Privacy Statement

Effective Date: February 15, 2024

Table of Contents

  • Introduction

  • Data Protection Officer

  • How we collect and use (process) your personal information

  • Use of the spara.co website

  • Cookies and tracking technologies

  • Use of the Spara services

  • When and how we share information with third parties

  • Transferring personal data to the U.S.

  • Data Subject rights

  • Security of your information

  • Data storage and retention

  • Questions, concerns, or complaints

Introduction

Spara is a SaaS application for GTM teams.

We understand that you are aware of and care about your own personal privacy interests, and we take that seriously. This Privacy Notice describes the Spara’s policies and practices regarding its collection and use of your personal data, and sets forth your privacy rights. We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Notice as we undertake new personal data practices or adopt new privacy policies.

Data Protection Officer

Spara is headquartered in New York, New York in the United States. Spara has appointed an internal data protection officer for you to contact if you have any questions or concerns about Spara’s personal data policies or practices. If you would like to exercise your privacy rights, please direct your query to Spara’s data protection officer. Spara’s data protection officer’s name and contact information are as follows:

Alexander Pease

zander@spara.co

Spara, Inc.

299 West 12th Street, 15D

New York New York 10014

United States

Data Protection Mechanisms for Sensitive Data

We take the protection of your sensitive data seriously and implement a range of technical, administrative, and physical safeguards to ensure its confidentiality, integrity, and availability. These mechanisms include:

  1. Encryption at Rest and in Transit
    All sensitive data is encrypted using industry-standard protocols (e.g., AES-256 for data at rest and TLS 1.2 or higher for data in transit) to prevent unauthorized access during storage and transmission.

  2. Access Controls and Authentication
    Access to sensitive data is restricted based on role and responsibility, following the principle of least privilege. Multi-factor authentication (MFA) and strong password policies are enforced for all personnel with access to systems handling sensitive information.

  3. Data Minimization and Retention
    We collect and retain only the data necessary to fulfill the purposes described in this policy. Sensitive data is retained only as long as required by law or for legitimate business needs, after which it is securely deleted or anonymized.

  4. Monitoring and Logging
    All systems that process sensitive data are monitored for unauthorized access and suspicious activity. Security logs are regularly reviewed and retained in accordance with our incident response policies.

  5. Secure Software Development Practices
    Applications and systems are developed following secure coding practices. Regular vulnerability scanning and third-party penetration testing are conducted to identify and remediate potential security risks.

  6. Data Segmentation and Isolation
    Sensitive data is logically separated from other data types and, where appropriate, stored in isolated environments to reduce exposure and limit the scope of potential breaches.

How we collect and use (process) your personal information

Spara collects personal information about its website visitors and customers. With a few exceptions, this information is generally limited to:

  • name

  • job title

  • employer name

  • work address

  • work email

  • work phone number

We use this information to provide prospects and customers with services.

We do not sell personal information to anyone and only share it with third parties who are facilitating the delivery of our services.

From time to time, Spara receives personal information about individuals from third parties. Typically, information collected from third parties will include further details on your employer or industry. We may also collect your personal data from a third party website (e.g. LinkedIn)

Use of the Spara Website

As is true of most other websites, Spara’s website collects certain information automatically and stores it in log files. The information may include internet protocol (IP) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the use of Spara’s website, including a history of the pages you view. We use this information to help us design our site to better suit our users’ needs. We may also use your IP address to help diagnose problems with our server and to administer our website, analyze trends, track visitor movements, and gather broad demographic information that assists us in identifying visitor preferences.

Spara has a legitimate interest in understanding how members, customers and potential customers use its website. This assists Spara with providing more relevant products and services, with communicating value to our sponsors and corporate members, and with providing appropriate staffing to meet member and customer needs.

Cookies and tracking technologies

Spara believes in transparency about collection and use of data. This policy provides information about how and when Spara uses cookies for these purposes. Capitalized terms used in this policy but not defined have the meaning set forth in our Privacy Policy, which also includes additional details about the collection and use of information at Spara.

What is a cookie?

Cookies are small text files sent by us to your computer or mobile device, which enable Spara features and functionality. They are unique to your account or your browser. Session-based cookies last only while your browser is open and are automatically deleted when you close your browser. Persistent cookies last until you or your browser delete them or until they expire.

Does Spara use cookies?

Yes. Spara uses cookies and similar technologies like single-pixel gifs and web beacons. Spara uses both session-based and persistent cookies. Spara sets and accesses cookies on the domains operated by Spara and its corporate affiliates (collectively, the “Sites”). In addition, Spara uses third party cookies, like Google Analytics.

How is Spara using cookies?

Some cookies are associated with your account and personal information to remember that you are logged in and which workspaces you are logged into. Other cookies are not tied to your account but are unique and allow us to carry out analytics and customization, among other similar things.

Cookies can be used to recognize you when you visit a Site or use our Services, remember your preferences, and give you a personalized experience that is consistent with your settings. Cookies also make your interactions faster and more secure.

Categories of use

  • Chat AI use: If you are engaging with a Spara Chat AI product, which may be deployed on a Spara customer’s own web domain, cookies help Spara ensure that conversation history is consistent for an individual user.

  • Authentication: If you're signed into the Services, cookies help Spara show you the right information and personalize your experience.

  • Security: Spara uses cookies to enable and support security features, and to help detect malicious activity.

  • Preferences, features, and services: Cookies denote which language you prefer and what your communications preferences are. They can help fill out forms on our Sites more easily. They also provide you with features, insights, and customized content.

  • Marketing: Spara may use cookies to help deliver marketing campaigns and track their performance (e.g., a user visited Spara.com and then made a purchase). Similarly, Spara’s partners may use cookies to provide us with information about your interactions with their services, but use of those third-party cookies would be subject to the service provider’s policies.

  • Performance, Analytics, and Research: Cookies help Spara learn how well the Sites and Services perform. Spara also uses cookies to understand, improve, and research products, features, and services, including to create logs and record when you access our Sites and Services from different devices, such as your work computer or your mobile device.

What can you do if you don't want cookies to be set or want them to be removed?

For UK and EU users, you have the option to disable and delete cookies that may not be necessary for the basic functionality of our website. Please note, blocking categories may impact your experience on our website. You may access the Cookie Manager at any time in the footer of our website

Does Spara respond to Do Not Track Signals?

The Sites and Services do not collect personal information about your online activities over time and across third-party websites or online services. Therefore, “do not track” signals transmitted from web browsers do not apply to the Sites or Services, and Spara does not alter any data collection and use practices upon receipt of such a signal.

Sharing information with third parties

The personal information Spara collects from you is stored in one or more databases hosted by third parties located in the United States. These third parties do not use or have access to your personal information for any purpose other than cloud storage and retrieval. On occasion, Spara engages third parties to send information to you, including information about our products, services, and events. We do not otherwise reveal your personal data to non-Spara persons or businesses for their independent use unless: (1) you request or authorize it; (2) it’s in connection with Spara-hosted and Spara co-sponsored conferences as described above; (3) the information is provided to comply with the law (for example, compelled by law enforcement to comply with a search warrant, subpoena, or court order), enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others; (4) the information is provided to our agents, vendors or service providers who perform functions on our behalf; (5) to address emergencies or acts of God; or (6) to address disputes, claims, or to persons demonstrating legal authority to act on your behalf. We may also gather aggregated data about our services and website visitors and disclose the results of such aggregated (but not personally identifiable) information to our partners, service providers, advertisers, and/or other third parties for marketing or promotional purposes.

The Spara website connects with third party services such as Facebook, LinkedIn, Twitter and others. If you choose to share information from the Spara website through these services, you should review the privacy policy of that service. If you are a member of a third party service, the aforementioned connections may allow that service to connect your visit to our site to your personal data.

Transferring personal data to the U.S.

