We are featured on Michael Kitces Advisor Mapcheck it out

Privacy Policy

SpacesOS Inc

Effective Date: February 24, 2026

Last Updated: February 24, 2026

1. Introduction and Mission

SpacesOS Inc (also known as Spaces) is an AI-powered prospecting and growth platform built to help financial advisory firms, RIAs, and independent advisors grow organically by generating booked calls through intelligent outreach. In doing so, we are committed to protecting the privacy and security of the data entrusted to us by our users, their firms, and the prospects they serve.

This Privacy Policy explains how SpacesOS Inc ("Company," "we," "us," or "our") collects, uses, discloses, and protects personal information in connection with our website, application, and tracking tools (collectively, the "Services").

By accessing or using the Services in any manner, you acknowledge that you accept the practices described in this Privacy Policy and consent to the collection, use, and disclosure of your information as described herein. Your use of the Services is also governed by our Terms of Service, which incorporates this Privacy Policy by reference.

We may update this Privacy Policy from time to time. If we make material changes, we will alert you by posting a notice on our website, sending an email, or by other reasonable means. Your continued use of the Services after changes are posted constitutes your acceptance of the updated policy.

This Privacy Policy does not cover the practices of third-party websites, applications, or services that we do not own or control.

2. What This Privacy Policy Covers

This Privacy Policy covers how we treat Personal Data gathered when you:

  • Visit or interact with our website
  • Use the SpacesOS Inc application or dashboard
  • Install or allow the SpacesOS Inc tracking pixel on your site
  • Connect third-party tools (such as email, CRM, or calendar integrations) to SpacesOS Inc

"Personal Data" means any information that identifies or relates to a particular individual, including what various U.S. state privacy laws refer to as "personal information," "personal data," or "sensitive personal information."

This Policy does not cover websites or services we do not control. If you connect SpacesOS Inc to a third-party tool, that tool's own privacy policy governs its data practices.

3. Personal Data We Collect

The following describes the categories of Personal Data we collect and have collected over the past 12 months, organized by type:

3.1 Identifiers and Contact Information

  • First name, last name, and professional title
  • Business email address and phone number
  • Firm name and professional role or job title
  • Account credentials (username and login identifiers)
  • Mailing or business address

3.2 Business and Firm Information

  • Advisory, RIA, or financial practice details you provide
  • Teams, seats, or users you add to your SpacesOS Inc account
  • Outreach preferences, target segments, and territories
  • Professional interests (inferred from usage and public signals)

3.3 Usage and Device Information

  • IP address and approximate geographic location
  • Browser type, version, and device type
  • Operating system and platform
  • Pages viewed, features used, buttons clicked, and timestamps
  • Log data, session durations, and referring pages
  • Location data, if you use a location-enabled browser

3.4 Pixel and Tracking Data

When our pixel or tracking snippet loads on your website, we may receive technical information about that visit - including page URL, time on page, device and browser identifiers, and IP address - to power visitor identification and engagement features. You are responsible for implementing a compliant consent mechanism on your site so that the pixel does not fire for visitors who decline tracking.

3.5 Communications Data

  • Support tickets, emails, and live chat messages
  • Demo requests and associated notes
  • Survey responses, questionnaire submissions, and feedback
  • Free-form text you enter into the Services

3.6 Billing and Transaction Data

Billing name, contact information, and payment details for SpacesOS Inc subscribers. Payments are processed by our third-party payment partner - we do not store full card numbers. We do not intentionally collect consumer financial account numbers, Social Security numbers, or other high-risk sensitive identifiers through the core Spaces experience.

3.7 Third-Party and Publicly Sourced Data

We may also collect or receive Personal Data from external sources, including:

  • Business intelligence and lead enrichment platforms (e.g., RB2B, Warmly, Snitcher)
  • Publicly available professional sources such as LinkedIn, company websites, and corporate directories
  • Analytics providers (e.g., PostHog)
  • Advertising and retargeting platforms (e.g., LinkedIn Insight Tag)
  • Third-party services you authorize, such as email, CRM, and calendar integrations

4. Financial Advisor-Specific Processing

Because SpacesOS Inc is purpose-built for financial advisory firms, we process certain data in ways tailored to this industry:

4.1 Visitor and Engagement Intelligence

If you add our pixel or tracking snippet to your website, we process visit-level technical data to surface which organizations or individuals are engaging with your content - helping you prioritize outreach and identify warm prospects before you reach out.

4.2 Prospect Scoring and Prioritization

We use activity signals, recency data, and fit indicators to help you rank and prioritize prospects within your SpacesOS Inc account. Our AI agents analyze these signals to surface the highest-value opportunities and initiate outreach on your behalf.

4.3 Outbound Outreach and Appointment Booking

When our AI agents conduct outreach and book calls on your behalf, we process prospect contact details solely to execute that workflow. You control which prospects are contacted and what compliance rules govern your outreach practice.

4.4 Your Data Stays Your Data

We do not use your customer, prospect, or account data to train generalized AI or machine learning models that benefit other SpacesOS Inc customers. We may use your data to personalize and improve AI outputs within your own account or tenant, but we do not pool your client lists to build shared models. Additionally, data from Google Workspace or Microsoft integrations will not be used to develop, improve, or train any generalized AI or ML models.

4.5 You Control Who You Contact

SpacesOS Inc provides AI-powered tools to support your outreach efforts. You remain responsible for decisions about whether, when, and how to contact prospects, and for ensuring your outreach complies with all applicable regulations - including FINRA rules and SEC guidance relevant to your firm.

5. How We Use Your Personal Data

5.1 Providing and Improving the Services

  • Creating and managing your account and workspace
  • Processing transactions and billing
  • Providing products, services, or information you request
  • Powering AI-driven prospect identification, scoring, and outreach
  • Booking calls and managing appointment workflows on your behalf
  • Personalizing your dashboard, recommendations, and AI agent behavior
  • Providing customer support
  • Testing, research, internal analytics, and product development
  • Fraud prevention, security monitoring, and debugging

5.2 Marketing and Communications

  • Marketing the Services to you (you may opt out at any time)
  • Responding to your correspondence and inquiries
  • Sending service, security, and billing notifications

5.3 Legal and Compliance

  • Fulfilling legal obligations under applicable law, regulation, or court order
  • Preventing, detecting, and investigating security incidents or prohibited activities
  • Protecting the rights, property, or safety of SpacesOS Inc, our users, or others
  • Enforcing our agreements and resolving disputes
  • Responding to claims that content violates third-party rights

Automated Decision-Making: We may use automated systems, including AI, to profile business professionals and identify prospective clients based on job titles, industry signals, and publicly available data. However, all final decisions about whether to contact an individual are reviewed and directed by a human. We do not make solely automated decisions that produce legal or similarly significant effects on individuals.

We will not collect additional categories of Personal Data or use the data we have collected for materially different, unrelated, or incompatible purposes without providing notice or obtaining consent where required.

6. Sources of Personal Data

We collect Personal Data from the following categories of sources:

6.1 Directly from You

  • When you create an account or use our interactive tools and Services
  • When you voluntarily provide information through forms, surveys, or questionnaires
  • When you contact us by email or other means
  • When you book a demo or strategy call

6.2 Automatically Through Your Use of the Services

  • Through cookies and similar tracking technologies (see Section 10)
  • From your browser or device when you access the Services
  • Through location-enabled browsers, where applicable
  • From applications or integrations you install or connect

6.3 From Third Parties

  • Business intelligence and lead enrichment providers
  • Publicly available professional sources (LinkedIn, company websites, corporate directories)
  • Third-party services you authorize (email, CRM, calendar, audience tools)
  • Analytics and advertising partners

7. Legal Basis for Processing

We rely on the following legal bases for processing your Personal Data:

  • Consent: Where you have given us explicit consent, such as opting into marketing emails or SMS communications.
  • Legitimate Interests: Where processing is necessary for our legitimate business interests - such as identifying potential clients, improving the Services, and preventing fraud - provided those interests are not overridden by your rights.
  • Contract Performance: Where processing is necessary to deliver the Services under a contract with you or to take steps at your request before entering a contract.
  • Legal Obligation: Where we are required to process your data to comply with applicable law.

8. How We Disclose Your Personal Data

We do not sell your Personal Data. We may share your information with the following categories of recipients:

8.1 Service Providers and Processors

Trusted third-party vendors who process data on our behalf, including:

  • Hosting, technology, and communication providers
  • Security and fraud prevention consultants
  • Analytics providers (e.g., PostHog)
  • Lead enrichment and B2B identification tools (e.g., RB2B, Warmly, Snitcher)
  • Advertising and retargeting platforms (e.g., LinkedIn Insight Tag)
  • Payment processors and billing platforms
  • CRM, scheduling, and communications software providers
  • SMS service providers - mobile numbers are shared solely to deliver messaging on your behalf and are never sold or shared for third-party marketing

8.2 Integrations You Authorize

If you connect SpacesOS Inc to third-party tools such as Gmail, Outlook, CRMs, calendars, or audience platforms, we will share data with those tools only to execute the workflow you have enabled. Those tools' privacy policies govern their own data handling. Data obtained through Google or Microsoft APIs is used only to provide the features you have enabled and will not be used to develop, improve, or train generalized AI or ML models.

