This privacy statement (“Privacy Statement”) explains how Sprouter, LLC (“Sprouter,” “we,” “us,” or “our”) collects, uses, discloses, and safeguards personal information in connection with the Sprouter websites, mobile applications, and related services (collectively, the “Services”). By using the Services, you agree to the practices described in this Privacy Statement and our Terms and Conditions.
If you use the Services, your use and any dispute over privacy is subject to this Privacy Statement and our Terms and Conditions, including limitations on damages, agreement to arbitration, and application of Delaware law.
Sprouter is a customizable profile and events platform that helps individuals and businesses promote their content and, if they choose, monetize through features such as paid events and payouts to organizers. For financial features, Sprouter partners with regulated financial institutions and payment providers. Sprouter is not a bank and does not take beneficial ownership of user funds.
We are headquartered in St. Paul, Minnesota and have offices in Scottsdale, Miami, and Los Angeles. For more information about Sprouter, please see the “About US” section of our Website at https://getsprouter.com/about-us.
We collect the following types of information from our users:
Personal Information You Provide to Us Voluntarily:
We collect information you submit to the Services or authorize us to obtain, such as full name, email address, phone number, user name(s), preferences, and any content you upload. If you opt into marketing, we collect your marketing preferences (email/SMS) and honor your opt-out choices.
Financial features (selling tickets, receiving payouts, requesting a debit card, or opening a funds-holding sub-account) require additional information for identity verification and compliance, which may include: legal name, date of birth, residential address, SSN/TIN, government ID details and images, citizenship, business information (e.g., legal entity, EIN, beneficial owners), and information about your expected activity (e.g., volumes, refund/chargeback policies).
Personal Information Collected Automatically:
We receive and store certain types of usage information automatically whenever you interact with the Services. For example, Sprouter may automatically receive and record information such as device type and identifiers, IP address, browser information, app version, broad geolocation (e.g., country/region), time zone, usage & diagnostic data, and other technical data. If you connect social media accounts, we may receive limited profile information you authorize (e.g., display name, profile photo, account ID). We use this information to promote safety and security (including fraud prevention), to communicate with you, to provide analytics, and to personalize the experience. We may also share aggregated, de-identified insights with partners. We may receive data on how your device has interacted with our Application to improve quality.
Additionally, we may undertake automatic scanning of user profiles and links to determine whether mandatory or default sensitive content warnings should be applied to users who wish to access the relevant content, and to determine if content should be removed for violation of our Terms of Service.
Personal Information Collected from Third Parties
We may receive personal information about you from third-party sources where legally permitted, including identity verification vendors, sanctions-screening and fraud/risk platforms, payment processors, program banks/card issuers, analytics providers, and marketing partners (for example, to verify identity, assess risk, process transactions, measure performance, or comply with AML/OFAC obligations).
Children’s data
Sprouter services are not intended for use by children under the age of 13. If you are under the age of 13, please do not use the Application or other Sprouter services and do not provide Sprouter with your personal information. If you are a parent or guardian of a child under 13 and you are aware that they have provided Sprouter with personal information, please contact us (https://getsprouter.com/contact/).
Sprouter uses the information described in this Privacy Statement to:
Our legal basis for collecting and using personal information described above will depend on the personal information concerned and the specific circumstances in which we collect it.
We will normally collect personal information from you only where we have your consent, where we need the personal information to perform a contract with you, or where the processing is in our legitimate interests and not overridden by your data protection interests or fundamental rights and freedoms. In some cases, we may also have a legal obligation to collect personal information from you (e.g., KYC/AML/sanctions screening and required recordkeeping), or may otherwise need the personal information to protect your vital interests or those of another person.
If we ask you to provide personal information to comply with a legal requirement we will make this clear at the relevant time and advise you whether the provision of your personal information is mandatory or not (as well as of the possible consequences if you do not provide your personal information). As indicated above, we require certain personal information to enter into a contract with you as a Sprouter user. Without your personal information, we will be unable to provide you with all Sprouter services available.
If we collect and use your personal information in reliance on our legitimate interests (or those of any third party), this interest will normally be to develop and improve the Services, to provide additional functionality, to ensure appropriate security or to implement sensitive content warnings and content moderation. We may have other legitimate interests, and if appropriate, we will make clear to you at the relevant time what those legitimate interests are.
If you have questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us using the contact details provided under the “Contact” heading (https://getsprouter.com/contact/).
In order to collect and use personal information about you, Sprouter uses cookies and other similar tracking technologies (hereinafter referred to as “Cookies”). For additional information, please view our Cookie Notice.
Opt-out preference signals: Where required by law, we recognize and honor browser- or device-based opt-out signals for “sales/sharing” or targeted advertising (e.g., Global Privacy Control). These choices apply to the browser that sends the signal.
Cookie Policy/Notice: By using Sprouter you are agreeing to our use of Cookies as detailed hereinafter. While cookies themselves do not contain any information that personally identifies you, personal information that we store about you may be linked, by us, to the information stored in, and obtained from, Cookies. The Cookies used by Sprouter include those which are strictly necessary for access and navigation, that track usage (performance cookies), remember your choices (functionality cookies), and that provide you with targeted content or advertisements.
We may use the information we obtain from your use of our Cookies for the following purposes:
Cookie management
We may use both persistent and session cookies on Sprouter properties. Cookies on our site include:
Functional
This Cloudflare cookie is used to support Cloudflare Bot Management
This Vimeo cookie is essential for the site to play videos
Performance
This Active Campaign cookie denotes that traffic is enabled for the website
This Bing Ads cookie engages with users that have previously visited the site
This Bing Ads cookie engages with users that have previously visited the site
This Microsoft Advertising cookie sets a unique ID for visitors
Analytics
This Google Analytics cookie anonymously stores site usage and visitation information
This Google Analytics cookie anonymously stores data on how visitor’s use a website and the performance of the website
This cookie set by Google Analytics and Google Tag Manager allows website owner’s to track visitor behavior and measure site performance.
This Vimeo cookie collects tracking information from embed videos on the website
This cookie set by Microsoft Clarity tracks the first time Clarity saw this user on any site using Clarity.
This cookie set by Microsoft Clarity stores a unique user ID
This cookie set by Microsoft Clarity synchronizes the MUID cookie across Microsoft domains.
This cookie set by Microsoft Clarity stores and combines pageviews by a user into a single session recording.
Advertisement
This cookie recognizes unique web browsers visiting Microsoft sites.
This cookie displays advertisements to users whenever on a digital platform powered by Facebook advertising
This cookie displays relevant advertisements to users by tracking user behavior across the web, on sites that have Facebook pixel or plugin
This cookie, set by Bing, stores a user’s session ID and verifies clicks on advertisements from the Bing search engine
Pixel Partners: Additionally, Sprouter collects personal information through the use of Pixels. Our Pixel partners are as follows.
APPLICATION PARTNER TREATMENT OF PERSONAL INFORMATION
We host the Services on cloud providers (e.g., AWS). These providers process data on our instructions to deliver the Services; this Privacy Statement—not the cloud provider’s policy—governs how Sprouter handles your personal information. For certain financial features, program banks, card issuers, and payment processors also process personal information. In some cases (e.g., providing regulated banking or issuing services), they may act as independent controllers under their own privacy notices, which will be presented or linked when you enable those features.
Sprouter does not sell personal information. We share personal information as described below to operate the Services and financial features:
Card payments facilitated through Sprouter are processed by our acquiring and card-processing partners and/or a program bank/card issuer (together, the “Card Partners”). Sprouter does not collect or store full primary account numbers (PAN), track data, or CVV/CVC on Sprouter systems. Card data you submit is sent directly to the Card Partners and is handled in accordance with PCI DSS. Card Partners typically tokenize card data for subsequent authorized uses (for example, refunds or reversals).
Sprouter may store limited card metadata—such as last four digits, expiration month/year, card brand, and processor/network tokens—along with transaction receipts and dispute/refund records, to provide support, reconciliation, fraud prevention, risk management, and compliance.
If a debit card is issued to you, the card is issued by a participating bank. Your use of any card is governed by that issuer’s cardholder agreement and privacy notice in addition to this Privacy Statement. As program manager/co-brand, Sprouter may receive transaction metadata (e.g., timestamps, merchant category code, amount) from the issuer/processor for customer support, program administration, compliance, and risk purposes. Sprouter does not receive or store full card numbers for issued cards on Sprouter systems.
If you link a bank account (e.g., for payouts), the account and routing numbers are collected and stored by our banking and payments partners and/or tokenization providers. Sprouter may store tokens or masked identifiers (such as last four and bank name) but not your full bank account number in plaintext. Partners encrypt data in transit and at rest and retain it as required for processing, compliance (including KYC/AML and sanctions screening), and recordkeeping.
You may request removal of stored payment methods or tokens through your account or by contacting support; removal does not affect information our banking/issuing/processing partners must retain under applicable law or network rules.
Our Services may permit you to link to other applications or websites. Such third-party applications/websites are not under Sprouter’s control, and such links do not constitute an endorsement by Sprouter of those other applications/websites or the services offered through them. The privacy and security practices of such third-party applications/websites linked to the Services are not covered by this Privacy Statement, and Sprouter is not responsible for the privacy or security practices or the content of such websites. You may refer to our Terms and Conditions for further details at the following link: https://getsprouter.com/terms/.
Your data may be transferred, accessed, and stored globally as necessary in accordance with this Privacy Statement. Where required, we use lawful transfer mechanisms (such as EU Standard Contractual Clauses and the UK addendum) and implement appropriate safeguards. Sprouter shall ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws, including but not limited to U.S. state privacy laws and the GDPR for data transferred within or outside of the European Economic Area (EEA).
Sprouter allows you to directly access the following information about you for the purpose of viewing, and in certain situations, updating that information. This list may change in the event our Services change.
– Account and user profile information
– User email address, if applicable
– User social media profile information
– User preferences
– Application specific data
Additionally, you could have additional data protection rights depending on the country or state you reside in and the applicable privacy laws.
If you are a resident of the UK or the European Economic Area you may have additional rights that apply to you, these rights include:
You can view your full legal rights under GDPR here (https://gdpr-info.eu/)To exercise these rights you may contact Sprouter at https://getsprouter.com/contact/ and we will respond to your request in accordance with applicable data protection laws. Please note that you have the right to complain to your relevant supervisory authority (in the UK, this is the Information Commissioner's Office) if you are concerned about the way we have processed your personal information. Please visit your relevant supervisory authority’s website for further information.
If you are a resident of a state, country, or territory where additional rights are granted to you via regulation, Sprouter will take steps to enable you to enact those rights where possible. If you would like to enact such a right, please contact support@getsprouter.com with your country of residence and the action you would like to be taken.
We will retain your personal information for the period necessary to provide you with Sprouter services and for legitimate and essential business purposes, and in accordance with applicable legal and regulatory requirements.
Unless different retention is required by law or program rules:
When a user decides to delete an account with Sprouter, we no longer need social media tokens and similar information and delete that data after 60 days. When a user removes a linked social media account on Sprouter, we remove that data upon the user’s request. Personal information needed to provide services will be retained as long as you maintain an account with us or as needed to provide you with the services, after which it will be deleted or de-identified in accordance with our policies.
We are committed to protecting personal information and implement appropriate technical and organizational measures designed to safeguard it against unauthorized access, use, alteration, and destruction. These measures include, as appropriate: encryption in transit and at rest, least-privilege and role-based access controls, network segmentation, audit logging and monitoring, key management, secure software development and change management, vulnerability management, employee training and access reviews, and vendor risk management. We limit access to personal information to employees and service providers with a legitimate business need.
Your password protects your Sprouter account. Use a unique, strong password and keep your devices and browsers secure. Where available, we encourage enabling multi-factor authentication.
For card and bank features provided through our banking, issuing, and processing partners, card data and bank account numbers are handled in accordance with applicable standards (e.g., PCI DSS) and partner policies. Sprouter does not store full card numbers or CVV/CVC on Sprouter systems.
We maintain an incident response process. If we become aware of a personal-information breach, we will investigate and, where required by law, notify you and applicable regulators without undue delay, taking steps to mitigate potential harm.
We may amend this Privacy Statement from time to time. The “last modified” date will be updated when changes are posted. If we make material changes (for example, new categories of personal information or new uses that are materially different), we will provide advance notice (e.g., email or in-product notice), typically at least 30 days before the effective date, unless earlier implementation is required by law or for new features that require acceptance. Your continued use of the Services after the effective date constitutes acceptance of the updated Privacy Statement.
If you have any questions or concerns regarding privacy on our Services, please send us a detailed message at support@getsprouter.com. We will make every effort to resolve your concerns promptly and transparently.
The following section provides supplemental information to California residents, whose personal information we have collected. This section applies to the personal information we collected from California residents during the 12 months prior to the effective date of this Privacy Statement, depending on interactions with us.
1. Collection and Use of Personal Information
(a) Categories of Personal Information We Have Collected:
There may be additional information that we collect that meets the definition of personal information under California law but is not reflected in a category, in which case we will treat it as personal information as required under California law, but will not include it when we are required to describe our practices by category of personal information.
(b) Categories of Sources of Personal Information that We Collect:
2. Categories of Personal Information Disclosed
We may disclose the following categories of personal information to service providers for a business purpose, or, at your direction, with third parties such as sponsors of promotions, sweepstakes, or contests. We have disclosed the following:
Category of Personal Information Disclosed for a Business Purpose:
Categories of Recipients:
We do not sell personal information and we do not believe that our sharing of information would qualify as a sale under California law.
For the avoidance of doubt, we also do not sell personal information of individuals under 16 years of age.
3. Privacy Rights
(a) Right to Know
You have the right to request that we disclose to you the following information about personal information we collect from you:
(b) Right to Request Deletion of Personal Information
You have the right to request the deletion of your personal information collected or maintained by us, subject to certain exceptions permitted by law. If you would like to have your user data deleted, you should submit a request to support@getsprouter.com. We will respond to your request within 24 hours, as well as delete all of your user data within 30 days.
(c) Right to Opt-Out of Sale of Personal Information
As mentioned above, we do not sell personal information and we do not believe that our sharing of information would qualify as a sale under California law. Nonetheless, if you are a California resident who has purchased products or services from us, you may submit a request to record your preference to opt out by emailing us at support@getsprouter.com.
(d) Right to Non-Discrimination
You have the right to not be treated in a discriminatory manner for exercising your privacy rights. We do not use the fact that you have exercised or requested to exercise any privacy rights for any purpose other than facilitating a response to your request.
4. Exercising Your California Privacy Rights
To exercise your rights, you can contact us:
Once we receive your request, we are required to verify that you are the person that is the subject of the request. This verification process consists of matching identifying information provided by you with the information we have about you in our records. Upon making a request, you will be asked to provide your name, email address, and request details. A confirmation email will be sent to the email address you provide to begin the process to verify your identity. If we cannot verify your identity, we will not be able to respond to your request.
You may designate an authorized agent to exercise any of the above privacy rights on your behalf, subject to the agent request requirements under California law.
Please note, for your safety and security, we will require authorized agents to provide proof of consent and designation of the authorized agent for the purpose of making the request, and will require authorized agents to provide information necessary to verify the identity of the individual who is the subject of the request. We may also require that an individual verify his/her own identity directly with us before we respond to an authorized agent’s request.
We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.
5. Do Not Track
California law requires us to let you know how we respond to web browser Do Not Track (DNT) signals. Because there currently isn’t an industry standard for recognizing or honoring DNT signals, we do not respond to them at this time.
6. California’s Shine the Light law
We do not share personal information with third parties for their direct marketing purposes absent your consent as defined by California Civil Code Section 1798.83 (“Shine the Light law”). To opt-out of future sharing with third parties for their direct marketing purposes, contact us at support@getSprouter.com. Any such request must include “California Privacy Rights Request'' in the first line of the description and include your name, street address, city, state, and ZIP code. Please note that we are only required to respond to one request per customer each year.
7. Changes
We reserve the right to change this Supplemental Information for California Residents from time to time. Changes shall become effective on the date they are posted.
For residents of states with comprehensive privacy laws (e.g., CO, CT, DE, FL, IN, IA, MT, OR, TN, TX, UT, and others as they become effective):
Headquarters-
3104 East Camelback Road #852
Phoenix, AZ 85016
Email-
