This policy explains what information OpsGuardIQ ("we," "us," or "our") collects through the FormLock service, how we use it, and the choices you have. We've written it in plain language and kept it specific.
OpsGuardIQ is operated as a sole proprietorship by Shane Schleinkofer, based in the United States. FormLock is our software for advertisers, available at formlock.opsguardiq.com. If you have any questions about this policy or your data, contact us at shane.13music@gmail.com.
Who this policy covers
This policy covers two groups of people:
Our customers — businesses that sign up for FormLock and connect their advertising accounts.
Leads — the people who click our customers' ads and submit their forms. We process this lead information on behalf of our customers so they can measure which ads led to real sales.
Information we collect
From our customers
Account details: name, email address, business name, and login credentials.
Billing information, processed securely through our payment provider (Stripe). We do not store full card numbers.
Advertising account connection details you provide, such as a Meta Pixel/Dataset ID and access token, or a Google Ads account connected through Google sign-in (OAuth).
From our customers' leads
Contact information submitted on a form: name, email address, phone number.
Advertising attribution data attached to the visit, such as click identifiers (for example, a Google Click ID "GCLID," or Meta's fbc/fbp values), UTM parameters, referring URL, timestamp, IP address, and user agent.
On-page engagement signals such as time on page and scroll depth, used to score lead intent.
The outcome of the lead (for example, whether a deal closed and its value), as recorded by our customer.
How we use information
To provide the FormLock service: capturing leads, storing outcomes, and sending conversion events back to advertising platforms on our customer's behalf.
To improve advertising performance for our customers by reporting real sales outcomes to Google and Meta so their algorithms can optimize toward buyers.
To operate accounts, process payments, provide support, and secure the service.
We do not sell personal information, and we do not use it for our own advertising or any purpose unrelated to providing FormLock.
Google user data — limited use disclosure
How we access and use Google user data
When a customer connects their Google Ads account to FormLock, they authorize us — through Google's OAuth sign-in — to access their Google Ads data using the https://www.googleapis.com/auth/adwords scope. We use this access for a single, specific purpose: to upload offline conversion events (such as closed deals) into that customer's own Google Ads account, and to read and validate the customer's conversion-action configuration so those uploads are recorded correctly.
FormLock's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
We only use Google user data to provide and improve the conversion-tracking features the customer has connected.
We do not transfer or sell Google user data to third parties, except as necessary to provide the service, comply with applicable law, or as part of a merger or acquisition.
We do not use Google user data for serving advertisements.
We do not allow humans to read Google user data unless we have the customer's explicit consent, it is necessary for security or to comply with applicable law, or the data has been aggregated and anonymized.
Customers may disconnect their Google Ads account at any time from within FormLock, which revokes our access. We store the Google authorization (refresh) token in encrypted form and request only the minimum access required to provide the feature.
Meta (Facebook & Instagram) data
For customers who connect Meta, we use the Meta Pixel/Dataset ID and access token they provide to send conversion events to their own Meta account through Meta's Conversions API. Personal identifiers (such as email and phone) are hashed using SHA-256 before being sent, in accordance with Meta's requirements. Customers can revoke this access at any time by removing the token in FormLock or in their Meta account.
How we share information
We share information only as needed to run the service:
Advertising platforms (Google, Meta) — to deliver the conversion events our customers ask us to send, on their behalf.
Service providers — such as our payment processor (Stripe) and hosting infrastructure, who process data only to provide services to us.
Legal — when required by law, or to protect rights, safety, and security.
We never sell personal information.
Data security & retention
We protect data with encryption in transit and at rest where appropriate, encrypt stored access tokens, and limit access to authorized systems. We keep information for as long as needed to provide the service and meet legal obligations, and delete or anonymize it when no longer needed.
Your choices & rights (U.S. / California)
FormLock serves customers in the United States. Depending on your state — and in particular under the California Consumer Privacy Act (CCPA/CPRA) — you may have the right to:
Know what personal information we have collected about you.
Request access to or deletion of that information.
Correct inaccurate information.
Opt out of any "sale" or "sharing" of personal information — though note that we do not sell personal information.
To make a request, email shane.13music@gmail.com. We will not discriminate against you for exercising these rights. If you are a lead and wish to exercise rights regarding data collected through a business's form, we will route your request to the relevant business (our customer), who is the controller of that data.
A note for leads: If you submitted a form on a website that uses FormLock, the business you contacted is the owner of your information. We process it on their behalf. Direct access or deletion requests to that business, or to us at the address above and we'll help coordinate.
Children's privacy
FormLock is a business tool and is not directed to children under 13, and we do not knowingly collect their personal information.
Changes to this policy
We may update this policy from time to time. When we do, we'll revise the "Last updated" date above and, for material changes, take reasonable steps to notify customers.