Privacy Policy

How we collect, use, and protect your personal data.

Last updated: February 1, 2026

1. Introduction

Welcome to Oase. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you use our website at www.getoase.com and our agency management platform (collectively, the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.

2. Data Controller

The data controller responsible for your personal data is:

Oase
Arnhem, Netherlands
KvK: 78201691
VAT: NL003300299B43
Email: privacy@getoase.com

3. What Data We Collect

We collect the following types of personal data:

  • Account Information: When you create an account, we collect your name and email address.
  • Usage Data: We automatically collect information about how you interact with the Service, including pages visited, features used, and session duration.
  • Cookies: We use essential cookies to keep the Service functional. See Section 9 for details.
  • Payment Information: Payment data (credit card numbers, billing address) is collected and processed directly by our payment processor, Stripe. We do not store your full payment details on our servers.

4. How We Use Your Data

We use the personal data we collect for the following purposes:

  • Provide the Service: To create and manage your account, deliver features, and process transactions.
  • Improve the Product: To analyze usage patterns, fix bugs, and develop new features.
  • Communications: To send you service-related notifications, updates, and (with your consent) product news. You can opt out of non-essential communications at any time by clicking the unsubscribe link in any email or by contacting us at privacy@getoase.com.

5. Legal Basis (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

  • Consent: Where you have given clear consent for us to process your personal data for a specific purpose (e.g., marketing communications).
  • Contract: Where processing is necessary for the performance of a contract with you (e.g., providing the Service after you sign up).
  • Legitimate Interest: Where processing is necessary for our legitimate interests, such as improving the Service, preventing fraud, and ensuring security, provided these interests do not override your rights.

6. Data Sharing

We do not sell, rent, or trade your personal data to third parties. We share data only with the following service providers, who act as data processors on our behalf:

  • Stripe: For payment processing. Stripe’s privacy policy applies to all payment data.
  • Firebase (Google): For authentication and user account management.
  • Resend: For transactional and service-related email delivery.

Each of these providers is contractually obligated to protect your data and process it only as instructed by us.

7. Data Retention

We retain your personal data for as long as your account is active. If you delete your account, we will delete or anonymize your personal data within 30 days of the deletion request, unless we are legally required to retain certain data for a longer period (e.g., for tax or accounting purposes).

8. Your Rights (GDPR)

If you are located in the European Economic Area (EEA), you have the following rights under the GDPR:

  • Right of Access: You can request a copy of the personal data we hold about you.
  • Right to Rectification: You can request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You can request that we delete your personal data (“right to be forgotten”).
  • Right to Data Portability: You can request a machine-readable copy of your data to transfer to another service.
  • Right to Restriction: You can request that we restrict the processing of your personal data in certain circumstances.
  • Right to Object: You can object to the processing of your personal data based on legitimate interests or for direct marketing purposes.

To exercise any of these rights, please contact us at privacy@getoase.com. We will respond to your request within 30 days.

9. Cookies & Analytics

We use essential cookies only. These cookies are necessary for the Service to function properly (e.g., keeping you logged in, remembering your preferences). They cannot be disabled.

We do not use tracking cookies or third-party advertising cookies.

For website analytics, we use Plausible Analytics, a privacy-focused analytics tool that does not use cookies, does not collect personal data, and does not track individual visitors. All data is aggregated and anonymous. Plausible is fully GDPR compliant and does not require cookie consent. Learn more at plausible.io/data-policy.

10. Security

We take the security of your data seriously and implement the following measures:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS (HTTPS).
  • Encryption at Rest: Stored data is encrypted at rest using industry-standard encryption.
  • Data Isolation: Each organization’s data is logically isolated, ensuring that one organization cannot access another’s data.

While we strive to protect your data, no method of transmission or storage is 100% secure. If you become aware of any security issue, please contact us immediately at privacy@getoase.com.

11. International Transfers

We process your data in the European Union wherever possible. Where data needs to be transferred outside the EEA (e.g., to service providers based in the United States), we ensure adequate protection through Standard Contractual Clauses (SCCs) approved by the European Commission, or other legally recognized transfer mechanisms.

12. Children

The Service is not intended for individuals under the age of 16. We do not knowingly collect personal data from children under 16. If we become aware that we have collected data from a child under 16 without parental consent, we will take steps to delete that data promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time. For material changes, we will notify you via email at the address associated with your account. We encourage you to review this page periodically for the latest information.

14. Contact

If you have any questions about this Privacy Policy, your personal data, or wish to exercise your rights, please contact us:

Email: privacy@getoase.com