Privacy Policy

We collect data in three categories:

Account & Business Data

• Name, email address, company name, and billing information when you register
• Role and permissions settings for team members you add to your workspace
• Communications you send to our support or sales team

Ad Platform & Campaign Data (processed on your behalf)

• Campaign structures, ad creative metadata, audience segment configurations
• Spend, impression, click, conversion, and ROAS data pulled via platform APIs
• Bid strategy settings, budget allocation rules, and optimization parameters
• Attribution data and conversion events as reported by connected platforms
• Reach forecasts, audience size estimates, keyword forecasts, and other planning/estimation data returned by platform planning APIs (e.g., Google Ads ReachPlanService, KeywordPlanIdeaService, AudienceInsightsService)
• Platform-level audience identifiers (hashed — we never receive raw PII about end-consumers from ad platforms)

Usage & Technical Data

• Log data including IP address, browser type, pages visited, and session duration
• Feature interaction events used to improve the PAISync dashboard
• Cookies and similar tracking technologies (see Section 7)

• To operate and deliver the PAISync platform and AI optimization services
• To autonomously reallocate budgets, adjust bids, and test creatives on your behalf
• To generate performance reports, insights, and anomaly alerts
• To send transactional emails (billing receipts, alert notifications, and security notices)
• To comply with legal obligations and enforce our Terms of Service
• To improve platform reliability and performance using anonymized, aggregated operational metrics (e.g., API response times, error rates) — never using raw advertising campaign data or data obtained from third-party platform APIs for this purpose

We do not sell your data to third parties. We do not use data obtained from advertising platform APIs (including Google Ads, Meta, TikTok, or any other connected platform) to train machine learning or AI models. Advertising performance data, reach forecasts, and audience/keyword estimation data accessed via platform APIs are used exclusively to provide the campaign planning, reporting, management, and optimization services described herein.

PAISync connects to third-party ad platforms via their official APIs using OAuth tokens you grant us. By connecting a platform, you authorize PAISync to:

• Read campaign performance data from that platform
• Read reach forecasts, audience size estimates, and keyword planning data to support pre-launch planning views and optimization decisions
• Create, modify, pause, and delete campaigns on your behalf
• Adjust bids, budgets, and targeting settings as directed by our AI optimization engine

You may revoke platform access at any time from your PAISync dashboard or directly from the ad platform's security settings. Revoking access stops our AI from making further changes but does not delete historical data already pulled.

Each connected platform has its own privacy policy governing how they process data:

• Google Privacy Policy
• Meta Privacy Policy
• TikTok Privacy Policy
• LinkedIn Privacy Policy
• Amazon Privacy Policy

PAISync accesses third-party advertising platforms exclusively through their official, authorized APIs. Our use of data obtained through these APIs is strictly limited to providing the campaign planning, reporting, management, and optimization services described in this policy. This includes performance data, reach forecasts (e.g., from Google Ads ReachPlanService), and audience/keyword estimation data (e.g., from Google Ads KeywordPlanIdeaService and AudienceInsightsService). We do not use platform API data for any secondary purpose.

Google API Services: PAISync's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including its Limited Use requirements. Data obtained via the Google Ads API is used solely to manage and optimize advertising campaigns on behalf of our customers and for no other purpose.

Meta Platform: PAISync's use of data obtained via Meta's Marketing API complies with the Meta Platform Terms and Meta's Developer Policies. Data accessed through Meta APIs is used exclusively to provide campaign management services to the account holder who granted access.

TikTok for Business: PAISync's integration with TikTok's Marketing API operates in compliance with the TikTok Developer Terms of Service and TikTok for Business policies. Data obtained through TikTok APIs is used solely for the campaign management purposes authorized by the account holder.

In all cases, data obtained through advertising platform APIs is:

• Used only to provide services to the customer who authorized access
• Used only to manage and optimize campaigns on the same platform it was obtained from (e.g., Google Ads data is used only for Google Ads campaign management, not for optimizing Meta, TikTok, or any other platform)
• Never sold, transferred, or disclosed to third parties except as required to deliver the service
• Never used to train, develop, or improve any machine learning or AI model
• Never combined across platforms or customers for model training, audience building, or targeting external platforms
• Never used for purposes that conflict with the terms of the platform from which it was obtained
• Accessible to customers and revocable at any time

Platform data segregation. PAISync treats each advertising platform's data as a separate, isolated dataset. Google Ads API data is used solely to operate the customer's Google Ads campaigns; Meta Marketing API data is used solely to operate the customer's Meta campaigns; TikTok Marketing API data is used solely to operate the customer's TikTok campaigns; and so on. The only cross-platform aggregation PAISync performs is presenting a unified reporting view to the account holder who authorized access — and that reporting view is visible only to the authorizing customer within their own PAISync workspace. Data is never shared across customers.

We share data only in the following limited circumstances:

• Service Providers: Cloud infrastructure (AWS), analytics tools, payment processors (Stripe), and email delivery services — bound by data processing agreements
• Ad Platforms: We write campaign changes back to platforms on your behalf (this is the core function of PAISync)
• Legal Requirements: When required by law, subpoena, or to protect our rights and users' safety
• Business Transfers: In the event of a merger, acquisition, or asset sale, data may transfer to the acquiring entity with advance notice to you

We do not share your campaign data with competitors or use it for cross-customer advertising targeting.

• Account data is retained for the duration of your subscription plus 90 days after cancellation
• Campaign performance data synced from ad platforms is retained for up to 36 months to power historical analytics and reporting within your PAISync account
• Billing records are retained for 7 years to comply with financial regulations
• You may request earlier deletion by emailing privacy@paisync.com

Data Deletion Request: To request deletion of all data associated with your PAISync account (including campaign data synced from connected advertising platforms), email privacy@paisync.com with the subject line "Data Deletion Request". We will confirm receipt within 2 business days and complete deletion within 30 days, subject to legal retention requirements (such as billing records). You may also revoke PAISync's access to any connected advertising platform at any time from your PAISync dashboard or directly from the platform's own security settings — doing so stops all further data access and processing by PAISync for that platform.

Depending on your location, you may have the following rights regarding your personal data:

• Access: Request a copy of the personal data we hold about you
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your data (subject to legal retention requirements)
• Portability: Request your data in a structured, machine-readable format
• Objection: Object to certain types of processing, including profiling
• Withdraw Consent: Where processing is based on consent, withdraw it at any time

CCPA (California): California residents have the right to know what personal information is collected, to opt out of sale (we do not sell data), and to non-discrimination for exercising rights.

GDPR (EU/UK): EU and UK residents have additional rights under GDPR. PAISync acts as a data processor for your advertising data and a data controller for your account data. Our lawful bases for processing include contract performance, legitimate interest, and consent.

To exercise any right, contact us at privacy@paisync.com. We will respond within 30 days.

PAISync uses cookies and similar technologies for:

• Essential cookies: Required for login sessions and platform security — cannot be disabled
• Analytics cookies: Help us understand how the dashboard is used (e.g. page visits, feature usage) — can be opted out
• Preference cookies: Remember your display settings and notification preferences

We do not place advertising or retargeting cookies on our own website visitors. You can control cookies through your browser settings at any time.

We implement industry-standard security measures including:

• TLS 1.3 encryption for all data in transit
• AES-256 encryption for data at rest
• OAuth 2.0 for all ad platform API connections (we never store your platform passwords or credentials)
• Role-based access controls and audit logging within our infrastructure
• Regular internal security reviews and vulnerability assessments

Despite these measures, no system is 100% secure. In the event of a data breach affecting your information, we will notify you within 72 hours as required by applicable law.

PAISync is a B2B platform intended for business use only. We do not knowingly collect personal data from individuals under the age of 18. If you believe a minor has provided us with data, please contact us at privacy@paisync.com and we will promptly delete it.

We may update this policy from time to time. When we make material changes, we will notify you by email and update the "Last Updated" date at the top of this page. Your continued use of PAISync after changes become effective constitutes your acceptance of the updated policy.

For any privacy-related questions, data requests, or concerns, please reach out to our Privacy Team: