Privacy Policy

Welcome to Static Spark (the “Service”, “we”, “us”, or “our”), operated by Static Spark, LLC. Static Spark is a web application that helps businesses and agencies monitor marketing and analytics data— including Meta (Facebook) pixel quality metrics, Google Analytics 4 (GA4) property data, Elevar event feeds, and related alerts— in one dashboard.

This Privacy Policy describes how we collect, use, disclose, and protect information when you use our website and application at https://staticspark.com and related services (collectively, the “Services”).

By using the Services, you agree to the practices described in this Policy.

• “Personal Data” means information relating to an identified or identifiable individual.
• “Usage Data” means data collected automatically when you use the Services (for example, log data, device and browser information).
• “Account Data” means information you provide to create and manage your Static Spark account.
• “Connected Data” means data we retrieve from third-party platforms you authorize (such as Google Analytics, Meta, or Elevar) and store to provide the Services.
• “Service Providers” means third-party companies or individuals that process data on our behalf to operate the Services.

We use collected information to:

• Provide, maintain, and improve the Services (dashboards, sync jobs, alerts, and reporting).
• Authenticate users and manage accounts, organizations, roles, and access controls.
• Sync and display analytics and pixel quality data from platforms you connect.
• Send service-related communications (for example, password reset messages and alert notifications).
• Monitor performance, troubleshoot errors, and protect against fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our terms and policies.

We may share information in the following circumstances:

• Service Providers who help us operate the Services (for example, Google Cloud Platform for hosting, databases, storage, task queues, logging, and Pub/Sub).
• Within your organization — other users in your Static Spark organization may see data you connect, according to your organization's configuration and role permissions.
• With your direction — when you authorize integrations with Google, Meta, Elevar, or similar platforms.
• Legal requirements — when required by law, regulation, legal process, or to protect rights, safety, and security.
• Business transfers — in connection with a merger, acquisition, or sale of assets, subject to continued protection of Personal Data.

We do not sell Personal Data.

Static Spark's use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

• We access Google user data (including GA4 analytics data) only to provide and improve user-facing features in Static Spark.
• We do not use Google user data for serving advertisements.
• We do not allow humans to read Google user data except when necessary to provide the Services, comply with applicable law, or with your explicit consent for support.
• We store OAuth tokens securely and use them only to sync and display analytics you authorize.

We use cookies and similar technologies to maintain login sessions, remember preferences (such as “remember me”), protect against cross-site request forgery, and keep the application secure. You can configure your browser to refuse cookies, but some parts of the Services may not function properly without them.

Static Spark is hosted on Google Cloud infrastructure in the United States. If you access the Services from outside the United States, your information may be transferred to, stored in, and processed in the United States or other countries where our Service Providers operate. We take appropriate safeguards where required by applicable law.

We retain Personal Data, Account Data, and Connected Data for as long as your account is active or as needed to provide the Services, comply with legal obligations, resolve disputes, and enforce agreements. Historical analytics synced into Static Spark may be retained according to your channel configuration until you delete the channel, organization data, or your account (subject to backup and legal retention limits). When data is no longer needed, we delete or anonymize it within a reasonable period.

Depending on your location, you may have rights regarding your Personal Data, including:

• Accessing, correcting, or updating your account information in Settings.
• Disconnecting third-party integrations (Google Analytics, Meta) from channel settings.
• Revoking OAuth access through Google or Meta account settings.
• Requesting deletion of your account or specific data by contacting us.
• Opting out of non-essential communications where applicable.

Residents of the European Economic Area, United Kingdom, and California may have additional rights under applicable privacy laws (including GDPR and CCPA/CPRA). To exercise your rights, contact us using the information below. We may need to verify your identity before responding.

The Services are not intended for individuals under 18 years of age. We do not knowingly collect Personal Data from children under 18. If you believe we have collected such data, please contact us and we will take steps to delete it.

We implement commercially reasonable technical and organizational measures to protect Personal Data, including encryption in transit (HTTPS), access controls, and secure credential storage. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

We may update this Privacy Policy from time to time. We will post the updated policy on this page and revise the effective date above. Material changes may also be communicated through the Services or by email. Your continued use of the Services after changes are posted constitutes acceptance of the updated Policy.

If you have questions about this Privacy Policy or our data practices, contact us at: