Skip to content

Privacy Policy



Effective Date: 01/23/2020

NSB MARKETING, Inc. (“Springbot”, “we”, “us”, or “our”) recognizes the importance of privacy. We streamline the process of automating, analyzing, and personalizing an eCommerce store’s marketing campaigns through an all-in-one platform and data-driven marketing recommendations (collectively, the “Services”). In this Privacy Policy, we describe how we collect, use, and disclose information that we obtain about visitors (“Visitors”) to our website and any related subdomains (collectively, the “Site”); users who have registered accounts with us to use our Services (“Customers”); and the end users of our Customers’ eCommerce stores or individuals that Customers may wish to market to using our Services (“End Users”). Our use of “you” refers collectively to Visitors, Customers, and End Users.

By using any of our Services, Visitors and Customers agree that their information, including personal information, will be collected, used, and disclosed as described in this Privacy Policy. Their use of our Services, and any dispute over privacy, is subject to this Privacy Policy and our Terms of Use, including its applicable limitations on damages and the resolution of disputes. We have no direct relationship with End Users, however, so our Customers are solely responsible for ensuring that they have the appropriate permission for us to collect, use, and disclose information about End Users.

NSB MARKETING Inc. is subject to the investigatory and enforcement authority of the Federal Trade Commission.

Information We Collect

We collect information about you directly from you, from third parties, and automatically through your interaction with our Services. We may combine information that we collect from these various sources.

  • Information We Collect Directly from You. We may collect information about you directly from you. For example, if you create an account with us, we will collect your name, email address, password, and store URL; if you pay for any Services, we will also collect your payment card information and billing address. We will also collect any other information that you provide to us through our Services, such as your name, email address, and the contents of your message if you contact us through our Site.
  • Information We Collect from Third Parties. We may collect information about you from third parties. For example, if you are an End User, we will collect information about you from our Customers. We will also collect information about you from social media platforms, data aggregators, and providers of marketing services. Springbot is not responsible for the privacy practices of third parties from which it receives information about you. Please see our Cookies and Other Tracking Mechanisms section below for more information. In addition, we also automatically collect information about your use of our Services, such as transaction data (e.g., date and time of purchase, amount of purchase), product data (e.g., product purchased, category of product purchased), and behavioral data (e.g., time spent engaging with a particular product).

How We Use Information

We use the information that we collect, including personal information, for the following purposes:

  • Providing and Improving Our Services. To provide and maintain our Services; to improve our Services; to develop new features or services; to perform technical operations, such as updating software; and for other customer service and support purposes.
  • Research and Analytics. To analyze how you interact with our Services; to monitor and analyze usage and activity trends; and for other research, analytical, and statistical purposes.
  • Marketing and Communications. To communicate with Customers about their use of our Services, including to send them updates, respond to their inquiries, and provide them with news and newsletters, special offers, promotions, and other information we think may interest them, and for other informational, marketing, or promotional purposes. Our communications with Customers may include communications via email. Please see our section regarding Your Choices for more information about how to change your communications preferences.
  • Protecting Rights and Interests. To protect the safety, rights, property, or security of Springbot, the Services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity which Springbot, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy or our Terms of Use.
  • Legal Compliance. To comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; to respond to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request from law enforcement or a governmental authority.

How We Disclose Information

We disclose the information that we collect, including personal information, as described to you at the time of collection or as consented by you before disclosure, or as follows:

  • Affiliates. We may disclose information to current or future affiliates or subsidiaries for research, marketing, and other purposes consistent with this Privacy Policy.
  • Service Providers. We may disclose information to our vendors, service providers, agents, or others who perform functions on our behalf. For example, we may disclose information to partners in our data co-op to help Customers expand their markets.
  • Customers. We may disclose information about End Users to our Customers for purposes of providing our Services.
  • Other Unaffiliated Third Parties. We may disclose your information to third parties, including so that those third parties may send marketing information to you.
  • Business Transfers. We may disclose information to another entity in connection with, including during negotiations of, an acquisition or merger, sale or transfer of a business unit or assets, bankruptcy proceeding, or as part of any other similar business transfer.
  • Protecting Rights and Interests. We may disclose information to protect the safety, rights, property, or security of Springbot, the Services, any third party, or the general public; to detect, prevent, or otherwise address fraud, security, or technical issues; to prevent or stop activity which Springbot, in its sole discretion, may consider to be, or to pose a risk of being, an illegal, unethical, or legally actionable activity; to use as evidence in litigation; and to enforce this Privacy Policy or our Terms of Use.
  • Legal Compliance. We may disclose information to comply with applicable legal or regulatory obligations, including as part of a judicial proceeding; in response to a subpoena, warrant, court order, or other legal process; or as part of an investigation or request from law enforcement or a government official.
  • Aggregate and De-Identified Information. We may disclose aggregate, anonymous, or de-identified information for marketing, advertising, research, compliance, or other purposes.

