Last Updated: June 4, 2025
Spring AI Tech Ltd. (doing business as Upspring) is committed to protecting your privacy. This Privacy Policy explains what information we collect from users of our website and services (collectively, the “Service” or “Upspring”), how we use and share that information, and the choices you have regarding your information. This policy applies to all personal information collected or processed by Upspring in connection with the operation of our platform, whether you are a direct user of Upspring or interacting with us in other ways (such as visiting our marketing website or contacting us for support).
By using Upspring, you agree to the collection and use of information in accordance with this Privacy Policy. If you do not agree with this policy, you should not use our Service.
We collect various types of information from or about you (and, in some cases, from your customers or end-users if you integrate Upspring with your systems). This includes:
1.1 Information You Provide Directly
Account Registration Information: When you sign up for Upspring, we may collect personal details such as your name, business or company name, email address, phone number, job title, and a password. If you register using a third-party account (for example, signing in via Google or another service), we will receive basic profile information from those accounts as needed (such as your name and email).
Profile and Organization Data: If you create a user profile or provide additional information within the platform, we collect that data. This may include a profile photo, timezone, roles or team affiliations, and any preferences you set.
Payment and Billing Information: If you subscribe to a paid plan, our payment processor (a third-party service) will collect your payment card details or other billing information. We may also collect billing contact name, billing address, and tax identification (e.g., VAT number) if relevant. Note: Upspring itself does not store your full credit card information; that is handled by our PCI-compliant payment processor.
Communications with Us: If you contact Upspring support or communicate with us via email, chat, or phone, we will collect the information you provide in those communications. This can include your contact details and the content of your inquiry or feedback.
Survey, Contest, or Feedback Information: If you participate in a survey, contest, user research, or respond to our request for feedback, we collect any information you choose to provide, which might include your email, opinions, or testimonial.
1.2 Information We Collect from Your Use of the Service
Store and Marketing Data (User-Provided Integration Data): Upspring is designed to integrate with your e-commerce platforms, advertising accounts, and other marketing tools to gather data and automate campaigns. When you connect these services (such as connecting your Shopify store, Facebook/Meta Ads account, Google Analytics, email marketing platform, etc.), we collect data from those sources as needed to provide our Service. This may include:
E-commerce Data: Product information, inventory levels, sales and order data, customer purchase history, and other store performance metrics.
Advertising and Campaign Data: Information about your advertising campaigns and marketing activities, such as ads run, budgets, impressions, clicks, conversions, and associated performance metrics.
Customer Engagement Data: If you use Upspring to manage customer communications (e.g., sending welcome emails, back-in-stock notifications, or cart abandonment reminders), we will process relevant customer contact info (email, name, etc.) and engagement data (e.g., whether a customer opened an email or clicked a link).
Inspiration & Competitor Data: If you utilize features like the Inspiration Library or Competitor Analysis, we may collect or store data related to ads or content from third-party libraries or public sources that you explore or save in your account.
Usage Data: We automatically collect information about how you and your users interact with Upspring. This includes:
Log Data: When you use our app or visit our website, our servers record information (“log files”), including your Internet Protocol (IP) address, date and time of access, pages or features viewed, actions taken (e.g., clicking a button, generating a report), the web page visited before navigating to our Service, your browser type and settings, and any errors encountered.
Device and Software Data: We may collect information about the device and software you use to access Upspring, such as your device’s operating system and version, device identifiers, browser type, and version, screen resolution, and possibly device location (general region, based on IP address).
Cookies and Similar Technologies: We and our service providers use cookies, web beacons, pixels, and similar tracking technologies on our website and within the app to collect information about your usage and to recognize you across different services and devices. Cookies help us remember your preferences, understand usage patterns, and personalize content. (See Section 4: Cookies and Tracking for more details on how we use cookies and your choices.)
Analytics Data: We use internal and third-party analytics tools (like Google Analytics, Mixpanel, or similar) to collect information about user behavior and demographics. This includes data on which pages you visit, how long you stay, how you navigate the interface, and general geographic location. This information helps us improve the user experience and the Service’s functionality.
AI Recommendation Data: When Upspring’s AI features analyze your store data to provide proactive campaign suggestions or performance insights, we collect the input data (your store/campaign data) and the output (suggestions, flags, or scores) for your use. We may log these outputs to improve our algorithms (in an aggregated or anonymized form).
1.3 Information from Third Parties
Third-Party Integrations: As mentioned, if you link or integrate third-party services with Upspring, those services may send us information about you or your end-customers. For instance, if you connect a social media platform, it may share your account name and certain settings; connecting an email marketing tool might share your contact lists or campaign stats with us. We treat this information in line with this Privacy Policy and any applicable agreement with you (and typically use it only to provide the Service functionality you expect).
Partners and Referrals: We may receive your information from business partners or referral programs. For example, if another user invites you to Upspring (as a team member or collaborator), they might provide your email address and name. Or if you learned about Upspring through a partner or affiliate, they might send us your contact information for onboarding.
Publicly Available Sources: We might collect business contact information from public sources for outreach and marketing purposes (e.g., your company website lists a marketing manager’s email which we then use to send an introductory message about Upspring). We do so in compliance with applicable laws, and you can opt out of marketing communications as described below.
1.4 Children’s Data
Upspring is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children under 18. If you are under 18, please do not use the Service or send us any personal information. If we learn that we have inadvertently collected personal data from a child under 18, we will take steps to delete such information promptly. (If you believe we might have any information from or about a minor, please contact us at info@upspring.ai.)
Upspring uses the collected information for various purposes in order to provide, maintain, and improve our Service, and to support our business operations. The main uses of information are:
2.1 To Provide and Maintain the Service
Operate the Platform: We use your information to allow you to log in, use the features, and generally to perform the contract with you. For example, we use account information to identify you as a user, integration data to pull in your store metrics and display dashboards, and content you input to generate reports or send out campaigns on your instruction.
Personalize Your Experience: We use data (such as your usage patterns or provided preferences) to customize the Service for you. This could mean remembering your dashboard layout, recommending content relevant to your industry, or pre-filling settings based on your past usage.
Processing Transactions: For paid users, we use billing information to process subscription payments and any other transactions, and to manage your subscription (e.g., calculating when to charge for renewal, or handling any upgrade/downgrade).
Account Management: We may use your information to send you important account notifications. For instance, we’ll email you to confirm your registration, notify you of subscription renewal or payment issues, or alert you to important changes or security updates related to your account.
2.2 To Improve and Develop the Service
Service Improvement: We analyze usage data and feedback to understand how our product is being used and how it can be improved. Information like which features are most used, where users encounter errors, or what parts of the interface are confusing helps our team enhance usability and functionality.
New Features and AI Training: We may use aggregated, anonymized data derived from user content and behavior to develop new features or improve our AI algorithms. For example, by analyzing trends across many users (in a way that does not identify any individual user or company), we might improve our predictive models or benchmarking tools. Important: If we ever use your data for machine learning training that goes beyond providing the Service to you (for instance, developing a general AI model), we will do so either with your consent or in a manner that ensures personal or proprietary identifiers are removed (e.g., using anonymized datasets).
Research and Analytics: We might use certain data for internal research, such as evaluating the effectiveness of a new feature with a small user group or understanding the demographics of our user base. We also create aggregated or de-identified data that contains no personal information, which we may use for purposes such as publishing trend reports or sharing insights about marketing benchmarks in general (but not revealing any specific user’s data).
2.3 To Communicate with You
Service and Account Communications: We will contact you to send transactional or relationship messages, such as:
Welcoming you to Upspring and verifying your email.
Informing you of important account or subscription information (password changes, subscription expirations, confirmations of actions, security alerts).
Notifying you of product updates, changes to terms or privacy policy (with links to the new terms).
Responding to your inquiries, support tickets, or requests.
User Guides and Tips: As part of improving your experience, we might send emails or in-app messages to help you better use Upspring (e.g., a guide to get started, tips on new features, or best practices related to creative analytics and marketing).
Marketing and Promotional Communications: If you have subscribed to our newsletter or agreed to receive marketing communications, we will send you emails about new features, special offers, webinars, newsletters, or events we think may interest you. If you are a business user, we may also send marketing information based on legitimate interest (where allowed by law), but you will always have the option to opt out. See Section 6: Your Choices on how to manage marketing emails.
Push Notifications: With your consent, we may send push notifications or alerts to your device (for example, alerting you quickly if a campaign threshold is hit or if a scheduled campaign was successful). You can usually control push notification preferences via your device or app settings.
2.4 To Facilitate Marketing Campaigns on Your Behalf
One of Upspring’s core functions is to help you run and manage marketing campaigns (emails, alerts, ads) to your customers:Campaign Content and Automation: We use the store data and customer data you provide to create and execute marketing campaigns as directed by you. For example, if you set up an automated welcome email for new customers, we will use the customer’s email address and name to send that email at the right trigger time. If our AI suggests a campaign (like “send a holiday promo to your top customers”), and you approve or schedule it, we will use relevant data (customer segment, product info) to craft and dispatch that campaign.
Personalization: Our AI and automation features may personalize communications to your end-customers. This means we might use their purchase history or browsing behavior (data from your store) to tailor the content of messages (like recommending products similar to what they bought, or reminding them of items left in cart). All such uses are ultimately under your control – Upspring acts as a processor of this data, implementing the personalized marketing that you or our system (on your behalf) decide to send.
Ad Management: If you connect advertising accounts (e.g., Facebook Ads or Google Ads), we use the data from those accounts to inform campaign strategies and may, with your instruction, assist in creating or adjusting ad campaigns. For instance, we might use performance data to suggest increasing budget on a winning ad set, or use product feed data to create dynamic ads. Any direct actions (like launching an ad) would only be taken with your consent or at your initiation.
(Note: For clarity, when we handle your customers’ data to send communications, we do so as your “service provider” or “data processor,” meaning we only use that data to fulfill your marketing instructions and not for our own independent purposes, except as needed for internal service improvement in line with privacy laws – and never to market to your customers on our own.)
2.5 For Security and Legal Compliance
Security and Fraud Detection: We use information (especially technical and usage data) to monitor for suspicious or fraudulent activity on our platform, to detect potential threats, and to verify accounts. For example, we might use IP addresses and login history to identify possible unauthorized access, or use automated scanning to detect bots or abuse of our API.
Enforcing Terms and Policies: Information may be used to investigate and enforce our Terms of Service and other legal terms. If we have to suspend or terminate an account due to violations, we will use data in our investigation (e.g., logs of prohibited API usage, or content flagged as inappropriate).
Legal Obligations: We may process personal data to comply with applicable laws or regulations. For instance, keeping transaction records for tax/audit purposes, or responding to lawful requests by public authorities.
Protecting Rights and Interests: We may use or disclose information as we believe necessary to protect the rights, property, or safety of Upspring, our users, or others. This includes preventing harm or illegal activities, addressing claims (e.g., if someone asserts that your use of the Service violated their rights), and pursuing remedies or limiting damages (like in the case of a legal dispute).
2.6 Other Purposes with Consent
If we intend to use your personal information for a purpose that is not covered in this Privacy Policy or that is materially different from the purposes we collected it for, we will seek your consent. For example, if we wanted to feature your success story on our marketing site and it involves personal data, we’d ask for your permission. Or if in the future, Upspring considered using customer data for any new purpose, we would update our policy and/or provide opt-in as appropriate.
We do not sell your personal information to third parties. We only share your information in limited circumstances, described below, and always with appropriate safeguards and only as necessary.
3.1 Service Providers and Partners
We employ trusted third-party companies and individuals to help us provide, analyze, and improve the Service. These “service providers” perform tasks on our behalf and under our instructions. Examples include:Hosting and Infrastructure: We use cloud hosting providers (such as AWS, Google Cloud, or Azure) to store data and run our application. Your data (including personal data) is stored on their secure servers as part of the Service operation.
Payment Processors: As mentioned, we rely on third-party payment gateways (like Stripe, PayPal, or others) to handle billing. They process your payment information securely in accordance with their own privacy policies. We share minimal info with them as needed (e.g., your account ID and subscription plan to tie a payment to your account).
Email and Communication Tools: We may use services to send emails, app notifications, or chat communications (for support or onboarding). For instance, if we send an announcement email, we might use an email delivery service that handles large mailouts.
Analytics and Monitoring: We work with analytics providers to understand usage (e.g., Google Analytics) and with error-tracking or performance monitoring tools (e.g., Sentry, Datadog) to maintain the Service quality. These providers may have access to usage data or technical information under our guidance.
Customer Support Systems: If you engage with our support (through a widget or chat on our site, or via a ticketing system), the information you provide is handled by our CRM or support platform partners (like Zendesk, Intercom, or similar).
Marketing and Advertising Partners: We might share some information with marketing partners to help promote Upspring. This could include using a customer relationship management tool to manage email lists, or using hashed customer email addresses to create custom advertising audiences on platforms like Facebook or Google (for example, to exclude our existing users from seeing introductory ads, or to reach people with similar interests — this is sometimes called creating a “lookalike audience”). Such uses are typically done in a privacy-conscious way (e.g., using hashed data so the platform only recognizes it if the person is already a user of that platform) and in compliance with applicable law. You can opt out of us using your data for these purposes – see Section 6.3 Interest-Based Advertising.
All these service providers are bound by appropriate confidentiality and data protection obligations. They are only allowed to use your personal data as necessary to perform the functions we task them with, and not for other purposes.3.2 Within Our Corporate GroupIf Spring AI Tech Ltd. has affiliates, subsidiaries, or parent companies (collectively, our “affiliates”), we may share your information within that corporate group. For example, if we have a subsidiary handling development or a branch office providing support, they might access user data. Any such entity will follow this Privacy Policy and be bound to protect your personal information to the same extent as we do.
3.3 Business Transfers
If Upspring (Spring AI Tech Ltd.) is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of company assets, or transition of service to another provider, your information may be transferred as part of that transaction. We would only transfer the necessary data and would contractually require the new owner to continue honoring your rights and the commitments of this Privacy Policy. You would be notified via email and/or a prominent notice on our website of any change in ownership or uses of your personal information, as well as any choices you may have regarding your personal information as a result of the transfer.
3.4 Legal Compliance and Protection
We may disclose your information if required to do so by law or if we have a good faith belief that such action is necessary to:Comply with Legal Obligations: This includes responding to subpoenas, warrants, or court orders, or other legal processes. We try to only disclose what is necessary and will object to overly broad requests when appropriate.
Regulatory Compliance: For instance, if a data protection authority in an applicable jurisdiction requests certain records to ensure we are compliant with regulations, we might produce needed data.
Protect Rights and Safety: We may share information when we believe it’s necessary to protect the rights, property, or safety of our company, our users, or the public. For example, we might share information with law enforcement if we believe someone is at risk of harm or to report fraud or a crime.
Enforce our Agreements: Information might be shared in the context of enforcing our Terms of Service or other agreements, or investigating potential violations thereof.
We will attempt to notify you about any legal demands for your data when appropriate (for example, if a government or law enforcement request is made), unless prohibited by law or we’re otherwise advised not to (such as in an emergency).
3.5 Your Sharing and Directions
With Other Users at Your Direction
Upspring allows collaboration within teams. If you invite team members or connect multiple user accounts under an organization, certain information will be shared among those users (for example, team members can see shared assets, comments, and performance data for the common projects).
Third-Party Integrations at Your Request
When you integrate or share data between Upspring and third-party services, you are directing us to share certain information with that service on your behalf. For instance, if you export a report from Upspring to a Google Sheet or if you use an API to pull Upspring data into another platform, we will transmit that data as instructed by you.