8.3 Business Transfers

If SpacesOS Inc undergoes a merger, acquisition, bankruptcy, or sale of assets, your Personal Data may be transferred as part of that transaction. We will provide notice before your data is transferred and becomes subject to a different privacy policy.

8.4 Legal Requirements

We may disclose Personal Data if required by law or in response to valid requests from public authorities - such as a court or government agency - or to protect the rights, property, or safety of SpacesOS Inc, our users, or others.

8.5 Aggregated or De-Identified Data

We may create aggregated, de-identified, or anonymized data from the Personal Data we collect by removing information that makes it personally identifiable. We may use and share such data for lawful business purposes - including analyzing, building, and improving the Services - provided it will not be disclosed in a manner that could identify you.

9. Google and Microsoft API Data

If you connect Gmail, Google Workspace, Outlook, or Microsoft 365 to SpacesOS Inc:

  • We use data from those integrations only to provide the specific features you have enabled.
  • We do not use that data to develop, improve, or train generalized AI or machine learning models.
  • We handle such data in compliance with the applicable Google API Services User Data Policy and Microsoft API terms.

10. Cookies, Tracking Tools, and Opt-Out

The Services use cookies and similar technologies - such as pixel tags, web beacons, clear GIFs, and JavaScript (collectively, "Cookies") - to enable our servers to recognize your browser, understand how and when you visit and use the Services, analyze trends, and operate and improve the platform. We may supplement information we collect with data from third parties that have placed their own Cookies on your device.

We use the following types of Cookies:

10.1 Essential Cookies

Required for providing features or services you have requested, such as keeping you logged into secure areas of the Services. Disabling these Cookies may make certain features unavailable.

10.2 Functional Cookies

Used to record your choices and settings, maintain your preferences over time, and recognize you when you return to the Services. These Cookies help us personalize content, remember your preferences, and greet you by name.

10.3 Performance and Analytics Cookies

Allow us to understand how visitors use the Services by collecting information about the number of visitors, which pages are viewed, and how long visitors stay. These Cookies also help us measure the performance of our advertising campaigns. Examples include PostHog. These require your consent.

10.4 Marketing and Retargeting Cookies

Used to deliver targeted advertising and measure campaign effectiveness. Examples include the LinkedIn Insight Tag. These require your consent.

10.5 Lead Identification Cookies

Used to identify company-level visitors and qualify B2B prospects. Examples include RB2B and Snitcher. These require your consent.

You can manage or disable Cookies through your browser settings. Most browsers allow you to refuse new Cookies, delete existing Cookies, or be notified when a new Cookie is set. Note that disabling certain Cookies may affect the functionality of the Services and you may need to manually adjust preferences each time you visit.

If you install our pixel on your own website, you are responsible for implementing a compliant consent banner so the pixel does not fire for visitors who decline tracking.

We do not currently respond to "Do Not Track" browser signals. For more information about Cookies generally, including how to manage and delete them, please visit www.allaboutcookies.org. To explore or modify your Cookie settings with us directly, contact privacy@spacesos.com.

11. SMS Communications

SpacesOS Inc may send SMS messages for the following purposes:

  • Appointment and call confirmations
  • Scheduling and rescheduling coordination
  • Follow-up communications after outreach attempts
  • Two-way conversations to answer questions and coordinate availability

Consent: We obtain SMS consent via verbal opt-in during an initial phone call (documented in our CRM with date, time, agent name, and confirmed number) and/or a checkbox on an inquiry form. Consent is never a condition of purchase.

Message Frequency: Message frequency varies based on your engagement with our Services.

Fees: Message and data rates may apply.

Opt-Out: Reply STOP at any time to unsubscribe from SMS messages. Reply HELP for assistance, or contact us at privacy@spacesos.com.

12. Data Retention

We retain Personal Data for as long as necessary to provide the Services, fulfill our commercial or business purposes, and meet applicable legal, audit, and compliance obligations. When establishing retention periods, we consider who provided the data, our need for it, why it was collected, and its sensitivity.

Specific retention practices include:

  • Profile information and account credentials are retained for as long as you maintain an account with us.
  • Device and IP data is retained as long as needed to ensure our systems operate securely and effectively.
  • Cookie and analytics data is typically retained for up to 12 months.
  • Prospect data sourced from public or third-party providers for outreach purposes is retained for approximately one month. If a prospect does not engage within one month of first contact, their data is deleted from active systems.
  • Client account and billing data is retained for the duration of the business relationship and for a reasonable period thereafter to satisfy legal and compliance obligations.

In some cases we retain Personal Data longer if required to comply with legal obligations, resolve disputes, collect fees owed, or as otherwise permitted or required by law. We may retain de-identified or aggregated data indefinitely as it no longer identifies you personally.

13. Data Security

We use commercially reasonable physical, technical, organizational, and administrative safeguards to protect your Personal Data from unauthorized access, use, alteration, or disclosure. The type of safeguards we apply is based on the nature of the data and how it is processed. Access to Personal Data is limited to personnel who require it to perform their role, and all such personnel are subject to confidentiality obligations.

You should also help protect your data by selecting a strong password, limiting access to your device and browser, and signing out of your account when finished. Although we work to protect your information, no method of transmitting or storing data over the internet is completely secure. We have procedures in place to respond to suspected data breaches and will notify you and applicable regulatory authorities where required by law.

14. Children's Privacy

Our Services are not directed to children under the age of 13, and we do not knowingly collect Personal Data from children. If you are under 13, please do not attempt to use the Services or submit any Personal Data. If we learn that we have inadvertently collected Personal Data from a child under 13, we will delete it as promptly as possible.

15. State Law Privacy Rights

Residents of California, Virginia, Colorado, Connecticut, Texas, Montana, Oregon, Utah, and Nevada - as well as residents of other states with applicable privacy laws - have specific rights regarding their Personal Data. This section describes those rights and how to exercise them.

15.1 Rights Available Under State Law

  • Right to Know / Access: Request a copy of the Personal Data we hold about you, including the categories of data collected, the sources, our purposes for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: Request deletion of Personal Data we hold about you, subject to exceptions required by law (such as data needed to complete a transaction or comply with a legal obligation).
  • Right to Correct: Request correction of inaccurate or outdated Personal Data.
  • Right to Opt Out of Sale or Sharing: We do not sell your Personal Data as defined under applicable state law (including California, Nevada, and Virginia definitions). If that changes, we will update this policy and provide a clear opt-out mechanism.
  • Right to Non-Discrimination: We will not discriminate against you - including by denying services, charging different prices, or providing a reduced level of service - for exercising any of your privacy rights.

15.2 Additional Rights for California Residents (CCPA / CPRA)

California residents have additional rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA), including:

  • The right to limit the use and disclosure of sensitive personal information.
  • The right to opt out of sharing for cross-context behavioral advertising.
  • The right to request information about automated decision-making and to opt out of certain automated decisions.

Under California Civil Code Sections 1798.83-1798.84, California residents may also contact us to prevent disclosure of Personal Data to third parties for their direct marketing purposes.

15.3 Nevada Resident Rights

We do not currently sell your Personal Data as that term is defined under Nevada Revised Statutes Chapter 603A. Nevada residents may still submit an opt-out request using the contact information in Section 16.

15.4 How to Submit a Privacy Request

To submit a request to access, correct, delete, or opt out of certain processing, please contact us at privacy@spacesos.com. To verify your identity and locate your records, we will typically require:

  • Your full name
  • Your current mailing address

We may also ask for your email address to send you status updates. Information provided in connection with a privacy request will be used solely to process that request and to maintain legally required compliance records.

Please note: an opt-out request applies only to SpacesOS Inc's own databases and does not affect databases maintained by third parties, including our customers or partners.

We will respond to verifiable requests within 45 days. If we cannot verify your identity, we may be unable to fulfill your request. If a request is particularly complex, we may extend our response time by an additional 45 days and will notify you of the extension.

15.5 Right to Appeal

If we deny your privacy rights request in whole or in part, you have the right to appeal. To submit an appeal, email privacy@spacesos.com with the subject line "Privacy Request Appeal" and include a description of your original request and the basis for your appeal. We will respond within the timeframe required by applicable state law.

16. Third-Party Links

Our website and Services may contain links to third-party websites, plug-ins, or applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party sites and are not responsible for their privacy practices. We encourage you to read the privacy policy of every website you visit.

17. Contact Us

If you have any questions or comments about this Privacy Policy, the ways in which we collect and use your Personal Data, or your choices and rights regarding such collection and use, please contact us:

  • Email: privacy@spacesos.com
  • Website: www.spaces.com
  • Mailing Address: SpacesOS Inc, 251 Little Falls Drive, Wilmington, New Castle County, DE 19808, US

18. Changes to This Privacy Policy

We keep this Privacy Policy under regular review and may update it from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will alert you to material changes by posting a notice on our website, by email, or by other appropriate means. If you have opted not to receive legal notice emails, the updated policy will still govern your use of the Services and you remain responsible for reviewing it.

Please ensure that the Personal Data you provide us remains accurate and current. If your information changes - such as a new email address or mailing address - please let us know.