Solutions keyboard_arrow_down keyboard_arrow_up
Our Solutions
Ontraport's solutions work together to give you everything you need to run your business in one centralized, easy-to-use platform.
Resources keyboard_arrow_down keyboard_arrow_up
Find free content on the latest marketing strategies, using Ontraport in your business, and finding the right software.
Visit the blog
University Pricing Chat
Ontraport Legal
Terms of Service

By signing up with Ontraport or any of its subsidiaries, you agree to use your account in a manner that is consistent with all applicable laws and regulations and in accordance with the Terms of Service discussed herein.  This Agreement is between Ontraport (“the service provider,” “us,” “we,” or “our”) and all its subscribers and users (“the client,” “you,” “your” or “subscriber”). This Agreement and the client’s use of services shall become effective on the date the order is submitted by the client to the service provider (“Effective Date”).

Agreement Summary

Divider Text
Conditions of Use
Service provider reserves the right to update and change the Terms of Service at any time and without notice. Any new features that augment or enhance the current Service, including the release of new tools and resources, shall be subject to the Terms of Service. Continued use of the Service after any such changes shall constitute your consent to such changes. Violation of any of the terms below will result in the termination of your Account.
  • You must be 13 years or older to use this Service.
  • You must be a human. Accounts registered by “bots” or other automated methods are not permitted.
  • You must provide your legal full name, a valid email address, and any other information requested in order to complete the signup process.
  • Your login may only be used by one person – a single login shared by multiple people is not permitted.
  • You are responsible for maintaining the security of your account and password. We cannot and will not be liable for any loss or damage from your failure to comply with this security obligation.
  • You are responsible for all Content posted and activity that occurs under your account (even when Content is posted by others who have access to your account).
  • You may not assign your rights under this Agreement without our prior written consent.
  • You may not use the Service for any illegal or unauthorized purpose. You must not, in the use of the Service, violate any laws in your jurisdiction (including but not limited to copyright laws).
  • We may, but have no obligation to, remove Content and Accounts containing Content that we determine in our sole discretion are unlawful, offensive, threatening, libelous, defamatory, pornographic, obscene or otherwise objectionable or violates any party’s intellectual property. You may not post sexual graphic content on the Service. While we prohibit such conduct and content on the Service, you understand and agree that we cannot be responsible for the content posted on the Service and you nonetheless may be exposed to such materials.
  • You must use our system in a manner that is ethical and in conformity with community standards.
  • You will respect the privacy of other users (you shall neither intentionally seek data or passwords belonging to other users, nor will you modify files or represent yourself as another user unless explicitly authorized to do so by that user).
  • You will respect the legal protection provided by copyright law, trade secret law, or other laws protecting intellectual property.
  • You will accept notifications of service changes, commercial email and similar offers presented through the Ontraport system or via email.
  • You must not upload, post, host, or transmit unsolicited email, SMSs, or “spam” messages (See Anti-spam Policy).
  • You must not modify, adapt or hack the Service or modify another website so as to falsely imply that it is associated with the Service, us, or any other service.
  • You must not use any API credentials in any publicly available software or phone application. This specifically refers to, but is not limited to, embedding API usage in a phone App.
  • You must not transmit any worms or viruses or any code of a destructive nature.
  • This agreement is ‘at-will’, meaning that you can cancel your account at any time and so can we (which we exercise typically only in the case of violations of our spam rules but which we reserve for any reason whatsoever).
  • GDPR Authorization to use sub-processors: Ontraport uses sub-processors as a routine part of offering our service. As a Data Controller, you agree to our use of GDPR compliant sub-processors. We maintain a list of sub-processors below for your review.
  • GDPR Indemnification: By using Ontraport's software, you agree to indemnify Ontraport for any legal responsibility and against any claims regarding your GDPR compliance. Ontraport attests that we comply with GDPR as a Data Processor but does not and can not ensure your compliance as a Data Controller.
  • Learn more about Ontraport’s compliance with GDPR here.
Divider Text
PGP Public Key Block
Please use this public PGP key to encrypt your communications with Ontraport during custom imports. We encourage the use of encryption when communicating logins and passwords for secure accounts, for SFTP (SSH File Transfer Protocol) use if Ontraport needs to access your server, or when migrating sensitive data such as your customers’ credit card information. When you encrypt a file or email message with our public key, only Ontraport can open it using our private key so your information stays safe.
Version: GnuPG v2.0.22 (GNU/Linux)

Divider Text
Fee Agreement
The Period of Performance of this Agreement shall commence on the Effective Date and shall automatically renew for additional like periods (renewal periods) under the same terms of service. The Renewal Fees will be automatically debited from the client’s credit card at the beginning of each renewal period, and you agree that the service provider will not require any additional authorization for any recurring payments or automatic billing options. Services are non-refundable unless the pricing terms for the applicable service expressly states otherwise. The service provider may suspend or terminate use of your account if you fail to comply with fee agreement.
  • A valid credit card is required for all accounts.
  • The Service is billed in advance on a monthly or annual basis and is non-refundable. There will be no refunds or credits for partial months of service, upgrade/downgrade refunds, or refunds for months unused with an open account. In order to treat everyone equally, no exceptions will be made.
  • All fees are exclusive of all taxes, levies or duties imposed by taxing authorities, and you shall be responsible for payment of all such taxes, levies, or duties. Local Sales and/or Use taxes may apply.
  • All fees will be collected in United States dollars regardless of your country of origin's currency exchange rate.
  • For any upgrade or downgrade in your monthly plan level, the credit card you provided will automatically be charged the new rate on your next billing cycle.
  • If you upgrade your annual account during the contract period, the change in annual price will be prorated and charged at that time.
  • Downgrading your service may cause the loss of the content, features or capacity of your account. We do not accept any liability for such loss.
  • Should your account exceed your current account limit of contacts plus object records with email address fields, user seats or emails, your service plan will either be upgraded automatically to the next most affordable account level or service package, or it will be billed for overages.
  • If you send SMS messages through Ontraport, the credit card you provided will automatically be charged a minimum of $10 for that billing cycle. Fees vary based on carrier and location, and you are solely responsible for all SMS usage and the associated fees.
  • We reserve the right at any time to modify or discontinue, temporarily or permanently, the Service (or any part thereof) with or without notice.  Should this occur, no changes, refunds or credits will be made to your service plan.
  • Prices of all Services, including but not limited to monthly subscription plan fees to the Service, are subject to change upon 30 days notice from us.
  • The service provider may suspend or terminate use of your account if you fail to provide a valid credit card.
  • Any billing problems or discrepancies must be brought to our attention within thirty (30) days from the date the client is billed. If you do not bring them to our attention within thirty (30) days, you agree that you waive your right to dispute such problems or discrepancies.
Divider Text
You are solely responsible for properly cancelling your account. We do not take cancellation requests via email, over the phone or chat. All accounts must be cancelled by the primary account holder through their account. See cancellation instructions here.
  • All of your Content will be immediately deleted from the Service upon cancellation. This information can not be recovered once your account is cancelled.
  • If you cancel the Service before the end of your current paid up month, your cancellation will take effect immediately and you will not be charged again.
  • We have the right to suspend or terminate your account and refuse any and all current or future use of the Service, for any reason at any time. Such termination of the Service will result in the deactivation or deletion of your Account or your access to your Account and the forfeiture and relinquishment of all Content in your Account. We reserve the right to refuse service to anyone for any reason at any time.
  • Certain offers allow for a refund of the base account fee if you cancel your account during your refund period (30 days from the date you began paying for your account). If this offer was made available to you, you must first cancel your account, then submit a request for a refund via email to Note that usage fees, including but not limited to email, contact and object record volume charges, user seats, postcards, SMS, set-up fees, custom programming, services and consulting fees, are not refundable. Additionally, annual subscriptions are non-refundable regardless of the effective date and are exempt from refund offers.
Divider Text
Anti-spam Policy
We strictly prohibit any involvement in unsolicited commercial email (UCE) campaigns, commonly known as spam. We maintain a Zero-Tolerance policy against spam, be it direct, third party or any affiliate or similar agent acting on the account holder’s behalf. All lists used in conjunction with the services provided by the service provider are required to be 100% opt-in lists. Any client account that is connected to a report of or caught violating these policies, will be immediately terminated.
  • You will abide by the U.S. CAN-SPAM Act of 2003 and standards set by the email industry, which state: If it’s unsolicited, it’s spam.
  • You are only permitted to send email to contacts who have specifically requested to receive content from you.

  • You may not add email addresses to our service that you rented, purchased, or “scraped.”  This includes a list of opt-in leads or a list of names and emails received from your Chamber of Commerce, etc.
  • We in no way participate in mass unsolicited emailing (i.e., spamming), and all Partners are expected to adhere to this policy as well. Violation of this policy will result in the termination of your contract and immediate dismissal from the Partner Program.
  • No refunds or pending commissions will be provided to anyone whose account is terminated for violating this policy.

