ONE VISION

LOGIN

Last Updated: June 26, 2025

OneVision Agency (“Company,” “we,” or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our website or services. It also describes your rights under various privacy laws, including the California Consumer Privacy Act (CCPA) and the EU General Data Protection Regulation (GDPR). By using our site or services, you agree to the collection and use of information in accordance with this Privacy Policy.

If you do not agree with our practices, please do not use our website or services. This policy applies to all users, including clients and site visitors, in the United States and any individuals accessing our services from outside the U.S.

1. Information We Collect

We do not collect sensitive personal data such as Social Security numbers, driver’s license numbers, financial account passwords, or health information directly. We limit our data collection to general business and contact information necessary to provide our marketing services or to respond to inquiries. The types of information we may collect include:

  • Personal Identifiers: Name, business name, title/position, email address, telephone number, and mailing address.

  • Business Information: Details about your company (industry, size, services/products) that you provide when you become a client or inquire about our services.

  • Communication Content: Any information you voluntarily send to us through contact forms, emails, or phone calls – for example, your inquiries, project requirements, or feedback.

  • Payment Information: If you purchase our services, payments are processed by third-party payment processors (like Stripe). We do not directly collect or store full credit card numbers or banking details. (Stripe may collect your payment card details on our behalf — see Third-Party Services below.) We may retain records of transactions (e.g., amount, date, and the last four digits of your card for reference) but not your sensitive payment data.

  • Website Usage Data: When you visit our website, we automatically collect certain technical data via cookies and similar tracking technologies. This may include your IP address, browser type, device information, pages viewed, and the date/time of your visits. We use services like Google Analytics to gather this usage information. This data helps us understand how visitors use our site and improve user experience. (See Section 3 on Cookies & Tracking for more details.)

  • Client Account Information: If you become a client, we may assign you an account or maintain a profile for you within our systems (e.g., our CRM platform GoHighLevel). This may include your client ID, service history, project details, and notes from our interactions.

We collect personal information directly from you (for example, when you fill out a form on our site, schedule a consultation, or provide information during onboarding), and automatically (for example, via cookies when you browse our site). We do not obtain personal data about you from third-party data brokers. However, we may receive basic contact information through referrals or networking events if you have consented to share it with us.

2. How We Use Your Information

OneVision Agency uses the collected information for the following purposes:

  • To Provide and Manage Services: We use your information to communicate with you and deliver our marketing services. For example, we will use your contact and business info to understand your needs, create marketing plans, run campaigns, and provide consulting. We may also use it to troubleshoot issues, provide technical support, or respond to your service requests.

  • To Process Transactions: We use payment and contact information to bill you for our services and manage invoices and receipts. (All payment processing is handled through Stripe or similar providers; we use your info to initiate payments, but we do not store your full payment details.)

  • To Communicate: We may send administrative emails or messages regarding your account, such as confirmations, invoices, technical notices, updates, security alerts, and support/maintenance advisories. We will also respond to your inquiries or requests sent via email, phone, or our website forms.

  • Marketing and Newsletters: With your consent (where required by law), we may send you marketing communications about our services, new offerings, or events that might interest you. For example, if you join our mailing list or become a client, we might email you helpful marketing tips or agency news. You can opt-out of marketing emails at any time by clicking the “unsubscribe” link in those emails or contacting us.

  • Site Improvement and Analytics: We use data obtained from cookies and site usage (via Google Analytics or similar tools) to understand how users interact with our website. This helps us troubleshoot performance issues, improve navigation, and optimize content. For instance, knowing which pages are most visited or how users found our site guides our website enhancements and marketing strategy.

  • Legal Compliance and Protection: We may use or disclose your information as needed to comply with applicable laws, regulations, lawful requests, and legal processes. For example, to respond to subpoenas or regulatory inquiries. We will also use and share information as necessary to enforce our Terms of Service, to investigate or prevent fraud or security issues, or to protect the rights, property, and safety of OneVision Agency, our clients, or others.

  • Business Transfers: If we undergo a business transition such as a merger, acquisition, corporate restructuring, or sale of all or part of our assets, your personal information may be among the assets transferred. We will ensure any successor entity honors the commitments we have made in this Privacy Policy regarding your personal data.

We will only use your personal information for the purposes we collected it for (as described above) or for compatible purposes. If we need to use it for an unrelated purpose, we will update this Privacy Policy and, if legally required, notify you or obtain your consent.

3. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies (such as web beacons or pixel tags) to collect and use personal information about you, including to serve interest-based advertising if applicable (though currently we do not serve third-party ads on our site). In particular:

  • Google Analytics: We use Google Analytics, which places cookies on your browser, to collect anonymized traffic data. This helps us understand website traffic and usage patterns. The information generated (including your shortened IP address) will be transmitted to and stored by Google on servers in the United States. Google uses this information to compile reports on website activity for us. (Learn more about how Google Analytics uses data on Google’s site.) You can opt-out of Google Analytics tracking by installing the Google Analytics Opt-out Browser Add-on.

  • Essential Cookies: We use some cookies that are necessary for the basic functioning of our site, such as to remember your preferences (for example, cookie consent choices) or keep you logged in to any client portal (if applicable). These cannot be turned off without affecting site function.

  • No Sale of Data via Cookies: We do not allow third-party advertising networks to track your behavior on our site for targeted advertising, and we do not sell your personal information collected via cookies. Any third-party integrations (like embedded videos or social media widgets) will be disclosed, and those providers may set cookies subject to their own policies.

You have choices to manage or disable cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. Note that blocking cookies may impact some features of our site. For more information about cookies and how to control them, visit allaboutcookies.org.

4. Third-Party Services and Data Sharing

OneVision Agency does not sell your personal information to unrelated third parties for their own marketing purposes. We only share your information in limited circumstances, as described below, and always with safeguards for your privacy. The categories of third parties with whom we may share information include:

  • Service Providers (Processors): We may share personal information with trusted third-party companies that perform services on our behalf to help us run our business (“service providers”). These include:

    • Payment Processors: As mentioned, if you make payments to us, your payment details are collected and processed by Stripe, Inc. (or a similar payment provider). Stripe may receive your name, email, billing address, and credit card information when you pay an invoice. Stripe is certified as a PCI-DSS compliant payment processor, which means they follow stringent security standards. We recommend you review Stripe’s Privacy Policy for information on their practices.

    • Customer Relationship Management (CRM) Platform: We use GoHighLevel (a CRM and marketing automation platform) to manage client information, track communications, and deliver certain services (such as email or SMS updates, appointment scheduling, or campaign management). If you become a client or subscribe to our mailing list, your name, contact details, and communications may be stored on GoHighLevel’s secure servers. GoHighLevel acts as a data processor, handling your information only under our instructions. They have their own Privacy and Security policies to safeguard data, and they comply with relevant regulations (for example, GoHighLevel is certified under the EU-U.S. Data Privacy Framework for international data transfers).

    • Analytics and Tracking: As noted, we use Google Analytics to collect site usage data (Google LLC is the provider of this service). Google acts as our analytics provider, using the data only to provide aggregate insights to us. We have enabled IP anonymization in Google Analytics to protect individual visitors’ identities.

    • Automation and Integration Tools: We may use Zapier or similar workflow automation services to connect various systems and services we use (for example, to automatically send data from our website contact form to our CRM or email system). This means that information you enter on our site (such as your email or name on a contact form) might pass through Zapier’s platform to reach our other databases. Zapier acts as a conduit and does not use your data for any other purpose except to transmit it between systems as directed by us. Zapier is GDPR-compliant and offers a Data Processing Addendum for its customers (us) to ensure your data is handled lawfully.

    • Email Service Providers: If we send out email newsletters or campaign updates, we might use an email service (for example, MailChimp, SendGrid, or the email tools within GoHighLevel). These providers will have access to your email address and name to send messages on our behalf. They are not allowed to use your info for their own purposes.

    • Other Vendors: We may share information with other vendors who assist in delivering our services (for instance, freelance designers, advertising platforms where we run ads for you, cloud storage providers for file management, etc.). In all cases, we only share the information necessary for the vendor to perform their function, and we contractually require them to keep your information confidential and secure.

  • Within Our Corporate Group: If OneVision Agency is part of a larger corporate group or has affiliates, we may share information with our affiliates for business operations, such as consolidated customer service or centralized data storage. Any such affiliates will honor the privacy commitments herein. (At present, OneVision Agency operates as a single business unit with no separate subsidiaries for client services.)

  • Legal Requirements and Protection: We may disclose your information if required to do so by law or in the good-faith belief that such action is necessary to: (i) comply with a legal obligation, court order, or government request; (ii) enforce our Terms of Service or other agreements; (iii) detect, prevent, or address fraud, security, or technical issues; or (iv) protect the rights, property, or safety of OneVision Agency, our clients, or the public. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction, as permitted by law.

  • Business Transfers: As noted earlier, if we are involved in a merger, acquisition, sale of assets, reorganization, bankruptcy, or other business transaction, your information may be transferred to a successor or affiliate as part of that transaction. In such an event, we will ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

Important: When we share your personal information with service providers, they are not permitted to use or disclose it for any purpose other than providing services to us and ultimately to you. We strive to choose reputable third-party partners that uphold strong privacy and security standards. However, third parties operate under their own privacy policies, so we encourage you to review the privacy policies of Stripe, Google, GoHighLevel, Zapier, or any other third-party services we use if you have concerns.

5. Data Security

We take reasonable measures to protect the security of your personal information. These measures include administrative, technical, and physical safeguards appropriate to the volume and sensitivity of the data. For example:

  • We restrict access to personal data to authorized personnel and contractors who need it to operate our business.

  • We use secure technologies like SSL/TLS encryption to protect data transmissions on our website (you’ll see “https” and a lock icon in your browser address bar on our site, indicating an encrypted connection).

  • Our third-party service providers (Stripe, GoHighLevel, etc.) also implement security controls such as encryption, firewalls, intrusion detection, and regular security audits. We review their security and privacy commitments to ensure they meet industry standards.

However, no method of transmission over the Internet or electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee absolute security. You share and transmit information to us at your own risk. In the unlikely event of a data breach that affects your personal information, we will notify you and the relevant authorities as required by law.

Please also play your part in security: do not share any login credentials we provide you, use unique passwords, and contact us immediately if you suspect any unauthorized access to your account or information.

6. Data Retention and Deletion

We will retain your personal information only for as long as necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

  • If you are a client, we will typically retain your information for the duration of our business relationship and for a reasonable period thereafter (for example, to maintain records for our financial reporting and to have historical data in case you return). Generally, client records are kept for at least 7 years after the end of our engagement, to comply with tax and contractual record-keeping obligations, unless a longer retention is required or justified.

  • If you subscribed to marketing communications but are not a paying client, we will retain your contact information until you opt-out or until it’s no longer needed. If you unsubscribe from our marketing emails, we will remove you from the list promptly, though we may keep a minimal record (email address) to ensure we honor your opt-out going forward.

  • If you merely visited our site, analytics data about your visit is typically retained in aggregate form. Google Analytics data may be retained for a period (e.g., 26 months) as configured in our account, after which it may be automatically deleted or anonymized.

  • We periodically review the data we hold and erase or anonymize personal information that is no longer needed. When we delete personal data, we ensure it is securely erased from our active systems. Please note that backup or archived copies might be retained for a longer period if necessary for business continuity, but they will be protected and eventually overwritten or deleted in accordance with our data retention policy.

If you wish to request deletion of your personal information sooner (for example, under your privacy rights described below), you can contact us and we will address your request as required by law.

7. Children’s Privacy

Our website and services are not directed to children under 13 years of age, and we do not knowingly collect personal information from children under 13. If you are under 13, do not use our site or send us any personal information (in the U.S., children under 13 require parental consent by law (COPPA)).

If we learn that we have inadvertently collected personal data from a child under 13 (or under 16 in certain jurisdictions) without proper consent, we will delete that information as quickly as possible. If you believe we might have any information from or about a minor, please contact us immediately at privacy@onevisionagency.com so we can investigate and take appropriate action.

8. Your Privacy Rights

Depending on your jurisdiction, you may have certain legal rights regarding your personal information. OneVision Agency is committed to honoring applicable data protection laws, including the California Consumer Privacy Act (CCPA, as amended by CPRA) for California residents, and the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA). Below, we outline those rights and how you can exercise them.

8.1 California Privacy Rights (CCPA/CPRA)

If you are a resident of California, you have the following rights with respect to your personal information under the CCPA (California Civil Code §1798.100 et seq.), as amended by the California Privacy Rights Act (CPRA):

  • Right to Know: You have the right to request that we disclose what personal information we collect, use, and share about you. This includes the categories of personal information collected, the sources of that information, the business purpose for collection, the categories of third parties with whom we share the information, and the specific pieces of personal information we hold about you. You may request information about the preceding 12 months from the date of your request.

  • Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions. For example, we may retain information necessary to complete a transaction you requested, to detect security incidents, for legitimate internal business needs such as maintaining financial records, or to comply with legal obligations. If an exception applies, we will inform you in our response. Otherwise, we will delete (and direct our service providers to delete) your personal information from our records and confirm once completed.

  • Right to Opt-Out of Sale/Sharing: The CCPA gives you the right to opt-out of the “sale or sharing” of your personal information (as those terms are defined in the law). However, OneVision Agency does not sell personal information to third parties for monetary value, and we do not share personal information for cross-context behavioral advertising. In other words, we do not exchange your data with third parties in a way that would trigger the opt-out requirement. Because we do not sell or share personal data in this manner, we do not provide a “Do Not Sell or Share My Personal Information” link.

  • Right to Correct (CPRA addition): Starting in 2023, California residents also have the right to request correction of inaccurate personal information that we maintain about you. If you find that any of your information with us is incorrect, you can request that we update it.

  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights. This means, for example, we won’t deny you services, charge you a different price, or provide a different level of service just because you exercised your privacy rights. If you request deletion of data that is necessary for us to deliver a service, we will let you know if we must cancel that service as a result, but we will not otherwise penalize you for making requests.

Exercising Your California Rights: To submit a request to know, delete, or correct, you (or an authorized agent acting on your behalf) may contact us using the information in the “Contact Us” section below. Please specify the nature of your request (e.g., “CCPA request – Right to Know” or “Right to Delete”). We will need to verify your identity before processing certain requests to ensure we are protecting your information from unauthorized access. For verification, we may ask you to provide certain information that we already have on file (such as your name, email, or last transaction amount) or other proof of identity. We will only use the information you provide in a request to verify your identity or authority.

We aim to respond to your request within 45 days as required by the CCPA. If we need more time (up to an additional 45 days, for a total of 90 days), we will inform you of the reason and extension in writing. There is no fee for making a verifiable request unless it is excessive or repetitive, in which case we may charge a reasonable fee or decline the request as permitted by law.

8.2 European Privacy Rights (GDPR)

If you are located in the European Economic Area (EEA) or another jurisdiction with similar laws (such as the UK or Switzerland), you have certain rights under the GDPR and local data protection laws. These include:

  • Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the personal data we hold about you, along with supplemental information about how we process it.

  • Right of Rectification: You have the right to request that we correct any inaccurate or incomplete personal data we hold about you. We encourage you to contact us to keep your information up to date or if you believe any information is incorrect.

  • Right to Erasure: You have the right to request that we delete your personal data (the “right to be forgotten”). We will do so upon valid request, provided the data is not required for legitimate business purposes or legal compliance. For example, we may need to retain certain data for record-keeping or to complete ongoing transactions, but we will explain if such an exception applies.

  • Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data under certain circumstances – for instance, if you contest the accuracy of the data or if the processing is unlawful but you oppose full deletion. If processing is restricted, we will store your data but not use it further until the issue is resolved.

  • Right to Data Portability: Where processing is based on your consent or the performance of a contract and carried out by automated means, you have the right to request a copy of the personal data you provided to us in a structured, commonly used, machine-readable format, and you may request that we transmit it directly to another data controller where technically feasible.

  • Right to Object: You have the right to object to our processing of your personal data in certain situations. For example, you can object to direct marketing at any time, and we will honor that objection (we will stop using your data for marketing purposes). If we are processing your data based on a legitimate interest, you can object if you believe your fundamental rights and freedoms outweigh our legitimate interest. We will then reconsider the balance or cease processing that data.

  • Right not to be subject to Automated Decisions: OneVision Agency does not make any decisions that have legal or similarly significant effects solely by automated means (without human involvement). If that ever changes, you would have the right to not be subject to such decisions without your consent or other legal justification, and to request human review of such decisions.

  • Right to Withdraw Consent: In cases where we rely on your consent to process personal data (for example, for sending marketing emails in jurisdictions where consent is required), you have the right to withdraw your consent at any time. Withdrawing consent will not affect the lawfulness of processing based on consent before its withdrawal. For instance, you can opt-out of our newsletter, and we will stop further marketing communications.

