Privacy Policy

• Account: email, hashed password, optional name and company.
• Billing: Paddle and/or Stripe process card and wallet payments. We store internal customer references (for example Paddle customer IDs or Stripe customer IDs) and transaction IDs so we can reconcile your subscription and credit ledger — not full card numbers.
• Usage: API call timestamps, endpoint, status code, credits charged. Used for the dashboard you see and for capacity planning.
• Product activity: bookmarks, saved searches, comparison lists, recent searches, and marketing-analysis prompts you run.
• Operational logs: errors and security-relevant events. Retained for up to 90 days unless we need them longer for a specific investigation.

• We don't set advertising cookies.
• We don't track you across the web with analytics that share data with third parties.
• We don't collect payment-card numbers — payment processors collect that directly.

• Run the features you ask for (search, analysis, bookmarks).
• Bill you and enforce credit / rate limits.
• Send transactional email — password reset, plan activation, renewal reminders, expiry notices.
• Keep the service secure: fraud detection, abuse investigation, debugging crashes.
• We do not use your prompts to train models. AI processing happens through your chosen provider (Alibaba DashScope, local Ollama) under their respective terms.

We share data only when required to operate the service:

• Paddle — when enabled, processes subscriptions and credit add-ons and may act as merchant of record for those transactions.
• Stripe — may be used on some deployments for legacy one-time credit purchases.
• Alibaba Cloud DashScope — when you run a marketing analysis on an ad, the ad's public URLs and text are sent to DashScope for inference. Disable by leaving DASHSCOPE_API_KEY unset on a self-hosted deploy.
• Resend / SMTP provider — when configured, used to deliver transactional email.
• Sentry — when configured, captures error events. We scrub PII before sending.

We don't sell or rent personal data to anyone. We may disclose data when legally compelled by a valid order from a jurisdiction we operate in.

User data lives in our managed PostgreSQL (Neon, hosted in AWS-backed regions). Ad creatives are fetched on demand from Meta's CDN — we cache only what we need to render them quickly, behind a short-lived encrypted token URL.

• Account, billing, and product data: as long as your account is active, plus 90 days after closure for accounting.
• Usage events: 24 months rolling. Older rows are aggregated into anonymous monthly totals.
• Operational logs / Sentry: up to 90 days.

Regardless of where you live, you can ask us to:

• Export the personal data we hold about you.
• Correct anything inaccurate.
• Delete your account and associated data (subject to legal retention obligations).
• Restrict or object to specific processing.

Write to contact@adscrape.in from the email on your account and we'll respond within 14 days.

We use a small number of strictly necessary cookies: an auth session cookie for the dashboard and a preference cookie that remembers your last search filters. No third-party advertising cookies.

When we make a material change we'll email all registered users at least seven days before it takes effect. The latest version is always at this URL.

Privacy questions: contact@adscrape.in.