Social Media or Public Posting
Our Service might enable certain social features, such as sharing an achievement or insight to a social network. If you choose to link Upspring with a social media account or to publish content from Upspring to a public forum (like posting a case study or sharing a creative brief link), the information you share will, of course, be viewable by those networks or the public you share it with. Please use caution and consider your privacy settings when making such shares.
3.6 Aggregated or De-Identified Data
We may also share information that has been aggregated or anonymized in such a way that it cannot reasonably be used to identify you. For example, we might publish a trend report that says “On average, brands in the beauty industry saw a 15% increase in engagement after 3 months on Upspring,” or “80% of users use at least two integrations,” etc. These insights wouldn’t contain any personal or company-specific data.
We may share aggregated, non-identifiable statistics with the public, press, business partners, or in marketing materials.
Rest assured, aggregated or de-identified data will not include anything that could be linked back to any individual person or a specific organization.
Cookies are small data files stored on your browser or device. Upspring and our analytics or advertising partners use cookies and similar technologies (like pixels, web beacons, and local storage) to provide our Service and gather information. Here’s how we use them and your choices:
4.1 How We Use Cookies
Essential Cookies: These cookies are necessary for the website or app to function. For example, when you log in, a session cookie keeps you logged in as you navigate between pages. Without these, certain features (like account login or remembering your input in a form) would not work.
Performance and Analytics Cookies:
These cookies collect information about how users interact with our Service, which pages are visited, and if any errors occurred. We use this data to improve the Service’s performance and design. For instance, we might use Google Analytics cookies to see how much time users spend on the dashboard vs. reports page.
Functionality Cookies:
These cookies allow us to remember preferences you set and improve your experience. For example, a cookie might remember your chosen language or that you dismissed a tooltip so it doesn’t show again.
Advertising and Marketing Cookies:
Upspring does not display third-party ads on our platform, but we may use cookies (or similar tech) for our own marketing on other sites. For example, a Facebook Pixel on our site might note that you visited the pricing page, and then we could show you an Upspring ad on Facebook later. These cookies and pixels help us measure the effectiveness of our ads and reach people who are more likely to be interested in Upspring. Additionally, if we send email newsletters, we might include a beacon (tiny invisible image) that tells us if you opened the email or clicked on links, which helps us refine our content.
4.2 Third-Party Tracking
Some third-party services that integrate with our site (like our chat support widget or social media share buttons) may set their own cookies. Also, as mentioned, analytics services and advertising partners set cookies. We do not have control over those cookies except to choose which partners we implement. However, these parties are obligated not to use these cookies for purposes other than those we define (for example, our analytics partners can’t use data collected from our site except to provide us with analytics).
4.3 Your Choices Regarding Cookies
Browser Controls: Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. You can also clear existing cookies. Keep in mind disabling cookies may affect the functionality of our Service – e.g., you might not be able to log in or certain preferences might not be saved. For more information about cookies and how to manage or delete them, visit sites like AllAboutCookies.org.
Do Not Track Signals:
Our site currently does not respond to “Do Not Track” (DNT) signals from browsers because there is not yet a common standard for interpreting them. We treat all user visits the same with respect to cookies, regardless of DNT status. You can learn more about Do Not Track at AllAboutDNT.com.
Analytics Opt-Out: For Google Analytics, you can install the Google Analytics Opt-out Browser Add-on to prevent your data from being used by Google Analytics: https://tools.google.com/dlpage/gaoptout.
Advertising Choices: For interest-based advertising (remarketing), you can opt-out of some third-party vendors’ cookies via the Digital Advertising Alliance’s opt-out page http://optout.aboutads.info or the Network Advertising Initiative http://optout.networkadvertising.org. If you use a European IP address, you might use the EDAA site http://www.youronlinechoices.eu/ for similar opt-outs.
Please note that even if you opt out of interest-based ads, you may still see advertisements – they just won’t be tailored to your interests based on cookies.
5.1 Data Retention
We retain personal information for as long as reasonably necessary to fulfill the purposes for which it was collected, as described in this policy, or for as long as required by law or legitimate business purposes. Specifically:Account Data: We keep your account information while your account is active and for a reasonable period thereafter in case you decide to reactivate. If you delete your account (or it’s terminated), we will remove or anonymize personal data associated with your account within a certain timeframe, except as noted below.
Content and Campaign Data: If you remove specific content (like deleting an asset or an email list) from the Service, we will delete it from active view. However, some residual data may remain in our backups or archives for a short period until those are cycled (typically backups are retained for a limited time for disaster recovery).
Legal and Compliance: We may retain information as needed to comply with legal obligations (for example, financial records are kept for accounting/tax), resolve disputes, and enforce agreements. For instance, even after deletion, we might keep information to investigate fraud or abuse, or to satisfy reporting obligations.
Aggregated/Anonymized Data: Upspring may retain aggregated, anonymized data (which is not personally identifiable) indefinitely for analytics and improvement purposes.
When we no longer have a legitimate need to process your personal information, we will delete, anonymize, or isolate it, whichever is appropriate.
5.2 Data Security
We implement a variety of security measures to protect your personal information:Encryption: All data is encrypted in transit using HTTPS/TLS protocols. For particularly sensitive data, we also employ encryption at rest on our servers.
Access Controls: Personal data is accessible only to those employees, contractors, and service providers who need access to perform their job functions. They are bound by strict confidentiality obligations. We use measures like two-factor authentication and identity management to limit access to systems storing personal data.
Network Security: Our infrastructure is protected by firewalls and network monitoring. We regularly update our software and promptly apply security patches. We use intrusion detection and prevention systems to guard against malicious access.
Testing and Assessments: We conduct periodic security audits, vulnerability assessments, and penetration testing to evaluate the robustness of our security posture. We also maintain a security incident response plan.
Training: Our team members are trained on data security and privacy best practices, ensuring they handle your data with care and awareness of applicable regulations.
While we strive to protect your information, no system is 100% secure. The internet by its nature is not completely secure and we cannot guarantee absolute security of your data. You are also responsible for safeguarding your account credentials and not sharing them. If you believe your Upspring account has been compromised, please contact us immediately.
5.3 Data Breach Procedures
In the event of a data breach that involves your personal information, Upspring will act promptly to identify, contain, and mitigate the incident. We will notify affected users and relevant authorities of any data breach as required by law.
Our notification (to you, likely via email or prominent site notice) will outline the nature of the breach, what data might be involved, steps we’ve taken to address it, and recommended precautions for you. We will also assist you, where necessary, in mitigating any potential adverse effects.
Depending on your jurisdiction and as provided by applicable data protection laws (such as the GDPR for EU/EEA residents or the CCPA/CPRA for California residents), you have certain rights regarding your personal information. Upspring is committed to facilitating the exercise of those rights.
6.1 General Rights for Users (including GDPR)
If you are located in the European Economic Area (EEA), United Kingdom, Switzerland or another jurisdiction with similar data rights, you have the following rights (subject to some exemptions and limitations):Right to Access: You have the right to request a copy of the personal data we hold about you, as well as information about how we process it.
Right to Rectification: If any of your information is inaccurate or incomplete, you have the right to ask us to correct it.
Right to Erasure (Right to be Forgotten): You may ask us to delete or remove your personal data under certain circumstances, for example if it’s no longer needed for the purposes for which it was collected, or if you withdraw consent (where the data processing was based on consent).
Right to Restrict Processing: You can request that we limit processing of your data in certain situations, such as while we resolve a complaint that the data is inaccurate or we’re addressing an objection you have made to our processing.
Right to Data Portability: You have the right to receive your personal data that you provided to us in a structured, commonly used, and machine-readable format and to transmit those data to another controller, when the processing is based on your consent or a contract with you, and done by automated means.
Right to Object: You have the right to object to our processing of your personal data in certain cases. For instance, if we are processing your data based on legitimate interests, you can object if you believe it impacts your rights. If you object to direct marketing, we will honor that unconditionally.