  • Right to Lodge a Complaint: If you believe that we have infringed your data protection rights, you have the right to lodge a complaint with a supervisory data protection authority in your country of residence or the location where the issue occurred. We encourage you to contact us first so we can try to resolve your concerns directly.

Legal Bases for Processing (GDPR): The GDPR requires us to inform you of the legal grounds we rely on to process your personal data. We only process personal data when we have a lawful basis, such as:

  • Performance of a Contract: We process personal data to provide our services as agreed with you (e.g., using your information to run a marketing campaign as per our contract with you).

  • Consent: For certain activities, we rely on your consent (for example, sending promotional emails to individuals in the EEA, or using certain non-essential cookies). When consent is our basis, you have the right to withdraw it at any time.

  • Legitimate Interests: We process data as needed for our legitimate business interests, provided those are not overridden by your rights. For example, it’s in our legitimate interest to collect basic analytics to improve our services, to communicate with clients about similar services they’ve purchased, or to prevent fraud or misuse of our website. We always consider the impact on your privacy and employ safeguards to minimize it when using this basis.

  • Legal Obligation: We may process data to comply with legal obligations (e.g., maintaining proper business records, responding to lawful requests by public authorities).

Exercising Your GDPR Rights: You can exercise any of your rights by contacting us (see “Contact Us” section below) and clearly describing your request. We may need to verify your identity to process certain requests (for instance, access or deletion requests) to ensure we do not disclose or erase data to the wrong person. We will respond to your request within one month, or inform you of any extension needed (an additional two months, for complex requests) as permitted by law. We will not charge a fee for handling a request unless it is manifestly unfounded or excessive, in which case we may charge a reasonable fee or refuse the request with explanation.

Please note that these rights are not absolute; specific conditions and exceptions apply under the law. We will explain if any part of a request cannot be fulfilled due to an exception.

9. International Data Transfers

OneVision Agency is based in the United States. If you are visiting our website or using our services from outside the U.S., be aware that your personal information will likely be transferred to, stored, and processed in the United States or other jurisdictions where our servers or our service providers are located. The data protection laws of the United States or those other jurisdictions might not be as comprehensive or protective as the laws in your country of residence.

However, we take steps to ensure that international transfers of personal data are protected in accordance with this Privacy Policy and the requirements of applicable law. For example:

  • For transfers from the EEA or UK to the U.S., we may rely on legally-approved transfer mechanisms such as Standard Contractual Clauses (SCCs) or the new EU-U.S. Data Privacy Framework if our service providers are certified under that framework. (Stripe and some other providers are certified under the Privacy Shield program’s successor, and GoHighLevel has indicated compliance with EU transfer requirements.)

  • Our service providers that process EU personal data on our behalf are contractually bound by data processing agreements that include appropriate safeguards for data transfers and processing.

  • By using our services or providing us with your information, you explicitly consent to the transfer of your personal information to the United States (and to any other country where we or our vendors operate). We will protect your data as described in this Policy, wherever it is processed.

If you have questions about our transfer mechanisms or want more information about how we ensure lawful international transfers, please contact us.

10. Updates to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we update the policy, we will change the “Last Updated” date at the top of this page. If the changes are significant, we may also provide a more prominent notice (such as a banner on our website or an email notification of the changes). We encourage you to review this Privacy Policy periodically to remain informed about how we are protecting your information.

Your continued use of our website or services after any update constitutes your acceptance of the revised Privacy Policy. If you do not agree to the changes, you should stop using our services and contact us if you wish to remove your data as per your rights.

11. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or your personal data, please contact us. We will do our best to address your inquiry promptly and courteously.

Contact Information for Privacy Inquiries:
Email: privacy@onevisionagency.com
Address: OneVision Agency – Privacy Department, 1234 Marketing Ave, Los Angeles, CA 90001, USA
Phone: +1 (555) 123-4567 (during normal business hours)

You may also use the above contact information to exercise your data subject rights (as described in Section 8) or to request further information about our privacy practices. We value your privacy and will strive to resolve any issues to your satisfaction.

Thank you for trusting OneVision Agency with your personal information. Your privacy is important to us, and we are committed to safeguarding it.