We take data privacy seriously. Here's how we protect your information and respect your rights.
What Data Do We Collect?
From Google Ads
- Campaigns, ad groups, ads, keywords (structure and content)
- Performance metrics: impressions, clicks, cost, conversions, conversion value
- Search terms (what people searched for)
- Quality scores
From You
- Email address
- Company name (optional)
- Timezone and language preference
What We Don't Collect
- ❌ Customer data (emails, names, phone numbers of your customers)
- ❌ Landing page content
- ❌ Your Google Ads password (we use OAuth)
- ❌ Google Analytics data
How We Protect Your Data
1. Encryption
- In Transit: All data travels over HTTPS (encrypted)
- At Rest: Your data is encrypted in our database
- At Backup: Backups are encrypted too
2. Access Control
- Only your account can access your data
- Our team can't see your campaigns, keywords, or metrics without your explicit permission
3. Data Isolation
- Your data is completely separate from every other user
- You cannot see other users' data (and they can't see yours)
4. Compliance
- GDPR (EU): Your right to access, delete, and transfer data
- CCPA (California): Your privacy rights
Your Data Rights
Right to Access
You can see all data we hold about you in Settings → Privacy.
Right to Delete
You can request complete deletion in Settings → Privacy → Delete Account. All your data is deleted within 30 days.
Right to Data Portability
Export your data in standard formats in Settings → Privacy → Export Data.
What We Do With Your Data
We Use It To
- ✅ Provide analysis, insights, and recommendations (your data only)
- ✅ Show you your campaigns and performance
- ✅ Send you email digests and alerts (if you opt in)
- ✅ Improve our service
We Don't Use It To
- ❌ Train AI on your data to share with others
- ❌ Sell your data to advertisers, brokers, or competitors
- ❌ Show your campaigns as "examples"
- ❌ Use your data to compete with you
Third Parties
| Party | Access | Reason |
|---|---|---|
| Read-only | Fetch campaigns via their API | |
| Payment processor | Billing info | Processes your payments (PCI compliant) |
| Email provider | Email address | We send you digests and alerts |
Everyone else? Zero access.
Data Retention
| Data Type | Retention | Reason |
|---|---|---|
| Campaign metrics | Per plan (30d / 90d / 12m) | Historical analysis |
| Email logs | 12 months | Proof of delivery |
| Deleted accounts | 30 days | Legal hold, then automatic purge |
Cookies & Tracking
First-Party Cookies (Ours)
- Session cookie: Keeps you logged in
- Preference cookie: Remembers your language and theme (dark/light)
Third-Party Cookies
We don't use third-party tracking cookies. No Facebook pixels, no cross-site tracking tags.
Security Incidents
If we ever discover a security breach:
- We investigate within 24 hours
- We notify affected users within 72 hours
- We share details: what data, when, what we're doing
- We file required reports (GDPR Article 33, etc.)
Contact Us
- Privacy questions: privacy@adpredictor.ai
- Data subject request: Settings → Privacy or privacy@adpredictor.ai
- Security issues: security@adpredictor.ai
Summary
- ✅ We're transparent (this document, our policies)
- ✅ We're compliant (GDPR, CCPA)
- ✅ We're secure (encryption, access control)
- ✅ We're honest (we don't sell your data)
- ✅ We're accountable (you can request data, delete, audit)
Your data isn't a product. It's your property, and we're just the custodian.