Right not to be subject to Automated Decision-Making: Upspring generally does not make any legally significant decisions about you purely by algorithms without human involvement. However, if we ever do, you have the right not to be subject to a decision based solely on automated processing (including profiling) which produces legal or similarly significant effects on you, unless it’s necessary for entering into/performing a contract, based on your explicit consent, or authorized by law (with safeguards).
To exercise any of these rights, you can contact us at info@upspring.ai or through your account settings if available. We may need to verify your identity before fulfilling your request (to ensure we don’t give your data to someone else), so we might ask for additional information or identification. We will respond to your request within the timeframes required by law (typically within 30 days for GDPR, which can be extended by another 60 days for complex requests with notification to you).Please note: These rights are not absolute. There are exemptions (for example, we might not erase data we are legally required to keep, or we might refuse an access request if it adversely affects the rights of others). If we cannot fulfill a request fully, we will explain the reasons in our response.
6.2 Additional Rights for California Residents (CCPA/CPRA)
If you are a resident of California, USA, you have specific privacy rights under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA). These include:Right to Know: You can request that we disclose to you the categories of personal information we have collected about you, the categories of sources, the business or commercial purpose for collecting (or selling/share, if applicable) that information, the categories of third parties with whom we share personal info, and specific pieces of personal information we have collected about you. (Essentially a more detailed data access right.)
Right to Delete: You can request that we delete personal information we have collected from you, with certain exceptions (for example, if we need to retain it for security, legal compliance, or internal uses aligned with your expectations).
Right to Correct: You can request correction of inaccurate personal information that we maintain about you.
Right to Opt-Out of Sale or Share: The CCPA grants California residents the right to opt out of the “sale” of personal information, or the “sharing” of personal information for cross-context behavioral advertising. Note: Upspring does not sell your personal information for money. We also do not share personal information for targeted advertising in the way defined by law, except possibly using limited identifiers to reach you with Upspring ads on other platforms (which you can opt out as described in Section 4.3 and 6.3). If we ever engaged in activity considered a “sale” or “share” under CCPA, we would provide a clear “Do Not Sell or Share My Personal Information” link or mechanism. As of the date of this policy, we have no knowledge of selling or sharing personal info of anyone under 16 and we have no such practice.
Right to Limit Use of Sensitive Personal Information: If we collect or use “sensitive personal information” (as defined by CPRA) for reasons beyond those allowed by law (which are mainly to provide the services or for security, etc.), California users can ask us to limit that use. Upspring does not collect sensitive personal info like Social Security numbers or precise geolocation or financial account passwords from you – the sensitive data we might handle is limited and typically only used to provide the Service (e.g., login credentials or payment tokens are used only to authenticate or process payment).
Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means we won’t deny you service, charge different prices, or provide a different level or quality of service just because you exercised your privacy rights. If you opt out of certain optional data uses (like personalized ads), we likewise will not treat you differently in any unjust way. In some cases, if a certain aspect of our Service relies on that data, we may inform you if your choice means you cannot use that feature (for example, if you refused to share an email needed for login, we couldn’t create an account; that’s a reasonable effect, not discrimination).
To submit a request under CCPA/CPRA, you (or your authorized representative) can contact us at info@upspring.ai with the subject line “CCPA Request” and specify which right you seek to exercise. We will need to verify your identity (and authorization, if someone is submitting on your behalf). For example, we may ask you to confirm personal details we have on file or use the account login as verification.California’s “Shine the Light” law also allows residents to request a notice of what categories of personal information we share with third parties for their direct marketing purposes. Upspring does not disclose personal information to third parties for their direct marketing without consent. Nonetheless, you may request such information by contacting us at the email above.
6.3 Communication Preferences and Opt-OutOpt-Out of Marketing Emails:
You can unsubscribe from promotional emails by clicking the “Unsubscribe” link at the bottom of those emails or by adjusting your email preferences in your account settings (if available). Please note that you may still receive important transactional or account-related communications (password resets, billing notices, etc.) even if you opt out of marketing messages.
Opt-Out of Push Notifications: If you previously agreed to receive push notifications from us (on mobile or browser), you can turn these off at any time in your device settings or browser settings.
Opt-Out of Interest-Based Advertising: As described in Sections 4.3 and 6.2, you can take steps to limit use of data for personalized advertising. Specifically, you can:
Use browser and device mechanisms to block cookies or reset advertising identifiers.
Use industry opt-out tools for cross-site tracking ads (DAA, NAI websites).
If applicable, utilize a “Do Not Sell/Share” request (for California) by contacting us, though we currently do not sell/share personal info in the defined ways.
Analytics: If you don’t want to be part of our analytics gathering, you can use the Google opt-out browser add-on or similar mechanisms as mentioned.
6.4 Accessing and Updating Your Information
You can review and update certain personal information within Upspring by logging into your account and editing your profile or settings. For example, you can change your name, email, password, and other account details. If any information is not editable through the platform (e.g., something like changing the owner of an organization account), you can reach out to support for assistance.If you need assistance accessing, correcting, or deleting any of your personal information, you may contact us at info@upspring.ai. We will gladly help, provided we can authenticate your identity and the request is legitimate.
Upspring is based in Israel (with certain operations possibly in the United States) and we operate a global service. This means your personal information may be transferred to, processed, and stored in countries other than your own. Servers or databases for Upspring may be located in the United States, the European Union, or other jurisdictions.Israel is recognized by the European Commission as providing an adequate level of data protection (which means it’s approved for EU personal data transfers). When we transfer personal data from the EEA/UK to other countries that are not deemed adequate (like the U.S.), we rely on lawful transfer mechanisms:Standard Contractual Clauses (SCCs): We have in place standard data protection clauses (as approved by the EU Commission) with our service providers to ensure that personal data is protected according to EU standards even outside the EU.
International Agreements: Where applicable, we may rely on the UK International Data Transfer Agreement or similar frameworks.
Other Safeguards: We may also rely on your consent for cross-border transfers in certain cases, or on derogations (like when a transfer is necessary to perform a contract with you).
Regardless of where data is stored, we apply the same protections described in this Privacy Policy. Our service providers are contractually obligated to protect your data in line with applicable laws and this policy.If you have questions about our international data handling or want more information about transfer safeguards (for example, to obtain a copy of the SCCs we use), you can contact us at info@upspring.ai.
Our Service may contain links to other websites, or you may engage with third-party services in connection with Upspring (such as logging in via a third-party, or using plugins). This Privacy Policy does not apply to information processed by third-party websites or services. We are not responsible for the privacy practices of those third parties.
For example:
If you click a link to a blog or article on our site that leads to another company’s site, any data you provide to that site is governed by their policies.
If you use a third-party integration through Upspring (say, export data to Google Sheets or connect to Slack), the information is handled by that third party under their policies once it leaves Upspring.
Our site might include social media features (like a “Share on Twitter” button). Interacting with those features might allow the third-party social media platform to collect information like your IP address or set cookies. Those interactions are governed by the privacy policy of the company providing them.
We encourage you to review the privacy policies of any third-party services or sites that you interact with. If you have questions about how those parties handle your data, you should contact them directly.
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we do update it, we will:Post the revised policy on our website with a new “Last Updated” date.
If the changes are significant, we will also provide a more prominent notice, such as an email notification to the address on your account or a banner on the site/app, informing you of the upcoming changes.
We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information. If you continue to use Upspring after any Privacy Policy changes take effect, you will be deemed to have accepted the updated policy (except where your explicit consent is required by law, in which case we will seek such consent).If you do not agree with the changes, you should deactivate your account or reach out to us with any concerns before the changes take effect.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, you can contact us using the information below:
Spring AI Tech Ltd. (Upspring)
Email: info@upspring.ai
Mailing Address: Hatashah 2 Street, Floor 4, Tel Aviv, Israel.
Data Protection Officer (DPO): If required by applicable law, you may also reach our designated Data Protection Officer at info@upspring.ai.
Connected