    Please report a complaint or violation of this policy to our Abuse Desk.

Divider Text

You understand that the service provider, and/or its assigns do not guarantee, imply, or predict any type of profit or response from said services. The client irrevocably covenants, promises and agrees to indemnify the service provider and/or its assigns and to hold the service provider and/or its assigns harmless from and against any and all losses, claims, expenses, suits, damages, costs, demands or liabilities, joint or several, of whatever kind or nature which the service provider and/or its assigns may sustain or to which the service provider and/or its assigns may become subject arising out of or relating in any way to the use of the services provided under this Agreement, including, without limitation, in each case attorneys’ fees, costs and expenses actually incurred in defending against or enforcing any such losses, claims, expenses, suits, damages or liabilities. You agree to use the Service at your own risk.


We shall not be liable for any damages suffered by the client, whether indirect, special, incidental, exemplary, or consequential, including, but not limited to, loss of data or service interruptions, regardless of cause or fault. We are not responsible or liable for any lost profits or any lost data or information. While we take all reasonable precautions to ensure your database is secure and protected, the client understands and agrees that the service provider is under no obligation to export, extract, retrieve or “massage” the client’s database except through our EXPORT function. 

Divider Text
Privacy Policy
The service provider will not rent, sell, access or in any way use the client’s customer database information except as required to render the service, such as while delivering customer support.
  • We collect the email addresses of those who communicate with us via email, aggregate information on what pages consumers access or visit, approximate location, IP address, and information volunteered by the consumer (such as survey information and/or site registrations).The information we collect is used to improve the content of our web pages and the quality of our service.
  • We do not share your mobile number with third parties. We send SMS updates a few times per week at most. Message and data rates may apply. To opt-out, simply reply with "STOP" at any time.
  • We ask for information such as your name, company name, email address, billing address and credit card information for users of our services.  We use collected information for the following general purposes: products and services provision, billing, identification and authentication, services improvement, contact, and research.

  • A cookie is a small amount of data, which often includes an anonymous unique identifier, that is sent to your browser from a website’s computer and stored on your computer’s hard drive. Cookies are required to use our service.  We use cookies to record current session information but do not use permanent cookies.
  • We use third party vendors and hosting partners to provide the necessary hardware, software, networking, storage and related technology required to run the services provided. Although we own the code, databases and all rights to the application, you retain all rights to your data.
  • We may disclose personally identifiable information under special circumstances, such as complying with subpoenas or when your actions violate the Terms of Service.
  • Ontraport’s use and transfer to any other app of information received from Google APIs will adhere to Google API Services User Data Policy including the Limited Use requirements.
  • The Ontraport Calendar system uses Google's APIs to:
    • Read your Google login email address so we can display the account your calendars are synced to.
    • Read the first name and last name of your Google contacts and other contact information that is synced from Google to Ontraport so Ontraport can properly display event guest information and fully populate contact information (if you decide to import Google event attendees as Ontraport contacts).
    • Read your list of Google calendars so you can select individual calendars in Ontraport and so we can track calendar list changes (e.g., deleting a synced Google calendar).
    • Allow you to create, view, update and delete your Google calendar event details, including event guests and RSVP statuses, and keep this information synced between Ontraport and Google.
  • We may periodically update this policy and will notify you about significant changes in how we treat personal information by sending a notice to the primary email address specified for your account or by placing a prominent notice on our site. This includes the transfer of data in the event Ontraport is acquired by or merged with another company.
Divider Text
Ontraport reserves the right in its sole discretion to terminate or modify permission to display the logo, and may request that third parties modify or delete any use of the collateral that, in our sole judgment, does not comply with these guidelines, or might otherwise impair our rights in the logo.
  • As a general rule, third parties may not use the Ontraport logo unless approved logo artwork is provided by us.
  • The logo may not be used in any manner that might imply that any non-Ontraport materials, including but not limited to goods, services, websites, or publications, are sponsored, endorsed, licensed by, or affiliated with Ontraport.

  • The logo may not be displayed as a primary or prominent feature on any non-Ontraport materials. Companies using the logo pursuant to these guidelines must also display, in the primary and more prominent position, their own logo(s), business name, product names, or other branding.
  • The logo may not be imitated or used as a design feature in any manner.
  • The logo may not be used in a manner that would disparage Ontraport or its products or services.
  • Neither the logo nor any part of the Ontraport name (e.g., Ontra) may be used in any other company name, product name, service name, domain name, website title, publication title, or the like.
  • Non-Ontraport materials should not mimic any Ontraport advertising, product packaging, or website design.
  • The logo must be used as provided by Ontraport with no changes, including but not limited to changes in the color, proportion, or design, or removal of any words or artwork. The logo may not be animated, morphed, or otherwise distorted in perspective or appearance.
  • The logo must stand alone and may not be combined with any other object, including but not limited to other logos, words, graphics, photos, slogans, numbers, design features, or symbols. The logo must never be used to represent the word Ontraport in text, including in a headline, product-name logotype, or body copy.
  • The logo must not be incorporated or used in any manner as part of, or in close proximity to another company’s name, domain name, product or service name, logo, trade dress, design, slogan, or other trademarks.
  • The look and feel of the Service is copyright ©1999-2016 Ontraport, All rights reserved. You may not duplicate, copy, or reuse any portion of the application.
  • Ontraport further reserves the right to object to unfair uses or misuses of its trademarks or other violations of applicable law. For real, don’t mess with the logo or our trademarked name.
Divider Text
Partnership Agreements
By agreeing to receive commissions, you agree to Terms and Rules discussed herein. This Agreement is between Ontraport (“affiliate manager,” “us,” “we,” or “our”) and the Partner (“the referrer,” “you,” “your” or “partner”). We are independent parties and this agreement will not form any partnership. This agreement will begin upon your first accepted commission (“Effective Date”) and will end when terminated by either party. Termination may happen at any time, with or without cause, by giving the other party written notice of termination.

  • The referral program is available to current Ontraport clients, active Certified Experts, active Agency Partners and approved applicants to the Partner Program only.
  • Commissions are earned at a rate of 25%, of the paid “package” subscription, to the “last referrer” noted on the customers affiliate link at the time of their first purchase unless otherwise stated in your Agency Partner agreement.
  • Packages consist of the base level plans listed on and do not include add-ons, user seats, messages or any other Ontraport products.

  • Earned commissions will be approved and paid one week after referred accounts pass their refund period. We have the right to change our refund policy at any time, and, if we do, the commissions will be adjusted accordingly.
  • Approved commissions over $100 will be paid out each week on Fridays via Paypal.
  • NO COMMISSIONS can be earned on your own account.  No self-referring for the sole purpose of getting a discount.
  • The Referrer (Partner) and Referee may not be immediate family members, and must reside at different addresses.
  • We will monitor, track and audit referrals submitted for accuracy and to prevent fraud. We reserve the right to clawback paid commission, exclude you from earning commissions and forfeit any partner rewards should we find any errors or agreement violations.
  • We will manually add you as the referral partner, per your request, if the client doesn’t sign-up with your affiliate link and all of the following requirements are met:
    • You — the referrer — must make the request within 30 days of the first account payment by the referred account.
    • You must be a current client, active Certified Expert or active Agency Partner.
    • The account owner of the referred account must respond to our inquiry to confirm you referred them.
    • The referred account does not currently credit another partner.
  • In order to claim approved commissions you must have a valid Paypal account.
  • All unclaimed approved commissions older than six months, will be canceled.
  • You can download your 1099 from Paypal for United States taxes.
  • By posting a change notice, we may modify any of the terms and conditions within this Agreement at any time and at our sole discretion. If any of the modifications are unacceptable to you, your only recourse is to terminate this Agreement. Continued participation in the program 30 days following the posting will be considered as your acceptance of the change.
Divider Text
Ontraport Affiliate PPC Rules
1. Search Engines
Bidding is allowed on Google and Bing/Yahoo with a few restrictions listed herein. Bidding on Ask, Facebook, Twitter, Find What and other search engines and social media sites is permitted with no restrictions on Ontraport trademarked terms. Clause 3 below (Competitor Terms) in the PPC Policy must be followed on all pay-per-click search engines and advertisements.
2. Ontraport and Manufacturer Trademarks
  • Affiliates may not bid on Ontraport trademark terms on Google and Bing/Yahoo, including international versions.
  • There are no trademark restrictions with Ontraport trademarks on Ask, Find What, Facebook, and other pay-per-click search engines.

  • Affiliates MAY NOT use in the display URL at any PPC search engine or various content network sections. Alternative spellings of our domain name are also not permitted, including but not limited to,,, etc. See direct linking policy below for additional information.
  • Affiliates are permitted to use Ontraport trademarks in the URL to the right of the domain in the display URL. Example:
  • Affiliates may not include "Official Site" or make representations that your advertisement is from Ontraport.
  • Affiliates may not bid on Ontraport + "term" on Google and Bing/Yahoo. Example: Ontraport reviews, Ontraport discounts, etc.
  • You may bid on manufacturer specific terms, although, some manufacturers have blocked the use of their terms on various search engines without prior permission.
  • Ontraport terms include all of the following and any potential misspellings not shown here:
    • www.ontraport
    • ONTRApages
    • ONTRAPORT Pages
    • Ontra port
    • Ontra-port
    • Entreport
    • Entraport
  • Affiliates may bid on manufacturer specific terms, although some manufacturers have blocked the use of their terms on various search engines without prior permission.
3. Direct to Merchant / Landing Pages
  • Direct-to-merchant linking is not permitted on Google and Yahoo/Bing. Affiliates may not use our URL in the display URL on any PPC advertisement.
  • Domain misspellings are not allowed in the display URL on any advertisement including but not limited to,,, etc.
  • Affiliates bidding on Ontraport trademarks may not use a landing page that includes advertisements for competitors.
4. Geo-targeting and Dayparting
  • Geo-targeting is allowed on all search engines as long as policies regarding display URL, competitor terms and trademarks are followed.
  • Dayparting is allowed on all search engines as long as policies regarding display URL, competitor terms and trademarks are followed.
  • Using geo-targeting and dayparting to avoid enforcement of the Ontraport PPC Policy is strictly prohibited and grounds for immediate removal and reversal of all commissions up to 30 days prior to the date of the PPC violation.
  • International geo-targeting is allowed as long as the advertisement is truthful in the Ontraport international policies.
  • International affiliates may not use a Ontraport display URL on any search engine, including but not limited to, and any related misspellings.
5. Ad Copy Restrictions
  • Truth in advertising: Affiliates are required to be truthful about any advertisement representing Ontraport.
  • Do not represent your advertisement as an official or endorsed Ontraport advertisement or site.
6. Exclusions, Penalties and Notifications
  • Ontraport reserves the right to exclude any or all of our PPC policy for individual affiliates at our sole discretion.
  • Excluded affiliates are required to agree via signed contract to any exclusion permitted herein. Do not assume exclusion via verbal or written communication.
  • Affiliates receive one warning and are given 48 business hours to comply with any PPC violations. A second violation will result in termination of the affiliate relationship and may be cause for reversal of past commissions earned up to 30 days prior to the second violation. See below exceptions to this policy.
  • Affiliates found using geo-targeting or dayparting features on search engines to avoid enforcement of the Ontraport PPC Policy will be immediately removed from the Ontraport affiliate program, have all commissions reversed up to 30 days prior to the violation date and be immediately reported to the Affiliate Network for investigation.
  • Affiliates found in breach of the PPC Policy and Terms of Service regarding competitor terms will be immediately removed from the program, have all commissions reversed up to 30 days and be subject to a $5,000 penalty.
  • From time to time, Ontraport may review the PPC policy for changes in the way search engines operate or changes in Ontraport philosophy. Any changes made to the PPC Policy will be announced via the Ontraport Partner Center and posted on the Ontraport legal website. Affiliates are given no less than seven business days to comply with any new PPC terms before a first violation is cited on the affiliate's account.
Reporting Violations

Violations of the Ontraport PPC Policy may be reported to Please have all applicable proof in your email, including but not limited to screenshots of the ad, geographical location of the ad, URL/network tracking information and the search engine where the ad was found.

This Agreement will be governed by the laws of the United States and the state of California. Any action relating to this Agreement must be brought in the Federal or State courts located in Santa Barbara, California, and you irrevocably consent to the jurisdiction of such courts. You may not assign this Agreement, by operation of law or otherwise, without our prior written consent. Subject to that restriction, this Agreement will be binding on, inure to the benefit of, and enforceable against the parties and their respective successors and assigns. Our failure to enforce your strict performance of any provision of this Agreement will not constitute a waiver of our right to subsequently enforce such provision or any other provision of this Agreement. By submitting this Partner Agreement form, you acknowledge that you have read this agreement and agree to all its terms and conditions. You have independently evaluated this program and are not relying on any representation, guarantee, or statement other than as set forth in this agreement.

Divider Text
GDPR, Privacy Shield and Ontraport
What is GDPR?

GDPR (General Data Protection Regulation) is a new set of rules - effective beginning May 25, 2018 - imposed by the European Union on all organizations worldwide that collect or process data about EU citizens.

It’s a complicated set of regulations, and we are not attorneys so you’ll want to do your own research on GDPR compliance and handle it appropriately for your organization.

This section outlines Ontraport’s compliance with our part of GDPR, and the ways in which we help you comply with your part.

What is GDPR?

GDPR imbues EU citizens with several new rights regarding their personal data and privacy. Some of them relate to how you manage the data you store in your Ontraport account. These include:

  • Right of access: Individuals can ask to see the information you have stored about them. You can honor those requests by exporting their contact data on request and sending it to them.
  • Right to recertification: Individuals can ask to have the data you store about them updated. You can honor those requests with forms or by manually updating their data in Ontraport.
  • Right to erasure: Individuals can ask to have their data erased. You can honor those requests by deleting their records in Ontraport.
  • Right to restrict processing: Individuals can ask you to stop processing their data. When they do, all you’ll be allowed to do with that data is to store it. For simplicity's sake, we’d recommend deleting the data of contacts who exercise this right.
  • Right to data portability: Individuals can ask to have their data sent to another Data Controller. You can honor those requests by sending the data via CSV after export from Ontraport.
Your other responsibilities as a Data Controller

GDPR imposes other responsibilities on Data Controllers (that’s you) including, but not limited to, sharing your privacy policy and letting people know how you’ll use their data before you collect it. Your attorney can advise you on the full scope of your responsibilities as a Data Controller.

Please note that as part of Ontraport’s Terms of Service, you indemnify Ontraport for any legal responsibility arising out of your failure to comply with GDPR.

Our responsibilities as a Data Processor

As a technical services provider who stores the personal information of EU citizens on behalf of Data Controllers, we have certain responsibilities under GDPR which we comply with, including:

  • Managing Data Processing - Ontraport has clear documentation on where our data comes from, how it is stored, and where it goes after we get it. Ontraport will only process personal data on instructions from the controller, and inform the controller if it believes said instruction infringes on the GDPR (28.3)
  • Accountability and Governance - Ontraport will maintain all applicable PCI-DSS requirements to the extent that we possess, store, process, or transmit cardholder data on behalf of the customer, or to the extent that we could impact the security of the customer's cardholder data environment. As a PCI-compliant handler of sensitive consumer data, Ontraport is subject to — and adheres to — incredibly strict and detailed physical, technical and organizational data management and security policies. Ontraport takes extraordinary steps to secure your data, ensure stability and uptime, manage data backup and disaster recovery, and regularly test security (32.1)
  • Authorized Use of Sub-processors - Ontraport uses sub-processors as a routine part of offering our service. It is our responsibility to ensure our subcontractors comply with GDPR, and we will comply with those rules. As a Data Controller, your agreement to our use of sub-processors is part of our legal Terms of Service and required to be an Ontraport user. We maintain a list of sub-processors here for your review: Amazon Web Services, Google, Pendo, UnitedLayer, FullStory, and any payment gateway that you connect to your account. (28.2)
  • Maintain Records of Processing Activities - Ontraport is unique in the level of detail we record and display to you about data processing activity in your account. Learn more about the automation log here. (30)
  • Notification of Breach - Ontraport will comply with the GDPR with respect to any data breach.  (33.2)

If you have any questions regarding Ontraport’s compliance with GDPR, feel free to contact us at

Divider Text
Privacy Shield Policy

Despite the EU Court decision of 2020,  Ontraport continues to comply with the EU-U.S. Privacy Shield Framework and the Swiss-U.S. Privacy Shield Framework(s) as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and/or Switzerland to the United States. Ontraport has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification, please visit

Authorized Use of Sub-processors - Ontraport uses sub-processors as a routine part of offering our service. It is our responsibility to ensure our subcontractors comply with GDPR, and we will comply with those rules. As a Data Controller, your agreement to our use of sub-processors is part of our legal Terms of Service and required to be an Ontraport user. We maintain a list of sub-processors here for your review: Amazon Web Services, Liquid Web, UnitedLayer, FullStory, Google, Segmetrics and any payment gateway that you connect to your account. (28.2)

Data Processing Agreement and Standard Contractual Clauses

In response to the EU Court decision of 2020 which invalidated Privacy Shield as an acceptable basis for the transfer of customer data outside the EU, Ontraport has adopted and integrated the following Data Processing Agreement and Standard Contractual Clauses into our legal Terms of Service.

By continuing to use Ontraport services, both the client and Ontraport agree to the terms outlined in that document which can be found here.

Responsibilities and Management

Ontraport has designated our legal department to oversee compliance with the EU and Swiss Privacy Shield program and the GDPR. This team shall review and approve any material changes to this program as necessary. Any questions, concerns, or comments regarding this Policy also may be directed to

Ontraport will maintain, monitor, test, and upgrade information security policies, practices, and systems to assist in protecting the personal data that it collects. Ontraport personnel will receive training, as applicable, to effectively implement this Policy.

Collection and Use of Personal Data

Ontraport provides various products services to its customers, some of whom are EU citizens. Ontraport collects personal data from individuals when they purchase our products, fill out a form on our website, log in to their account, complete surveys, request information or otherwise communicate with us. For example, Ontraport customers may choose to seek live support or post to a message board.

The personal data that we collect may vary based on the customer’s interaction with our website and request for our services. Generally, Ontraport collects contact information, including names, email and physical addresses, phone numbers, company names and more. We also collect payment information including credit card information. Customers have the option to log into their accounts online and to request service online, including through a live support option; we will collect information that they choose to provide to us through these portals.

When Ontraport customers or non-customers use our services or website online, we will collect their IP address and browser type, along with contact information and any other information that the person chooses to submit through our website.

The information that we collect from customers is used for selling the products and services they buy from us, managing transactions, reporting, invoicing, renewals, and other operations related to providing services and products to our customers.

Ontraport also serves its customers as a service provider. In our capacity as a service provider, we will receive, store, and/or process personal data. In such cases, we are acting as a data processor and will process the personal information on behalf of and under the direction of our partners and/or agents. The information that we collect from our customers in this capacity is used for managing transactions, reporting, invoicing, renewals, and other operations related to providing services to our customers.

Ontraport uses the personal data that we collect from our customers for the following business purposes, without limitation:

  • maintaining and supporting our products, delivering and providing the requested products/services, and complying with our contractual obligations (including managing transactions, reporting, invoices, renewals, and other operations related to providing services to a customer);
  • satisfying governmental reporting, tax, and other requirements (e.g., import/export);
  • storing and processing data in computer databases and servers located in the United States;
  • verifying identity (e.g., for online access to accounts);
  • as requested by our customers;
  • for other business-related purposes permitted or required under applicable local law and regulation;
  • and as otherwise required by law.

Ontraport does not disclose personal information to third parties for purposes that are materially different than what it was originally collected for. Should this change in the future, we will provide individuals with the option to opt out.

Disclosures and Onward Transfer of Personal Data

Ontraport discloses personal data only to third parties who reasonably need to know such data only for the scope of the initial transaction and not for other purposes. Such recipients must agree to abide by confidentiality obligations.

Ontraport may provide personal data to third parties that act as agents, consultants, and contractors to perform tasks on behalf of and under our instructions. For example, Ontraport may store such personal data in the facilities operated by third parties, such as those mentioned in the GDPR section above this Policy. Such third parties must agree to use such personal data only for the purposes for which they have been engaged by Ontraport and they must either:

  • comply with the Privacy Shield principles or another mechanism permitted by the applicable EU & Swiss data protection law(s) for transfers and processing of personal data
  • or agree to provide adequate protections for the personal data that are no less protective than those set out in this Policy

Ontraport may be required to disclose an individual's personal information in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Ontraport is liable for appropriate onward transfers of personal data to third parties.

Ontraport does not collect Sensitive Data from its customers.

In the case of an onward transfer of your data, Ontraport bears responsibility for the processing of personal information it receives under the Privacy Shield and subsequently transfers to a third party acting as an agent on its behalf. Ontraport shall remain liable under the Principles if our agent processes such personal information in a manner inconsistent with the Principles, unless we prove that it we are not responsible for the event giving rise to the damage.

Data Integrity and Security

Ontraport uses reasonable efforts to maintain the accuracy and integrity of personal data and to update it as appropriate. Ontraport has implemented physical and technical safeguards to protect personal data from loss, misuse, and unauthorized access, disclosure, alteration, or destruction. For example, electronically stored personal data is stored on a secure network with firewall protection, and access to Ontraport's electronic information systems requires user authentication via password or similar means. Ontraport also employs access restrictions, limiting the scope of employees who have access to personal data.

Further, Ontraport uses secure encryption technology to protect certain categories of personal data. Despite these precautions, no data security safeguards guarantee 100% security all of the time.

Ontraport personnel may access and use personal data only if they are authorized to do so and only for the purpose for which they are authorized.

Right to Access, Change, or Delete Personal Data
  • Right to Access - Customers have the right to know what personal data about them is included in the databases and to ensure that such personal data is accurate and relevant for the purposes for which Ontraport collected it. Customers may review their own personal data stored in the databases and correct, erase, or block any data that is incorrect, as permitted by applicable law and Ontraport policies. Upon reasonable request and as required by the Privacy Shield principles, Ontraport allows customers access to their personal data in order to correct or amend such data where inaccurate. Customers may edit their personal data by logging in to their account profile or by contacting Ontraport by phone or email. In making modifications to their personal data, Data Subjects must provide only truthful, complete, and accurate information. To request erasure of personal data, customers should submit a written request to
  • Requests for Personal Data - Ontraport will track each of the following and will provide notice to the appropriate parties under law and contract when either of the following circumstances arise: (a) legally binding request for disclosure of the personal data by a law enforcement authority unless prohibited by law or regulation or (b) requests received from the Data Subject. If Ontraport receives a request for access to his/her personal data from a customer, unless otherwise required under law or by contract with such customer, Ontraport will refer such Data Subject to the customer.
  • Satisfying Requests for Access, Modifications, and Corrections - Ontraport will endeavor to respond in a timely manner to all reasonable written requests to view, modify, or inactivate personal data.
Privacy Shield Policy

This policy may be amended from time to time, consistent with the Privacy Shield Principles and applicable data protection and privacy laws and principles. We will notify our customers if we make changes that materially affect the way we handle personal data previously collected, and we will allow them to choose whether their personal data may be used in any materially different manner.

Questions, Complaints, Dispute Resolution

In compliance with the Privacy Shield Principles, Ontraport commits to resolve complaints about our collection or use of your personal information.  European Union and Swiss individuals with inquiries or complaints regarding our Privacy Shield policy should first contact Ontraport at:

Ontraport has further committed to refer unresolved Privacy Shield complaints to the EU data protection authorities, an alternative dispute resolution provider located in the EU. If you do not receive timely acknowledgment of your complaint from us, or if we have not resolved your complaint, please visit this link to find contact information for your local Data Protection Authority or contact the Swiss Federal Data Protection and Information Commissioner for more information or to file a complaint.  The services of these EU DPAs and the Swiss Commissioner are provided at no cost to you.

Ontraport commits to cooperate with the panel established by the EU data protection authorities (DPAs) and/or the Swiss Federal Data Protection and Information Commissioner and to comply with the advice given by the panel and/or Commissioner with regard to human resources data transferred from the EU or Switzerland.

The Federal Trade Commission has jurisdiction over Ontraport’s compliance with the Privacy Shield.


As a last resort and in limited situations, EU and Swiss individuals may seek redress from the Privacy Shield Panel, a binding arbitration mechanism.

An individual who decides to invoke this arbitration option must take the following steps prior to initiating an arbitration claim: (1) raise the claimed violation directly with the organization and afford the organization an opportunity to resolve the issue within the timeframe set forth in Section III.11(d)(i) of the Principles; (2) make use of the independent recourse mechanism under the Principles, which is at no cost to the individual; and (3) raise the issue through their Data Protection Authority to the Department of Commerce and afford the Department of Commerce an opportunity to use best efforts to resolve the issue within the timeframes set forth in the Letter from the International Trade Administration of the Department of Commerce, at no cost to the individual. This arbitration option may not be invoked if the individual’s same claimed violation of the Principles (1) has previously been subject to binding arbitration; (2) was the subject of a final judgment entered in a court action to which the individual was a party; or (3) was previously settled by the parties.

In addition, this option may not be invoked if an EU Data Protection Authority or the Swiss Commissioner (1) has authority under Sections III.5 or III.9 of the Principles; or (2) has the authority to resolve the claimed violation directly with the organization.

Divider Text
Sandbox Accounts

Ontraport Sandbox accounts are a complimentary service. However, charges will incur if usage from SMS or other messaging services are generated during testing.

Sandbox accounts may not be used for marketing, processing genuine customer data, processing real ecommerce transactions or running partner or affiliate programs.

  • For developers who are creating public-facing integrations with Ontraport, there are no time limits on your Sandbox Account.
  • For our Ontraport Experts, Sandbox accounts will be active for as long as your certification is valid.
Nonprofit Accounts

To be approved for an Ontraport Nonprofit Account, you must have proof of your 501(c)(3) status. If approved, the nonprofit discount will be 50% off your first year, then 20% off thereafter for the lifetime of your account, as long as your 501(c)(3) status is intact.

Turn your business on with Ontraport.

About Ontraport
Partners & Integrations
Getting Started