Spara has its headquarters in the United States. Information we collect about you will be processed in the United States. By using Spara’s services, you acknowledge that your personal information will be processed in the United States. The United States has not sought nor received a finding of “adequacy” from the European Union under Article 45 of the GDPR. Pursuant to Article 46 of the GDPR, Spara is providing for appropriate safeguards by entering binding, standard data protection clauses, enforceable by data subjects in the EEA and the UK. These clauses have been enhanced based on the guidance of the European Data Protection Board and will be updated when the new draft model clauses are approved.

Depending on the circumstance, Spara also collects and transfers to the U.S. personal data with consent; to perform a contract with you; or to fulfill a compelling legitimate interest of Spara in a manner that does not outweigh your rights and freedoms. Spara endeavors to apply suitable safeguards to protect the privacy and security of your personal data and to use it only consistent with your relationship with Spara and the practices described in this Privacy Statement. Spara also enters into data processing agreements and model clauses with its vendors whenever feasible and appropriate. Since it was founded, Spara has received zero government requests for information.

For more information or if you have any questions, please contact us at privacy@spara.co

Data Subject rights

The European Union’s General Data Protection Regulation (GDPR) and other countries’ privacy laws provide certain rights for data subjects. Data Subject rights under GDPR include the following:

  • Right to be informed

  • Right of access

  • Right to rectification

  • Right to erasure

  • Right to restrict processing

  • Right of data portability

  • Right to object

  • Rights related to automated decision making including profiling

This Privacy Notice is intended to provide you with information about what personal data Spara collects about you and how it is used.

If you wish to confirm that Spara is processing your personal data, or to have access to the personal data Spara may have about you, please contact us.

You may also request information about: the purpose of the processing; the categories of personal data concerned; who else outside Spara might have received the data from Spara; what the source of the information was (if you didn’t provide it directly to Spara); and how long it will be stored. You have a right to correct (rectify) the record of your personal data maintained by Spara if it is inaccurate. You may request that Spara erase that data or cease processing it, subject to certain exceptions. You may also request that Spara cease using your data for direct marketing purposes. In many countries, you have a right to lodge a complaint with the appropriate data protection authority if you have concerns about how Spara processes your personal data. When technically feasible, Spara will—at your request—provide your personal data to you.

Reasonable access to your personal data will be provided at no cost. If access cannot be provided within a reasonable time frame, Spara will provide you with a date when the information will be provided. If for some reason access is denied, Spara will provide an explanation as to why access has been denied.

For questions or complaints concerning the processing of your personal data, you can email us at privacy@spara.co. Alternatively, if you are located in the European Union, you can also have recourse to the European Data Protection Supervisor or with your nation’s data protection authority.

Data storage and retention

Your personal data is stored by the Spara on its servers, and on the servers of the cloud-based database management services the Spara engages, located in the United States. The Spara retains service data for the duration of the customer’s business relationship with the Spara and for a period of time thereafter, to analyze the data for Spara’s own operations, and for historical and archiving purposes associated with Spara’s services. Spara retains prospect data until such time as it no longer has business value and is purged from Spara systems. All personal data that Spara controls may be deleted upon verified request from Data Subjects or their authorized agents. For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at: privacy@spara.co

Children’s data

We do not knowingly attempt to solicit or receive information from children.

Google Workspace Limited Use

The use of raw or derived user data received from Workspace APIs will adhere to the Google User Data Policy, including the Limited Use requirements.

EU & UK Representatives

We value your privacy and your rights as a data subject and have therefore appointed Prighter Group with its local partners as our privacy representative and your point of contact for the following regions:

  • European Union (EU)

  • United Kingdom (UK)

Prighter gives you an easy way to exercise your privacy-related rights (e.g. requests to access or erase personal data). If you want to contact us via our representative, Prighter or make use of your data subject rights, please visit the following website: https://app.prighter.com/portal/spara

Questions, concerns or complaints

If you have questions, concerns, complaints, or would like to exercise your rights, please contact us at:

Spara, Inc.

privacy@spara.co

299 West 12th Street, 15D

New York New York 10014

United States