Cookies and Other Tracking Mechanisms

We or our service providers use cookies and other tracking mechanisms to track information about how you use our Services. We or our service providers may combine this information with other information, including personal information, we collect about you.

Cookies. Cookies are alphanumeric identifiers that we transfer to a computer’s hard drive through a web browser for record-keeping purposes. Some cookies allow us to make it easier for you to navigate our Services, while others are used to enable a faster log-in process or to allow us to track your activities while using our Services. Most web browsers automatically accept cookies, but if you prefer, you can edit your browser options to block them in the future. The Help portion of the toolbar on most browsers provides information about how to prevent a computer from accepting new cookies, how to have the browser notify upon receiving a new cookie, or how to disable cookies altogether. Users who disable cookies will be able to browse certain areas of the Services, but some features may not function.

Clear GIFs, pixel tags and other technologies. Clear GIFs are tiny graphics with a unique identifier, similar in function to cookies. In contrast to cookies, which are stored on a computer’s hard drive, clear GIFs are embedded invisibly on web pages. We may use clear GIFs (also referred to as web beacons, web bugs or pixel tags) in connection with our Services to, among other things, track user activities, help us manage content, and compile statistics about usage of our Services. We and our service providers also use clear GIFs in HTML emails to you, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.

Third-Party Analytics

We may use third-party analytics companies, such as Google Analytics, to evaluate use of our Services. We or our service providers use these tools to help us understand use of, and to improve, our Services, performance, and user experiences. These entities may use cookies and other tracking technologies, such as web beacons or local storage objects (“LSOs”), to perform their services. To learn more about Google’s privacy practices, please see the Google Privacy Policy; to opt out of being tracked by Google Analytics, you can download the Google Analytics Opt-out Browser Add-on.

Do Not Track Disclosure

Our Services do not respond to Do Not Track signals. For more information about Do Not Track signals, please click here. You may, however, disable certain tracking as discussed in the Cookies and Other Tracking Mechanisms section above (e.g., by disabling cookies).

Interest-Based Advertising

We use third parties such as network advertisers to display advertisements on our Services, to assist us in displaying advertisements on third-party services, and to evaluate the success of advertising campaigns. You may opt out of many third-party ad networks, including those operated by members of the Network Advertising Initiative (“NAI”) and the Digital Advertising Alliance (“DAA”). For more information regarding this practice by NAI members and DAA members, and your choices regarding having this information used by these companies, including how to opt out of third-party ad networks operated by NAI and DAA members, please visit their respective websites: (NAI) and (DAA).

Opting out of one or more NAI member or DAA member networks (many of which will be the same) only means that those members no longer will deliver targeted content or ads to you. It does not mean you will no longer receive any targeted content or ads on our Services or other services. You may continue to receive advertisements, for example, based on the particular website that you are viewing (i.e., contextual advertising). Also, if your browsers are configured to reject cookies when you visit an opt-out page, or you subsequently erase your cookies, use a different computer or change web browsers, your NAI or DAA opt out may no longer be effective.

Third-Party Collection

Our Services may contain links to third-party websites and applications or integrate with services provided by third parties. Any access to and use of such linked websites, applications, or third-party services is not governed by this Privacy Policy but instead is governed by the privacy policies of those third parties. We are not responsible for the information practices of such third parties, and we encourage you to read their privacy policies.

Transfers to Third Parties. As described above, we transfer personal information from the EU to third parties. We contractually require third parties to whom we transfer personal information to provide the same level of protections as the Principles. If we transfer personal information to a third party for its own use, individuals may opt-out of this type of transfer by contacting NSB MARKETING Inc. remains responsible for the personal information we receive and transfer under Privacy Shield.


We have taken steps to help protect the personal information we collect. However, no data security measures can guarantee 100% security. You should take steps to protect against unauthorized access to your devices by, among other things, choosing a robust password that nobody else knows or can easily guess and keeping your log-in and password private.

Your Choices

Updating or Deleting Personal Information. Visitors and Customers may correct or delete the personal information that they provide to us by emailing us at and describing their request to update or delete their personal information. Please note that we may retain certain information about them as required by law or as permitted by law for legitimate business purposes (e.g., in accordance with our record retention policies or to enforce our Terms of Use). End Users who wish to correct or delete the personal data that we use on behalf of Customers should contact the Customer with which they interact to make such a request.

Opting out of Email Communications. We may send periodic promotional or informational emails to Visitors and Customers. Visitors and Customers may opt out of such communications by following the opt-out instructions contained in the email or contacting us at the Contact Us information below. Please note that it may take up to 10 business days for us to process opt-out requests. If Visitors or Customers opt out of receiving marketing emails from us, we may still send them non-promotional emails (e.g., about their account with us). If you are an End User that receives emails from one of our Customers and you no longer want to be contacted by that Customer, please unsubscribe directly from that Customer’s communication or contact the Customer directly to update your email preferences.

Your California Privacy Rights — California Residents Only

This section contains information that applies solely to the visitors, users and others who are residents for the State of California, as defined in Section 17014 of Title 18 of the California Code of Regulations. This section is effective as of January 1, 2020 to comply with the California Consumer Privacy Act of 2018 (‘CCPA”).

Any terms defined in CCPA have the same meaning when used in this section.

Information We Collect and the Purposes for Which this Information is Used. We collect information that identifies, describes, references, is capable of being associated with, or could reasonably be linked with a particular customer or device.

Below are the CCPA categories of personal information we have collected from consumers within the last twelve months. Personal information in certain categories may overlap with other categories.


Category Collected Details Source
Identifiers Yes Device IP address, email address, cookie string data, pseudonymous data (e.g. hashed emails), operating system, and (in the case of mobile devices) your device type, and mobile device’s identifier (such as the Apple IDFA or Android Advertising ID) and any other unique identifier that may be assigned to any device by third parties and cross-referenced to recognize a device. Directly and indirectly from consumers, third party data providers and Advertising Partners.
Personal Information listed in the California Customer Records statute Yes Name, business address, business telephone number, education, employment and employment history.

The perceived general education level of consumers may be collected for marketing, advertising and analytics to the extent relevant for providing marketing or advertising.

Directly and indirectly from consumers, third party data providers and Advertising Partners.
Protected classification characteristics under California or federal law Yes Limited to age ranges such as 35-44, 45-54, 55-64 and 65+ and male/female gender categories are sometimes collected. From third party data providers.
Commercial Information Yes Records of products or services purchased, obtained or considered, or other purchasing or consuming histories or tendencies. Directly from consumers and third party data providers.
Biometric Information No    
Internet Activity Yes Browsing history, search history, information on a consumer’s interaction with a website, application, or advertisement. For example, which pages you visited and when, what items were clicked on a page, how much time was spent on a page, whether you downloaded a white paper on a B2B website, what items you placed into your online shopping cart, what products were purchased and the price of the products purchased. Directly from cookie browsing history on digital properties. Non-personal information may be connected with browsing history or activity for the purposes of determining attribution information.
Geolocation Data Yes Physical address and Non-precise geolocation derived from IP address. Directly from consumers and third party data providers.
Sensory Data No    
Professional or Employment related information No    
Non-public education information No    


Sharing Personal Information. We may disclose your personal information to a third party for a business purpose (as set out above) or sell your personal information, subject to your right to opt-out of those sales.

Disclosure of Personal Information for a Business Purpose

With the exception of the Springbot Exchange, Springbot’s Services do not amount to a sale of personal information. Instead, Springbot discloses personal data for business purposes, primarily to perform its advertising, marketing and analytical Services.

In the preceding twelve (12) months, we have disclosed the following categories of personal information for our business purposes and/or the Springbot Exchange:

  • Category A: Identifiers;
  • Category B: California Customer Records personal information categories;
  • Category C: Protected classification characteristics under California or federal law;
  • Category D: Commercial information;
  • Category F: Internet or other similar network activity;
  • Category G: Non-precise geolocation derived from IP address; and,
  • Category K: Inferences drawn from other personal information.

Sales of Personal Information. In the preceding (12) twelve months, as part of participation in the Springbot Exchange, we have sold personal information in the form of business emails from Category A (Identifiers).

Other than the Springbot Exchange, we do not consider that our Services constitute a ‘sale of personal information’ under the CCPA. Instead, in the course of providing our Services, we disclose personal information for business purposes.

However, we aim to provide consumers with control over the collection and use of their personal information. Consistent with this goal, we will honor requests from consumers to “opt-out” of the collection and disclosure of their personal information. Your Rights and Choices section below provides instructions on how to opt-out of our collection and disclosure of personal information.

Your Rights and Choices. The CCPA provides California residents with specific rights regarding their personal information. This section describes the rights of California residents under CCPA and provides information on how to exercise those rights.

Right to Know and Data Portability Rights. You have the right to request that we disclose certain information to you about our collection and use of personal information over the past 12 months. Once we receive and confirm your verifiable consumer request, we will disclose to you:

  • The categories of personal information we collected about you;
  • The categories of sources for the personal information we collected about you;
  • Our business or commercial purpose for collecting or selling that personal information;
  • The categories of third parties with whom we share that personal information;
  • The specific pieces of personal information we collected about you (otherwise known as a data portability request); and
  • Two separate lists where we have sold or disclosed your personal information for a business purpose:
  • Sales: identifying the personal information categories that each category of recipient purchased; and
  • Disclosures for a business purpose: identifying the personal information categories that each category of recipient obtained

Right to Delete. You have the right to request that we delete any of your personal information that we collect from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our services providers to delete) your personal information from our records, unless an exception applies.

Exercising Right to Know, Data Portability and Right to Deletion. To exercise the access, data portability, and deletion rights described above, please submit verifiable consumer request to us by Emailing us at 

Only you, or an authorized agent that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information. An authorized agent can be any person or business entity. If it is a business entity it must be registered with the California Secretary of State. You may also make a verifiable consumer request on behalf of your minor child.

Personal Information Sales Opt-Out Rights. To exercise the right to opt-out of our sale of your Contact Data or to opt out of interest-based advertising, you (or your authorized representative) may submit a request to us by visiting the Do Not Sell My Personal Information webpage.

Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights.

However, we may offer you certain financial incentives permitted by CCPA that can result in different prices, rates or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information’s value and contain written terms that describe the program’s material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.


Our Services are not targeted to children under thirteen (13) years of age, and we do not knowingly collect personal information from children under 13. If we discover that a child under 13 has provided us with personal information, we will promptly delete such personal information from our systems.

Privacy Shield

Springbot complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States.  Springbot has certified to the Department of Commerce that it adheres to the Privacy Shield Principles.  If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit

In compliance with the Privacy Shield Principles, Springbot commits to resolve complaints about our collection or use of your personal information.  EU and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Springbot at:

Springbot has further committed to refer unresolved Privacy Shield complaints to VeraSafe, an alternative dispute resolution provider located in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please contact or visit VeraSafe for more information or to file a complaint.  The services of VeraSafe are provided at no cost to you.

Dispute Resolution

Contacting Us, Complaints and Dispute Resolution. EU individuals who have questions or complaints about how we process their personal information may contact us at or contact our E.U resolution partner Verasafe. We will work to resolve your issue as quickly as possible, but in any event no later than 45 days of receipt.

Within the scope of this privacy notice, if a privacy complaint or dispute cannot be resolved through NSB MARKETING  Inc.’s internal processes, NSB MARKETING Inc. has agreed to participate in the VeraSafe Privacy Shield Dispute Resolution Procedure. Subject to the terms of the VeraSafe Privacy Shield Dispute Resolution Procedure, VeraSafe will provide appropriate recourse free of charge to you. To file a complaint with VeraSafe under the Privacy Shield Dispute Resolution Procedure, please submit the required information to VeraSafe here:

Individuals may also submit complaints through their local Data Protection Authority (DPA). We will work with the Department of Commerce to resolve any complaints forwarded by a DPA.  Finally, if we are unable to resolve any complaints through any of the above methods, an EU individual may invoke binding arbitration in accordance with the Privacy Shield Framework.

Contact Us

If you have questions about the privacy aspects of our Services or for further information about our data privacy policies and practices, please contact us at

Changes to this Privacy Policy

This Privacy Policy is current as of the Effective Date set forth above. We may change this Privacy Policy from time to time, so please be sure to check back periodically. We will post any changes, including any material changes, to this Privacy Policy on our Site.