Click the logo to learn more about interest-based advertising, who served the ad, and manage your ad options. You can also opt out of seeing personalized ads from AdRoll (and other companies) using the NAI opt out tool here. Please note you will still see ads even if you opt out, but they will not be personalized by AdRoll.

START FREE TRIAL