Privacy Statement

Last updated: January 15, 2020

This Privacy Statement applies to our service platform owned and operated by Spanning Cloud Apps, LLC (“Spanning”, “We”, “Our”, “Us”).. Spanning has created this privacy statement in order to demonstrate our commitment to customer privacy. Spanning, while primarily a data processor, is also considered a data controller in limited situations.  We are a business-to-business service provider and our primary role is a data processor for our corporate customers. From time-to-time, we also receive personal information from individual corporate employees inquiring about our services on behalf of their employer. In this last instance, we are the data controller for that limited group. If you have questions or complaints regarding our privacy statement or practices, please contact us at [email protected].

Spanning complies with the EU-US Privacy Shield Framework and the Swiss-US Privacy Shield Framework as set forth by the US Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union and Switzerland to the United States, respectively. Spanning has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.  To learn more about the Privacy Shield program, and to view our certification page, please visit

We are responsible for the processing of personal data received directly from individuals and indirectly through our corporate customers under the Privacy Shield Frameworks.

With respect to personal data received or transferred pursuant to the Privacy Shield Framework, Spanning is subject to the regulatory and enforcement powers of the U.S. Federal Trade Commission. In certain situations, we may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

In compliance with the EU-US and Swiss-US Privacy Shield Principles, Spanning commits to resolve complaints about your privacy and our collection or use of your personal information. European Union or Swiss individuals with inquiries or complaints regarding this privacy policy should first contact Spanning at:  [email protected]



In order to utilize our service, our corporate clients provide us information on their customers which includes their Google, Salesforce, or Office 365 account name, name, and email. Individuals contacting us on behalf of their employers provide contact information including name, company affiliation, and email address. Data subjects whose information is provided to us by our corporate customers may also provide credit card data as well as name, physical and email address. This information will not be distributed or shared with non-agents. We may use this information to contact individuals via email regarding new products, features, and offers. If we contact you by email with a promotional communication you will be able to Opt-Out by clicking the link in the email. However, you cannot Opt-Out of transactional emails.

Individuals use the Service to access data and information (“Data”) stored in Google, Salesforce and/or Office 365 applications. Spanning will not review, share, distribute, print, or reference any such Data except as may be required by law. Individual records may at times be viewed or accessed only for the purpose of resolving a problem or support issue, or as may be required by law.

Spanning may also collect our corporate customers and their data subjects, Internet protocol (IP) addresses, browser type, Internet service provider (ISP), referring/exit pages, operating system, date/time stamp, and/or clickstream data that we store in log files. This information is logged to help diagnose technical problems and to administer our Service in order to constantly improve the quality of the Service. We do not link this automatically-collected data to other information we collect from our corporate clients.

The Spanning Backup for Google Workspace service requires multiple Google Workspace scopes to allow admins of Corporate Clients to manage Spanning licenses at the user or OU level as well as the backup and restoration of Gmail, Drive, Team Drives, Calendars, Contacts and Sites owned by individuals within their domain.

The Spanning Backup for Office 365 service requires multiple Microsoft scopes to allow admins of Corporate Clients to manage Spanning licenses as well as backup and restoration of mail, calendars, OneDrive and Sharepoint data owned by individuals within their tenant.


Our Service has security measures in place to help protect against the loss, misuse, and alteration of the Data under our control. Our Service uses OpenID, OAuth, and Secure Socket Layer (SSL) data encryption to help ensure that Data is safe, secure, and available only to either our corporate clients acting as a data controllers or individuals who have placed their data with us directly. Spanning hosts the Service in a secure server environment that uses firewalls and other technology to prevent interference or access from outside intruders. These safeguards help prevent unauthorized access, maintain data accuracy, and ensure the appropriate use of Data.



Personal Information Collected

As stated earlier, in limited situations, Spanning is a data-controller when our website collects singular data subject personal information such as name, cookies, tags, scripts, your email, and comments if you post to our blog.  This information is submitted, voluntarily, by individuals representing data-controlling clients or inquiring visitors to our website evaluating our products.

Information Sharing

We will share limited personal data subject information with third parties only in the ways that are described in this privacy statement.

Technologies such as cookies, beacons, tags, and scripts are used by Spanning and our analytics or service providers. These technologies are used in analyzing trends, administering the site, tracking users’ movements around the site and to gather demographic information about our user base as a whole. We may receive reports based on the use of these technologies by these companies on an individual as well as aggregated basis.

We use cookies to remember users’ settings (e.g. language preference) and/or for authentication. Users can control the use of cookies at the individual browser level. If you reject cookies, you may still use our site, but your ability to use some features or areas of our site may be limited.

We use Local Storage Objects (LSOs) such as HTML5 to store content information and preferences. Third parties with whom we partner to provide certain features on our site or to display advertising based upon your web browsing activity use LSOs such as HTML 5 to collect and store information. Various browsers may offer their own management tools for removing HTML5 LSOs.

We may receive information about individual data subjects, that have entered limited personal information into our website, from other sources, including publicly available databases or third parties from whom we have purchased data, and combine this data with information we already have about inquiring data subjects. This helps us to update, expand and analyze our records, identify new customers, and provide products and services that may be of interest to potential new and current clients.  If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us.

Links to Other Sites

Our website contains links to other sites that are not owned or controlled by us. Please be aware that we are not responsible for the privacy practices of such other sites.

We encourage you to be aware when you leave our site and to read the privacy statements of each and every website that collects personal information.

This privacy statement applies only to personal information collected by this website or provided to Spanning by our clients.


We display personal, individual testimonials of satisfied representative corporate client-customers on our site in addition to other endorsements. With your consent, we may post your testimonial along with your name. If you wish to update or delete your testimonial, you can contact us at [email protected].


We partner with a third-party ad network to either display advertising on our website or to manage our advertising on other sites. Our ad network partner uses cookies and web beacons to collect non-personal information about your activities on this and other websites to provide you targeted advertising based on your interests.

Public Forums

In the limited data controller role, our website offers publicly accessible blogs or community forums. Visitors should be aware that any information you provide in these areas may be read, collected, and used by others who access them. To request removal of your personal information from our blog or community forum, contact us at [email protected]. In some cases, we may not be able to remove your personal information, in which case we will let you know if we are unable to do so and why.  Our role as a data processor is a separate function of the Spanning Backup product.

Social Media Widgets

Our website includes social media features, such as the Facebook Like button and widgets, such as the ShareThis button or interactive mini-programs that run on our site. These features may collect your IP address, which page you are visiting on our site, and may set a cookie to enable the feature to function properly. Social media features and widgets are either hosted by a third party or hosted directly on our website. Your interactions with these features are governed by the privacy statement of the company providing it.


The security of your personal information is important to us. When you enter sensitive information (such as a credit card number) on our order forms, we encrypt the transmission of that information using reasonable security.

We follow generally accepted standards to protect the personal information submitted to us, both during transmission and once we receive it. If you have any questions about security on our website, you can contact [email protected].



Information Related to Data Collected for our Corporate Clients:

As a data processor, and within the operation of the Spanning Backup product, we collect information under the direction of our clients, who remain the data controllers.  We have no direct relationship with the individuals whose personal data we process in this capacity. If you are a customer of one of our clients (a data subject) and would no longer like to be contacted by one of the   clients that use our service, please contact that client directly. We may transfer personal information to companies that help us provide our service. Transfers to subsequent third parties are covered by the service agreements with our clients.

Access and Retention of Personal Data:

Spanning acknowledges an individual’s right to access their personal data.  

When acting as a data processor, we have no direct relationship with the data subjects whose personal data we process and no authority to grant direct access to that data. In cases where Spanning handles your personal information on behalf of our client and you seek access to correct, amend, or delete inaccurate data, you should direct your query to Spanning’s corporate client, who is the data controller. If Spanning is requested to remove data, by the data controller, we will respond within a reasonable timeframe.

Individuals who have provided data to Spanning directly, via our website and who wish to access, correct, amend, or delete inaccurate data, may request access by contacting us via email at [email protected].

Spanning will retain personal data we process on behalf of our clients for as long as needed to provide our services to those clients. Spanning will retain this personal information as necessary to comply with our legal obligations, resolve disputes, and enforce our agreements.

As per our Master Subscription Agreements, if a corporate client deletes Spanning Backup from their Google Workspace, Salesforce, or Office 365 domain, their backups (including individual data subject data that is part of a backup) will be queued for deletion. In the formal language of the agreements:

Upon the effective date of termination, We shall have no obligation to maintain or provide any of Your Data and shall thereafter, unless legally prohibited, delete all of Your Data in Our systems or otherwise in Our possession or under Our control.

View the Spanning Master Subscription Agreement (MSA) >
View the Spanning Service Level Agreement (SLA) >


Spanning is compliant with the Regulation (EU) 2016/679 (General Data Protection Regulation).  

For more information about our compliance, please see our GDPR page. For our Data Protection Addendum please reach out to [email protected].

Data Protection Officer (DPO) – Article 37

Spanning, being a subsidiary of Kaseya, works with BSI Group, in the European Union, to provide DPO services.  For inquiries, contact [email protected].

Data Subject Access Requests

For GDPR Data Subject Access Requests, please click here.

Agents/Service Providers

Spanning uses other third parties, such as a credit card processing company, to bill Clients for goods and services, an email service provider to send out emails on our behalf, a third party help service provider, and a hosting service provider.   Spanning remains liable for the onward transfer of personal data to third parties.

Legal Disclaimer

Spanning reserves the right to disclose personal information as required by law and when we believe that disclosure is necessary to protect our rights and/or to comply with a judicial proceeding, court order, or legal process served on our website.

If Spanning Cloud Apps, LLC is involved in a merger, acquisition, or sale of all or a portion of its assets, corporate clients and individual data subjects will be notified via email and/or a prominent notice on our website of any change in ownership or uses of personal information, as well as any choices they may have  available regarding their backed up information.

Changes in this Privacy Statement

Spanning may update this privacy statement to reflect changes to our information practices. If we make any material changes we will notify our Clients by email (sent to the e-mail address specified in their account) or by means of a notice on this Site prior to the change becoming effective. We encourage you to periodically review this page for the latest information on our privacy practices.  

If you have any questions about this policy, please contact us at [email protected].



If you have any questions or suggestions regarding our privacy statement, please contact us at:

Spanning Cloud Apps, LLC

Attn: Privacy

5323 Levander Loop
Austin Texas 78702
[email protected]