Privacy Policy

1. Data We Collect

Registration data (email, Argon2id-hashed password), OAuth tokens for connected ad accounts (stored AES-256-GCM encrypted), activity logs and usage metrics, IP address and User-Agent at sign-in.

2. Processing Purposes

Providing and improving the Service, ensuring security, billing and payment processing, complying with applicable laws (including Russian FZ-152 where applicable and GDPR for EU users).

3. Data Sharing

We do not sell your data. We share only: with our payment provider (Platega/Stripe) for billing, with ad platform APIs on your behalf, and with our email service provider. All sharing is limited to what is strictly necessary to deliver the Service.

4. Retention & Deletion

Active data is retained for the duration of your subscription. Upon account deletion, a 14-day soft-delete period applies (recovery via support), followed by permanent deletion. OAuth tokens are revoked immediately when you disconnect an ad account. Backups are retained for up to 30 days.

5. Your Rights

You have the right to: request a copy of your data, correct inaccuracies, delete your account, withdraw consent for processing (this will terminate your subscription), and lodge a complaint with the relevant data protection authority. Contact us at the email below to exercise these rights.