SpearPoint LogoSpearPoint

Privacy Policy

Effective Date: March 1, 2026

Version: 2.0

1. Introduction

SpearPoint Data, LLC ("SpearPoint Data," "we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you access or use our website, applications, and related services (collectively, the "Service").

This Privacy Policy applies to all users of the Service and is incorporated by reference into our Terms of Service. By accessing or using the Service, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, you must not use the Service.

We may update this Privacy Policy from time to time. If we make material changes, we will notify you by email (sent to the email address specified in your account) or by posting a conspicuous notice on the Service prior to the change becoming effective. Your continued use of the Service after the effective date of any changes constitutes your acceptance of the revised Privacy Policy.

2. Information We Collect

We collect several types of information from and about users of the Service:

2.1 Information You Provide Directly

  • Account Registration Data: When you create an account, we collect your name, email address, and password. You may optionally provide additional profile information.
  • Payment and Billing Information: When you subscribe to a paid plan, our third-party payment processor collects your payment card details on our behalf. SpearPoint Data receives only limited payment information, such as the last four digits of your card, card type, and expiration date. We do not store full payment card numbers on our servers.
  • Communications: If you contact us directly (e.g., via email or our contact form), we collect your name, email address, and the content of your communication.
  • User Preferences: Information about legislators, bills, topics, and states you choose to follow or track within the Service.

2.2 Information Collected Automatically

When you access or use the Service, we automatically collect certain information, including:

  • Usage Data: Information about how you interact with the Service, including pages viewed, features used, search queries, time spent on pages, links clicked, and other actions taken within the Service.
  • Log Data: Server logs that record information such as your IP address, browser type and version, operating system, referring and exit URLs, date and time of your visit, and pages viewed.
  • Device Information: Information about the device you use to access the Service, including device type, unique device identifiers, screen resolution, and language settings.
  • Location Data: General geographic location inferred from your IP address (city- or region-level). We do not collect precise GPS location.
  • Cookies and Tracking Technologies: We use cookies, web beacons, pixel tags, local storage, and similar technologies to collect information. See Section 11 (Cookies) for more details.

2.3 Security and Audit Data

For security and compliance purposes, we maintain audit logs that record certain user actions, including account creation, login events, terms acceptance (including the date, time, version, and IP address at acceptance), subscription changes, and administrative actions. This data is used to detect fraud, investigate incidents, and comply with legal obligations.

2.4 Information from Third Parties

We may receive information about you from third parties, including:

  • Authentication Providers: If you sign in using a third-party sign-in option, we receive the information you have authorized that provider to share with us, typically including your name and email address.
  • Payment Processors: Our payment processor may provide us with information related to your subscription status, payment history, and any payment disputes.

3. How We Collect Information

We collect information through the following methods:

  • Direct Interactions: Information you provide when you register, subscribe, contact us, or use interactive features of the Service.
  • Automated Technologies: Cookies, server logs, web beacons, and similar technologies as you navigate through and interact with the Service.
  • Third-Party Sources: Information received from our service providers, partners, and authentication services.
  • Automated Security Verification: We use automated security verification technology to protect the Service from abuse. This technology may collect hardware and software information about your device for analysis.

4. How We Use Your Information

We use the information we collect for the following purposes:

4.1 Providing and Operating the Service

  • To create and manage your account and authenticate your identity;
  • To process your subscription payments and manage billing;
  • To deliver the features and functionality of the Service, including legislative tracking, notifications, and AI summaries;
  • To send you transactional emails related to your account (e.g., email verification, password reset, subscription confirmations, payment receipts);
  • To send you notifications about legislators, bills, or topics you follow (where you have opted in).

4.2 Improving and Personalizing the Service

  • To understand how users interact with the Service and identify opportunities for improvement;
  • To personalize your experience based on your preferences and usage history;
  • To conduct research and analysis to develop new features and services;
  • To monitor and analyze usage and trends.

4.3 Security, Safety, and Legal Compliance

  • To detect, investigate, and prevent fraud, abuse, security incidents, and other harmful activity;
  • To enforce our Terms of Service and other policies;
  • To maintain audit logs for security and compliance purposes;
  • To comply with applicable legal and regulatory obligations;
  • To respond to legal process and cooperate with law enforcement agencies.

4.4 Communications

  • To respond to your inquiries and provide customer support;
  • To send administrative communications about the Service;
  • To send you marketing communications about SpearPoint features and updates (only where you have consented or where permitted by applicable law; you may opt out at any time).

5. How We Share Your Information

We do not sell your personal information. We may share your information in the following circumstances:

5.1 Service Providers

We share information with trusted third-party service providers who assist us in operating the Service, subject to confidentiality obligations. These providers include payment processors, cloud infrastructure providers, AI service providers, email delivery services, and automated security verification services. These providers are authorized to use your information only as necessary to provide services to us.

5.2 Legal Requirements and Safety

We may disclose your information if we believe in good faith that disclosure is necessary to:

  • Comply with applicable law, regulation, legal process, or enforceable governmental request;
  • Enforce our Terms of Service or other agreements;
  • Detect, prevent, or address fraud, security, or technical issues;
  • Protect the rights, property, or safety of SpearPoint Data, LLC, our users, or the public.

5.3 Business Transfers

If SpearPoint Data, LLC is involved in a merger, acquisition, asset sale, reorganization, or bankruptcy proceeding, your information may be transferred as part of that transaction. We will notify you via email and/or a prominent notice on the Service of any change in ownership or uses of your personal information, as well as any choices you may have regarding your information.

5.4 With Your Consent

We may share your information for other purposes with your explicit consent.

5.5 Aggregated and De-Identified Data

We may share aggregated or de-identified information that cannot reasonably be used to identify you. For example, we may share anonymized usage statistics with partners or publish them publicly.

6. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • Account Data: Retained for the duration of your account and for a reasonable period thereafter. When you request account deletion, we will delete or anonymize your account data within 30 days, subject to legal retention requirements.
  • Payment Records: Billing and transaction records are retained for at least seven (7) years for financial and tax compliance purposes.
  • Audit Logs: Security and audit logs are retained for at least one (1) year.
  • Communications: Customer support communications are retained for as long as reasonably necessary to resolve your inquiry and for a period thereafter for quality assurance and dispute resolution.

7. Security of Your Information

We implement industry-standard administrative, technical, and physical security measures to protect your personal information against unauthorized access, disclosure, alteration, and destruction. These measures include:

  • Encryption of data in transit using TLS/SSL protocols;
  • Encryption of sensitive data at rest;
  • Secure storage of sensitive credentials and API keys;
  • Role-based access controls limiting access to personal data to authorized personnel;
  • Regular security reviews and monitoring;
  • Automated bot detection and protection on our authentication endpoints;
  • Database access controls to protect stored information.

Despite our efforts, no security measures are completely impenetrable. We cannot guarantee the absolute security of your information. If you believe your account has been compromised, please contact us immediately at contact@spearpointdata.com. In the event of a data breach that affects your rights or freedoms, we will notify you and relevant authorities as required by applicable law.

8. Your Rights and Choices

You may have the following rights regarding your personal information:

8.1 Access and Portability

You have the right to request a copy of the personal information we hold about you.

8.2 Correction

You have the right to request that we correct inaccurate or incomplete personal information we hold about you.

8.3 Deletion

You may request deletion of your personal information. We will honor such requests subject to our legal obligations to retain certain data (e.g., billing records for tax purposes, audit logs for security compliance).

8.4 Opt-Out of Marketing

You may opt out of receiving marketing emails from us by clicking the "unsubscribe" link in any marketing email or by contacting us at contact@spearpointdata.com. You will continue to receive transactional emails related to your account.

8.5 How to Exercise Your Rights

To exercise any of the rights described above, please submit a request to us at contact@spearpointdata.com. We will respond within a reasonable timeframe. We may need to verify your identity before fulfilling your request.

9. California Privacy Rights (CCPA/CPRA)

If you are a California resident, the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA) provides you with specific rights regarding your personal information:

  • Right to Know: The right to request disclosure of the categories and specific pieces of personal information we have collected about you, the categories of sources from which we collected it, the business or commercial purposes for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: The right to request deletion of personal information we have collected from you, subject to certain exceptions.
  • Right to Correct: The right to request correction of inaccurate personal information we hold about you.
  • Right to Opt-Out of Sale/Sharing: We do not sell personal information. We do not share personal information for cross-context behavioral advertising.
  • Right to Limit Use of Sensitive Personal Information: You have the right to limit our use and disclosure of sensitive personal information to uses necessary to provide the Service.
  • Right to Non-Discrimination: We will not discriminate against you for exercising your CCPA rights.

To submit a verifiable consumer request, contact us at contact@spearpointdata.com. We will verify your identity before processing your request. You may also designate an authorized agent to make requests on your behalf.

In the past twelve (12) months, we have collected the following categories of personal information: identifiers (name, email, IP address), payment information (processed by our payment processor), internet or electronic network activity, geolocation data (inferred from IP), and inferences drawn from usage data.

10. Children's Privacy (COPPA)

The Service is not directed to children under the age of 18, and we do not knowingly collect personal information from anyone under 18. If you are under 18, do not use the Service or provide any information to us. If we learn that we have inadvertently collected personal information from a child under 18, we will promptly delete that information. If you believe we may have information from or about a child under 18, please contact us at contact@spearpointdata.com.

11. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect and store information about your use of the Service. Here is a breakdown of the types of cookies we use:

  • Strictly Necessary Cookies: These cookies are essential for the operation of the Service, including session management, authentication, and security verification. These cookies cannot be disabled without affecting core functionality.
  • Functional Cookies: These cookies enable enhanced functionality and personalization, such as remembering your preferences (e.g., dark mode, followed legislators).
  • Analytics Cookies: These cookies help us understand how users interact with the Service by collecting and reporting information anonymously. We may use this data to improve the Service.
  • Security Cookies: We use automated security verification cookies to protect the Service from bot attacks and unauthorized automated access.

You can control cookies through your browser settings. Note that disabling certain cookies may affect the functionality of the Service.

12. Data Storage

SpearPoint Data, LLC is operated in the United States. Your information is stored and processed in the United States. If you access the Service from outside the United States, please be aware that your information will be transferred to, stored, and processed in the United States, where data protection laws may differ from those in your country.

13. Do Not Track

Some browsers have a "Do Not Track" (DNT) feature that signals to websites that you do not want your online activity tracked. The Service does not currently respond to DNT signals. If a standard for DNT compliance is established and adopted by the industry, we will reassess our practices.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we update the Privacy Policy, we will revise the "Effective Date" at the top of this page. For material changes, we will provide more prominent notice (including email notification where applicable). We encourage you to review this Privacy Policy periodically.

15. Contact Us

If you have questions or comments about this Privacy Policy, or wish to exercise any of your privacy rights, please contact us: