Privacy Policy
Effective March 25, 2026
This privacy policy explains how onit collects, uses, and protects your information when you use the website-building service for home service professionals. Onit keeps this straightforward because you deserve to know exactly what happens with your data.
1. Information Onit Collects
Account information you provide:
- Business name — used to build your website
- Email address — used for account access, billing notifications, and service updates
- Trade(s) — the services you offer (plumbing, HVAC, electrical, etc.), used to customize your site content
- ZIP code — used to set your service area on your website
- Site description (optional) — any additional details you provide to personalize your site
Payment information:
- Credit card and billing details are collected and processed directly by Stripe. Onit never sees, stores, or has access to your full card number. Only a tokenized reference and basic transaction details (last four digits, expiration, billing status) are received.
Information collected automatically:
- IP address — used for ZIP code geolocation (to pre-fill your service area) and general analytics
- Cookies — Onit sets a visitor tracking cookie with a 90-day lifespan to understand how people find and use the service (see Section 5)
- Analytics data — page views, referral source, device type, and browsing behavior collected via Google Analytics
2. How Onit Uses Your Information
Onit uses the information collected to:
- Build and host your website — your business name, trades, ZIP code, and description are used to generate your site
- Process payments — manage your $19.99/month subscription and 24-hour free trial through Stripe
- Send transactional emails — account confirmations, billing receipts, trial reminders, and service updates via Resend
- Detect your location — IP geolocation is used to suggest your ZIP code during signup so you don't have to type it
- Improve the service — analytics help identify what's working and where people get stuck
Onit does not sell your information. Onit does not send marketing emails to people who haven't signed up. Onit does not use your data to train AI models.
2.5 Email Communications & CAN-SPAM Compliance
Onit sends service-related emails (welcome confirmations, check-ins, growth tips) only to users who explicitly opt in during the signup process. Every email includes:
- A clear unsubscribe link in the footer
- List-Unsubscribe headers for one-click unsubscribe in supported email clients
- An accurate "From" name and email address
Unsubscribe requests are honored instantly — no processing delay. Once unsubscribed, you will not receive further emails from Onit unless you re-subscribe.
Physical mailing address: Onit · Portland, OR 97209
3. Third-Party Services
Onit shares data with the following services, and only what's necessary for them to function:
Stripe — payment processing. Receives your payment details, email, and billing address. Stripe's privacy policy: stripe.com/privacy
Resend — email delivery. Receives your email address and the content of transactional emails Onit sends you. Resend's privacy policy: resend.com/legal/privacy-policy
Google Analytics — website analytics. Receives anonymized browsing data, IP address, and cookie identifiers. Google's privacy policy: policies.google.com/privacy
Onit does not share your information with any other third parties, advertisers, or data brokers.
4. Data Retention
- Active accounts — Onit retains your data for as long as your subscription is active
- Cancelled accounts — Onit keeps your account data for 90 days after cancellation in case you want to reactivate, then deletes it
- Payment records — Stripe retains transaction records per their own retention policies and applicable financial regulations
- Analytics data — Google Analytics data is retained according to the configured retention period (14 months)
- Cookies — the visitor tracking cookie expires after 90 days
5. Cookies
Onit uses the following cookies:
- Visitor tracking cookie (90-day lifespan) — tracks how you found onit and your browsing behavior on the marketing site. This helps Onit understand which channels bring in customers.
- Google Analytics cookies — standard GA cookies (_ga, _gid) used for anonymous traffic analysis
- Stripe cookies — set during the checkout process for fraud prevention
You can disable cookies in your browser settings. The signup flow will still work, but Onit won't be able to attribute how you found the service.
6. Your Rights
You have the right to:
- Access your data — request a copy of the personal information Onit holds about you
- Correct your data — update your business name, email, trades, ZIP code, or site description at any time
- Delete your data — request that Onit delete your account and all associated data
- Export your data — request a machine-readable export of your account information
- Opt out of analytics — use browser extensions like Google Analytics Opt-out to disable tracking
To exercise any of these rights, email [email protected]. Onit will respond within 7 business days.
7. Security
Onit protects your data with:
- HTTPS encryption on all connections
- Payment data handled entirely by Stripe (PCI-DSS compliant) — Onit never touches your card details
- Access controls limiting who can view customer data
No system is 100% secure. If a breach affecting your data is ever discovered, you'll be notified by email within 72 hours.
8. Children's Privacy
onit is a business tool for professionals. Onit does not knowingly collect data from anyone under 18. If you believe a minor has created an account, reach out and Onit will delete it.
9. Changes to This Policy
If meaningful changes are made to this policy, active subscribers will be emailed and the effective date at the top will be updated. Continued use of onit after changes constitutes acceptance.
10. Contact