Privacy Policy

Your privacy is our priority. Learn how we protect your data.

Effective Date: December 15, 2025

Last Updated: December 15, 2025

1. Introduction

Welcome to Onbranded ("we," "our," or "us"), a business intelligence platform operated by Guayoyo LLC. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our web application at app.onbranded.com (the "Service") and related services.

By using our Service, you consent to the data practices described in this policy.

2. Information We Collect

Information You Provide

  • Account information (email address, name, password)
  • Business information (business name, industry)
  • Profile preferences and dashboard settings
  • Feedback and communications with us

Information from Connected Services

When you connect third-party services to Onbranded, we access data from those services to provide our analytics features:

Google APIs (Google Ads, Google Analytics)

When you connect your Google account, we access:

  • Google Ads campaign performance data (impressions, clicks, costs, conversions)
  • Google Ads account structure (campaigns, ad groups, ads)
  • Google Analytics website traffic and conversion data
  • Basic Google account profile information (email, name) for authentication

We only access data necessary to provide our analytics and reporting services. We do not access your Gmail, Google Drive, or other Google services not explicitly listed.

Square APIs

When you connect your Square account, we access:

  • Transaction and payment data
  • Inventory and catalog information
  • Customer data (for analytics purposes only)
  • Order history and sales metrics

Facebook/Meta APIs

When you connect your Facebook Ads account, we access:

  • Ad campaign performance metrics
  • Ad spend and ROAS data
  • Audience insights and demographics

Information Automatically Collected

  • Device information (device type, operating system, browser type)
  • Usage data (features used, pages visited, time spent)
  • Technical data (IP address, error logs, performance data)

3. How We Use Your Information

We use the collected information for the following purposes:

  • Provide Analytics Services: Display unified dashboards, generate reports, and provide business insights
  • AI-Powered Features: Generate intelligent recommendations and anomaly detection using your business data
  • Improve Our Service: Analyze usage patterns to enhance functionality and user experience
  • Communication: Send important updates, alerts, and support communications
  • Security: Detect and prevent fraud, unauthorized access, and other security issues
  • Legal Compliance: Comply with applicable laws and regulations

Google API Data Use Disclosure

Onbranded's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, we:

  • Only use Google data to provide and improve our analytics services
  • Do not sell Google user data to third parties
  • Do not use Google data for advertising purposes
  • Do not transfer Google data to third parties except as necessary to provide our service

4. Information Sharing and Disclosure

We do not sell, trade, or rent your personal information to third parties. We may share your information only in the following circumstances:

  • Service Providers: With trusted third parties who assist in operating our service (hosting, analytics, customer support)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection of Rights: To protect our rights, privacy, safety, or property
  • With Your Consent: When you explicitly consent to sharing

5. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption of data in transit (TLS/SSL) and at rest (AES-256)
  • OAuth 2.0 for secure third-party authentication
  • Regular security audits and vulnerability assessments
  • Limited access to personal information on a need-to-know basis
  • Secure cloud infrastructure with SOC 2 compliance

6. Data Retention

We retain your personal information and connected service data for as long as your account is active or as needed to provide our services.

  • Account Data: Retained until you delete your account
  • Analytics Data: Historical data retained for up to 2 years for trend analysis
  • Connected Service Data: Refreshed regularly; deleted within 30 days of disconnection
  • Backup Data: Retained for up to 90 days for disaster recovery

When you delete your account or disconnect a service, we delete the associated data within 30 days, except where retention is required by law.

7. Your Privacy Rights and Choices

You have the following rights regarding your data:

  • Access: Request a copy of the personal information we hold about you
  • Correction: Request correction of inaccurate information
  • Deletion: Request deletion of your personal information and account
  • Portability: Request your data in a portable format
  • Revoke Access: Disconnect any connected service at any time

How to Revoke Third-Party Access

Google: You can revoke Onbranded's access to your Google data at any time by visiting Google Security Settings and removing Onbranded from your connected apps.

Square: Revoke access through your Square Dashboard under Settings > Authorized Applications.

Facebook: Revoke access through Facebook Settings > Apps and Websites.

You can also disconnect services directly from your Onbranded dashboard at any time.

To exercise these rights, contact us at privacy@onbranded.com

8. Children's Privacy

Onbranded is a business service not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18. If we discover that we have collected information from a child under 18, we will delete it immediately.

9. International Data Transfers

Your information may be transferred to and processed in the United States and other countries where our service providers operate. We ensure appropriate safeguards are in place to protect your information in accordance with this Privacy Policy and applicable data protection laws.

10. Third-Party Services

Our Service integrates with third-party platforms (Square, Google, Facebook). Each of these services has its own privacy policy:

We encourage you to review their privacy policies to understand how they handle your data.

11. California Privacy Rights (CCPA)

If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):

  • Right to know what personal information is collected, used, and shared
  • Right to delete personal information
  • Right to opt-out of the sale of personal information (we do not sell your data)
  • Right to non-discrimination for exercising your privacy rights

To exercise these rights, contact us at privacy@onbranded.com

12. European Privacy Rights (GDPR)

If you are located in the European Economic Area, you have rights under the General Data Protection Regulation (GDPR), including:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure ("right to be forgotten")
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Right to withdraw consent

Our legal basis for processing includes consent, contract performance, and legitimate interests in providing our services.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Posting the updated policy on our website
  • Sending you an email notification
  • Displaying a notice in the application

Your continued use of the Service after changes constitute acceptance of the updated policy.

14. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, please contact us: