Our privacy policy was last updated on 08-15-2022.

Please read this policy carefully before using our service.


Osortoo and its Affiliates are committed to protecting your privacy. To better protect your privacy, we provide this Privacy Policy explaining our practices regarding your online information and the choices you can make about the way we use and collect your information.

By using or accessing Osortoo, you agree and acknowledge that you have read and understand this Policy, and acknowledge and consent to the learning, collection and use of your personal information as described in this Policy. If you do not agree with any part of this Policy, you are prohibited from using or accessing Osortoo.


This policy contains and explains the following:

  • Types of users;
  • Types of information collected;
  • The information we obtain from your use of our services;
  • How we use your information;
  • Additional information related to specific types of users;
  • How we share information;
  • Cookies, Pixels and Tracking;
  • How you can access or correct your information;
  • Our commitment to the EU-US Privacy Shield;
  • Security;
  • Children’s Privacy;
  • Storage and Processing;
  • Changes to our privacy policy.

Types of users:

As an Osortoo user you may fall into different categories. Determine your role using the definitions below to better understand the parts of this privacy policy that are most relevant to you.

a. Customer

You have an Osortoo account to access your admin dashboard for our suite of services, including campaigns, social tabs, posts and advertising.

b. Attendee

You visit a landing page, submit a public entry, submit information or otherwise participate in a campaign, such as a contest, survey or form created by one of our clients.

c. User of a third party application: 

You grant permission for information to a third-party login application created and controlled by Osortoo as part of a campaign, such as on Facebook, Instagram, Youtube, Google or others.

d. Website visitor: 

You are visiting one of our websites.

Types of information collected:

  • Information you provide

a. Personal information.

 For example, name, email address, phone number, address and other contact information when you create an Osortoo account, submit a form or grant permissions in a third-party application.

b. Billing information.

We use stripe and PayPal as payment method, no banking information such as your credit card number is stored in our database

c. Information on social network pages. 

For example, the list of pages you manage on Facebook, Instagram or Youtube and the information allowed to our application to these pages.

d. Third party information. 

For example, access tokens and information related to third-party accounts such as Instagram, Facebook and Youtube that you have connected to Osortoo.

e. Settings and account information.

For example, preferences such as default language, time zone, communication preferences and other information you submit to Osortoo in the course of using our services.

f. Campaign data.

If you are a Customer, we collect and store your campaign information on your behalf.

g. Customer testimonials.

 Osortoo publishes on its Websites comments and testimonials from customers that may contain personal data. Osortoo obtains the consent of each Customer by e-mail or other agreement before publishing the name and testimonial.

h. Information provided voluntarily during an interaction with the support.

 Osortoo also collects information when you interact with customer service in order to help you and improve the operation of Osortoo. This includes any interaction with our team via our support site, chat support, email, our support documentation and our blog. Information shared with support may include personal information, such as your name, email address, credit card information (e.g., name on credit card, last four digits of credit card number or expiration date), participant or subscriber name and email address, etc.

Information we obtain from your use of our services

a. Device and browser information.

For example, your hardware model, operating system, performance information, IP address, browser type and other identifiers sent with browser requests.

b. Information about the newspaper.

For example, for each request made to our servers, we record information including the time stamp of the request, files accessed, IP address, referring URLs and browser user agent information.

c. Location information.

For example, we may collect your location based on your IP address or other available identifiers such as third-party application information or browser location requests.

d. Reference information.

For example, when your browser sends us a referring URL indicating that you have visited a page that has been linked to us, we record information about the link that directed you to us.

e. Tracking tags.

We use tracking tags, in the form of cookies and web beacons, on our websites, in our advertising campaigns and in our emails to collect usage statistics.

f. Cookies and local storage.

We use browser technologies such as cookies and local storage to collect and store information about you when you visit an Osortoo website.

How we use your information:

We use the information we collect from our services to provide and maintain them, provide support for your use, improve them, develop new services and features, and protect Osortoo and our users. We also use information to carry out other legitimate business purposes, as well as other legal purposes. For example:

To market and promote our services to you, including by combining information about you from third party sources.

  • To track the success of our advertising campaigns and marketing efforts.
  • To respond to your online requests and inquiries, and to personalize your website experience.
  • To analyze site usage and better understand our visitors’ preferences.
  • To detect and prevent undesirable or improper activities, potentially illegal activities, and to enforce our agreements.
  • To respond to legal requests or to prevent fraud, we may need to inspect or disclose information we hold about you.
  • To communicate with you about our services
  • For research and development

Social Media Winner Selector Features

Our websites include social networking features, such as the Facebook “Like” button and widgets, such as the share button or interactive mini-programs that run on our websites. These features may collect your IP address, the page you visit on our sites, and may set a cookie to enable the feature to function properly. This Privacy Policy does not apply to these features. Your interactions with these features are governed by the privacy policy and other policies of the companies that provide them.

We describe below the use of additional information in connection with specific types of users.


We use your information to fulfill our contractual responsibilities and to provide services to you. Lists may be created in your Osortoo account for contests and other purposes. Data may be collected through Osortoo forms, imports of data from lists you have collected elsewhere, data imported via Osortoo feeds or comment import functions. Your Osortoo lists are stored on secure servers. Only authorized Osortoo employees can access your lists. If abusive or illegal behavior is found in connection with your list, then we may share your lists or parts of the list with relevant anti-spam organizations or ISPs.


Information provided as part of a campaign created by a Client is controlled and managed by the Client who created the campaign and is governed by their privacy policy and the terms associated with their collection of data in connection with the campaign. We process this data on behalf of the Client who is the data controller. If you request deletion of this information by contacting Osortoo by email at, we may first contact the Osortoo user to inform them of your request and request that they delete your information within a reasonable time. If the Osortoo user fails to take such action, we will delete or update your personal information within a reasonable time. Similarly, you may request access to your information held by a specific Osortoo user about you by sending an email to

Third-party application users

When you authorize a third-party login application created and controlled by Osortoo, you provide Osortoo with the information you have granted access to in the third-party application’s authorization dialog. This information typically includes: name, username, email address, third party ID, birthday, location, profile picture and profile link. In this case, Osortoo is the data controller with respect to the information granted by the third party login application. We use this information to provide you with functionality in campaigns that use this capability. For example

  • Allow you to pre-populate your name, email address and other fields in a form.
  • Allow you to participate in a campaign that limits functionality to uniqueness by third-party identifier.
  • Allow you to share, track, or perform any other action permitted as part of participation in a campaign.
  • Allow you to log in to your profile in connection with campaigns.

How we share information:

We share information as described below and only when individuals have given their consent.

  • Participant Data. If you are a Participant in a Client’s campaign, information is collected on behalf of the campaign creator and is shared with that Client. 
  • Service Providers. We may share your information with third party service providers who use that information to provide services to us or process data on our behalf. For example, payment processors, partners, auditors, advisors, consultants, hosting providers.
  • Affiliates and Business Transfers. We may share the information we collect with any of our subsidiaries or affiliates. We may also disclose or transfer collected information in connection with any sale, merger, transfer of assets, acquisition, corporate reorganization or similar event.
  • Legal Requirements. We may disclose information if required by law.
  • Protection of Rights. We may disclose information when we believe it is necessary to respond to claims made against us or to comply with legal process, to enforce or administer our agreements and terms, for fraud prevention, risk assessment, investigation, and to protect the rights, property, or safety of our users or others.

Cookies, pixels and tracking:

We use cookies, pixels and similar tracking technologies to collect and use information about you, including to serve interest-based advertising. We also use third-party services that use tracking technologies when you visit our site. For example, our cookie technology is used to:

 a. Essential functionality of the website. 

Our website needs these cookies to make full use of our services and to connect to secure areas.

b. Performance and functionality.

These cookies provide functionality to remember preferences and improve our features, but are not strictly necessary to access our services.

c. Tracking usage.

We use pixels, cookies and related tracking technologies to measure the performance of our marketing efforts and how you use our services. For example, tracking opens and clicks in emails we send you.

d. Google Analytics, retargeting and ads.

We use Google Analytics for display advertising. We use remarketing with Google Analytics for online advertising. Third party vendors, including Google, serve our ads on websites. This site and third-party vendors, including Google, jointly use first-party cookies (such as the Google Analytics cookie) and third-party cookies (such as the DoubleClick cookie) to inform, optimize, and serve ads based on a person’s previous visits to this website. Visitors can opt out of Google Analytics for display advertising and customize ads in the Google Display Network by using the Google Ad Preference Manager.

e. Facebook analytics, ads and social features.

We use Facebook technologies to personalize content and advertising, to provide social media features, and to analyze traffic to our website.

You can choose to delete or disable cookies in your browser settings. You can use browser extensions with our site that limit the ability to set certain types of cookies, including third-party cookies from Google and Facebook.

How can you access or correct your information?

If you are a customer, you can access and store much of your information through your account dashboard. Information that is not accessible online can be changed or deleted by contacting us with your request. We may refuse to process requests that we believe are unreasonable and that we are not legally required to fulfill. To protect your privacy and security, we will also take reasonable steps to verify your identity before granting access or making corrections.

Our commitment to the EU-US Privacy Shield

Osortoo complies with the EU-U.S. Privacy Shield framework, as set forth by the U.S. Department of Commerce, regarding the collection, use, and retention of personal information from European Union member countries. Osortoo has certified that it adheres to the Privacy Shield principles of notice, choice, responsibility for onward transfer, security, data integrity and purpose limitation, access, recourse, enforcement and liability. In the event of a conflict between the policies in this Privacy Policy and the Privacy Shield Principles, the Privacy Shield Principles will prevail. To learn more about the Privacy Shield program and to view our certification page, please visit

In accordance with the principles of the EU-U.S. Privacy Shield, Osortoo is committed to resolving complaints about your privacy and our collection or use of your personal information. Individuals in the European Union with questions or complaints about this Privacy Policy should first contact Osortoo at Osortoo has further committed to forwarding unresolved Privacy Shield complaints to the EU data protection authorities. Contact information for the EU data protection authorities is available at Osortoo will cooperate with the appropriate EU data protection authorities during the investigation and resolution of Privacy Shield complaints. These redress mechanisms are available at no cost to you.

Osortoo is responsible for the processing of personal information that it receives under the Privacy Shield and then transfers to a third party acting as an agent on its behalf. We comply with the Privacy Shield principles for all onward transfers of personal data from the EU, including the onward transfer liability provisions.

The Federal Trade Commission has jurisdiction over Osortoo’s compliance with this policy and the EU-U.S. Privacy Shield framework. In certain situations, we may be required to disclose personal data in response to lawful requests from public authorities, including to meet national security or law enforcement requirements. As a last resort, privacy complaints that are not resolved through these or other channels may be subject to binding arbitration before the Privacy Shield Panel to be established jointly by the U.S. Department of Commerce and the European Commission.

GDPR Policy

Our GDPR policy at Osortoo ensures that all personal data collected, processed, and stored is done so lawfully, transparently, and securely, in compliance with GDPR regulations. We limit data collection to only what is necessary for specific and legitimate purposes and ensure its accuracy and integrity. We respect individuals’ rights to access, rectify, and erase their personal data, and provide mechanisms for them to exercise these rights. Our employees receive regular training on GDPR compliance to uphold data protection standards, and we maintain stringent measures to prevent unauthorized access or disclosure of personal data. In the event of a data breach, we promptly notify the appropriate authorities and affected individuals while taking steps to mitigate the impact and prevent future incidents.


In order to prevent unauthorized access, maintain data accuracy and ensure the correct use of information, we have put in place physical, electronic and managerial procedures to safeguard and secure the information we collect. However, no website or Internet transmission is completely secure. We encourage you to take steps to ensure the security of your personal information. Any personal information you provide to Osortoo will be protected in a commercially reasonable manner. In the event of a security breach that affects you, Osortoo will notify you as soon as possible of the nature of the breach and the steps taken to remedy it.

Children’s privacy

We do not knowingly collect or solicit personal information from anyone under the age of 13 (or under the age of 14 for anyone living in Spain or South Korea), nor do we knowingly allow such persons to register. If we learn that we have collected personal information from an underage child without parental consent, we will take steps to delete that information.

Contact us

If you have any questions about our privacy policy, please contact us at If you would like to update, access or delete any of your personal information held by Osortoo, please send an email to 

Changes to our privacy policy:

If we change our privacy policies, we will update this page. If our changes materially affect your privacy rights, we may notify you of the changes in a prominent place on our website or at the email address you have registered. If required by law, we will obtain your consent or give you the opportunity to opt out of such changes. 

If Osortoo chooses to amend, reaffirm or otherwise modify this Policy in a material way, Osortoo will post notice of such amendment, reaffirmation or material modification on Osortoo so that you may review the changes to the Policy. If you object to such changes to the Policy, you may, as your sole right and remedy, terminate or request termination of your Osortoo account. By continuing to use Osortoo after such notice has been posted on, you thereby consent to such changes to the Policy and agree to be bound by the then-current version of the Policy.

In the event of any conflict or inconsistency between the terms of this Policy and any provision of the Terms and Conditions, the Terms and Conditions shall govern.

If any provision of this Policy is found by a court of competent jurisdiction or arbitrator to be illegal, void or unenforceable, the unenforceable provision will be modified to make it enforceable and effective to the maximum extent possible to effect the intent of the provision; and if a court or arbitrator finds the modified provision to be invalid, illegal, void or unenforceable, the validity, legality and enforceability of the remaining provisions of this Policy will not be affected in any way.