What we collect.
We collect only what you give us when you book an audit, request a call, or email us — name, work email, company, website, monthly ad spend bracket, channels in use, and free-text context. We collect anonymous, aggregated analytics about how the site is used (page views, time-on-page, referrer) via privacy-respecting tools.
Why we collect it.
To respond to inbound enquiries, send the requested audit brief, schedule kickoff calls, and improve the site. We do not sell, rent, or trade personal data. Ever.
How long we keep it.
Audit-form submissions: 24 months unless we engage further (then for the engagement lifetime + 7 years for tax/regulatory compliance). Newsletter / email list contacts: until you unsubscribe. Anonymous analytics: 14 months rolling.
Your rights.
Access, correction, deletion, portability, objection, and withdrawal of consent — all available on request to hello@roispends.com. We respond within 30 days. EU/UK residents have the right to lodge a complaint with their supervisory authority. California residents have CCPA rights including the right to know, delete, and opt out.
Data transfers.
Our infrastructure runs primarily in the United States. Where personal data is transferred internationally, we rely on standard contractual clauses or equivalent safeguards.
Security.
We use industry-standard encryption in transit (TLS 1.2+) and at rest, principle-of-least-privilege access controls, and incident-response procedures. No system is perfectly secure — we will notify affected parties within 72 hours of any incident requiring disclosure.
Children.
The site is not directed to anyone under 16. We do not knowingly collect data from minors.
Changes.
Material changes posted here with an updated effective date. We do not retroactively reduce protections without notice.
Contact.
Privacy questions or rights requests: hello@roispends.com.
We try to write legal copy you can actually read. If anything here is unclear or you want a translation, email hello@roispends.com.