Legal
Privacy Policy
Last updated July 11, 2026
Introduction
This Privacy Notice for SpringOS ("we," "us," or "our") describes how and why we might access, collect, store, use, and/or share ("process") your personal information when you use SpringOS and related services ("Services"), including when you visit our website at https://springos.co or any website of ours that links to this Privacy Notice, create an account, use embeddable widgets, or engage with us in other related ways (including support, marketing, or events).
Questions or concerns? Reading this Privacy Notice will help you understand your privacy rights and choices. We are responsible for making decisions about how your personal information is processed. If you do not agree with our policies and practices, please do not use our Services. If you still have questions or concerns, contact us at support.springos@gmail.com.
Summary of key points
This summary highlights key points from our Privacy Notice. See the full sections below for details.
- What personal information do we process? We process information you provide (account details, business profile, customer records you upload, messages, and payment-related data) and limited technical data (cookies, logs, and security signals). See Section 1.
- Do we process sensitive personal information? We do not intentionally collect sensitive categories such as racial or ethnic origin, sexual orientation, or religious beliefs.
- Do we collect information from third parties? We do not buy personal information lists. We receive limited data from service providers that help us run the Services (for example, payment confirmation from Stripe).
- How do we process your information? To provide the CRM, widgets, billing, support, security, and AI-assisted features you use. See Section 2.
- When do we share personal information? With service providers under contract, when required by law, or during a business transfer. We do not sell your personal information. See Section 3.
- How do we keep your information safe? We use technical and organizational safeguards, but no online system is 100% secure. See Section 6.
- What are your rights? Depending on where you live, you may have rights to access, correct, delete, or limit certain processing. See Sections 8 and 10.
- How do you exercise your rights? Visit springos.co/settings/account (account owners) or contact us at support.springos@gmail.com.
1. What information do we collect?
Personal information you disclose to us
In Short: We collect personal information that you provide to us.
We collect personal information you voluntarily provide when you register, subscribe, use dashboard features, submit forms, embed widgets on your website, contact support, or otherwise interact with the Services.
Personal information we may collect includes:
- Names, phone numbers, email addresses, and mailing or service addresses
- Business and company information (business name, logo, services, pricing)
- Account credentials (username/email and password — stored using secure hashing)
- Contact preferences and communication content (support tickets, messages, SMS threads)
- Customer and job data you enter or import into the CRM (your end-customer records)
- Job photos and files you upload (for example, before/after images)
- Billing contact details; payment card data is handled by Stripe, not stored on our servers
Sensitive information: We do not intentionally process sensitive personal information.
Payment data
If you purchase a subscription or credit pack, payment data (such as card number and security code) is collected and processed directly by Stripe. See Stripe's privacy notice at https://stripe.com/privacy.
Information automatically collected
In Short: Some information is collected automatically when you use the Services.
We automatically collect limited technical and usage information, including:
- Log and device data (IP address, browser type, operating system, pages viewed, timestamps, and referring URLs)
- Authentication and security data (session identifiers, login events, and bot-protection signals)
- Cookie and similar technology data (see Section 1a below)
- Error, performance, and diagnostic data needed to operate and secure the platform
We do not use third-party advertising trackers or sell browsing profiles. We do not embed Google Analytics or similar ad-measurement pixels on springos.co.
1a. Cookies and similar technologies
We use cookies and similar technologies that are necessary to operate the Services, keep you signed in, protect accounts, and remember basic preferences.
| Type | Purpose | Examples |
|---|---|---|
| Essential / session | Authentication, security, and account access | Better Auth session cookies for dashboard login; separate session cookies for admin, employee, and affiliate portals when applicable |
| Security | Fraud and abuse prevention on public forms | Cloudflare Turnstile on signup, login, and selected public forms |
| Third-party checkout | Payment processing on Stripe-hosted pages | Cookies set by Stripe during checkout (on stripe.com domains) |
You can control cookies through your browser settings. Blocking essential cookies may prevent you from logging in or using core features. We do not currently operate a separate marketing cookie preference center because we do not use non-essential advertising cookies on our marketing site.
Information from your use of maps and location features
Route planning may geocode customer service addresses you provide using third-party location services (for example, OpenStreetMap Nominatim). We do not continuously track your device's GPS location. Links that open Google Maps send you to Google’s site under Google's own privacy terms.
Business customer data (B2B)
If you use SpringOS for your service business, you may store personal information about your customers (leads, homeowners, property contacts) in the CRM. You are responsible for providing appropriate notices to your customers and obtaining any required consents. We process that information on your behalf to provide the Services.
All personal information you provide must be accurate. Notify us of changes through your account settings or by contacting support.
2. How do we process your information?
In Short: We process your information to provide, improve, and administer the Services, communicate with you, maintain security, and comply with law.
We process personal information for purposes including:
- Account creation, authentication, and administration
- Providing CRM, estimating, invoicing, scheduling, messaging, widgets, and enterprise resale features you request
- Processing subscriptions, credit purchases, affiliate commissions, and Stripe Connect payouts
- Sending transactional email and SMS (invoices, follow-ups, speed-to-lead alerts, review requests) within plan limits or using credits
- Operating embeddable widgets (quote, contact, scheduler, AI receptionist) and creating leads in your account
- Customer support, troubleshooting, and responding to inquiries
- Monitoring fraud, abuse, rate limits, and platform security
- Improving reliability, debugging, and developing features
- Complying with legal obligations and enforcing our terms
- Marketing communications where permitted — you may opt out as described in Section 8
4. Do we offer artificial intelligence-based products?
In Short: Yes. Some features use AI, machine learning, or similar technologies ("AI Products").
AI Products may include the AI receptionist website widget, automated follow-up message drafting, and other in-app assistants. These features send relevant business context (such as company profile, services, and conversation content you provide) to our AI service providers, including OpenAI, to generate responses.
- You control whether AI features are enabled in your account settings.
- Do not submit sensitive personal information you do not want processed by AI providers.
- Your use of AI Products must comply with provider terms and acceptable use policies.
We process AI-related personal information according to this Notice and our agreements with AI service providers.
5. How long do we keep your information?
In Short: We keep information as long as needed for the purposes in this Notice, unless law requires longer retention.
- Active account data is retained while your account is open and as needed to provide the Services.
- If you delete your account (owners), we remove login access and delete user credentials; we may retain certain business records, billing history, and CRM customer records as described at deletion and as required for legal, fraud-prevention, or lead-retention purposes disclosed in the product.
- Backups may persist for a limited period before automatic purging.
When we no longer have a legitimate business need, we delete or anonymize personal information, or isolate it until deletion is possible.
6. How do we keep your information safe?
In Short: We use organizational and technical measures designed to protect personal information, but no method of transmission or storage is 100% secure.
We implement safeguards such as encrypted connections (HTTPS), access controls, hashed passwords, and vendor security requirements. You are responsible for keeping your password confidential and using the Services in a secure environment.
7. Do we collect information from minors?
In Short: We do not knowingly collect data from or market to children under 18.
The Services are intended for business users who are at least 18. If we learn we collected personal information from a child under 18 without appropriate consent, we will deactivate the account and delete the data. Contact support.springos@gmail.com if you believe we have such information.
8. What are your privacy rights?
In Short: Depending on your location, you may review, change, or delete certain personal information and opt out of some communications.
Withdrawing consent
Where we rely on consent, you may withdraw it by contacting us. Withdrawal does not affect processing already performed or processing based on other legal grounds.
Marketing opt-out
You may opt out of promotional email using unsubscribe links or by contacting us. Reply STOP to marketing SMS where applicable. We may still send service-related messages (billing, security, support).
Account information
- Review or update profile details at springos.co/settings/account
- Account owners may delete the company account from Settings → Account (see in-product deletion disclosures)
- We may retain limited information to prevent fraud, resolve disputes, comply with law, or as otherwise described in this Notice
9. Controls for Do-Not-Track features
Most browsers offer a Do-Not-Track (DNT) setting. There is no uniform industry standard for recognizing DNT signals. We do not currently respond to DNT browser signals. If a standard is adopted that we must follow, we will update this Notice.
10. Do United States residents have specific privacy rights?
In Short: Residents of certain U.S. states may have rights to access, correct, delete, and obtain a copy of personal information, and to opt out of certain processing. Rights vary by state and may be limited by law.
Categories of personal information collected (last 12 months)
| Category | Examples | Collected |
|---|---|---|
| A. Identifiers | Name, email, phone, IP address, account ID | YES |
| B. California Customer Records | Contact and billing information | YES |
| C. Protected classification | Race, ethnicity, gender, etc. | NO |
| D. Commercial information | Subscription and purchase history | YES |
| E. Biometric information | Fingerprints, voiceprints | NO |
| F. Internet or network activity | Logs, interactions with the Services | YES |
| G. Geolocation data | Precise device GPS tracking | NO |
| H. Audio, electronic, or visual | Job photos and uploaded images | YES |
| I. Professional information | Employment history | NO |
| J. Education information | Student records | NO |
| K. Inferences | Profiles for targeted advertising | NO |
| L. Sensitive personal information | As defined by state law | NO |
Business-purpose disclosures (last 12 months)
We may disclose the following categories to service providers for business purposes: Identifiers (A), Customer Records (B), Commercial information (D), Internet activity (F), and Visual information (H).
Sale or sharing for cross-context behavioral advertising
We do not sell personal information and do not share personal information for cross-context behavioral advertising as defined under California law.
Your state privacy rights may include
- Right to know whether we process your personal data
- Right to access and obtain a copy
- Right to correct inaccuracies
- Right to delete personal data (subject to exceptions)
- Right to non-discrimination for exercising rights
- Right to opt out of sale/sharing (not applicable — we do not sell or share for targeted advertising)
How to exercise your rights
Contact us at springos.co/contact, email support.springos@gmail.com, or use springos.co/settings/account (account owners). We may verify your identity before fulfilling a request. Authorized agents must provide proof of authorization.
Appeals
If we decline your request, you may appeal by emailing support.springos@gmail.com. If your appeal is denied, you may contact your state attorney general.
11. Do we make updates to this notice?
In Short: Yes. We may update this Notice from time to time. The "Last updated" date at the top shows the latest revision. Material changes may be communicated by posting an updated Notice or other reasonable notice.
12. How can you contact us about this notice?
Email: support.springos@gmail.com
You may also use our contact form at springos.co/contact.
13. How can you review, update, or delete the data we collect from you?
Depending on applicable law, you may request access, correction, or deletion of personal information we hold about you. Account owners can review and update profile information and request account deletion at springos.co/settings/account. You may also contact support.springos@gmail.com.