Privacy
Policy
01 Information We Collect
We collect only the information necessary to provide and improve our services:
- Email address — provided voluntarily when you sign up, join a waitlist, or contact us.
- Usage data — pages visited, time on site, browser type, and device information, collected automatically via cookies and analytics tools.
- Communications — any messages you send us via email or contact forms.
- Platform activity — actions you perform within the Appvertiser.ai platform, such as campaign configurations, AI agent interactions, and usage patterns.
- Connected ad account data — when you authorize integrations such as Google Ads, we receive account identifiers and advertising performance data (for example, campaign names, spend, impressions, clicks, installs, and ROAS) only to the extent you grant access through OAuth or API credentials.
We do not collect payment information, government IDs, or sensitive personal data such as health records or financial account credentials beyond what ad platforms expose through authorized API access for campaign reporting.
02 How We Use Your Information
Your information is used to:
- Provide access to our platform and AI agents for mobile growth.
- Sync, analyze, and display advertising performance from ad networks you connect (including Google Ads).
- Generate campaign optimization recommendations based on connected account data.
- Send transactional emails (e.g., account updates, product news) — you can unsubscribe at any time.
- Analyze website traffic to improve our product and user experience.
- Respond to your inquiries and support requests.
- Comply with legal obligations.
We do not sell your personal information to third parties.
03 Cookies & Tracking Technologies
We use cookies and similar technologies to understand how visitors interact with our website. These include:
- Essential cookies — required for the website to function properly.
- Analytics cookies — help us understand traffic and usage patterns (e.g., Google Analytics).
- Advertising cookies — used to measure ad campaign performance through platforms such as Google Ads.
You can control or disable cookies through your browser settings. Disabling cookies may affect some features of our site.
04 Third-Party Services
We work with trusted third-party providers who process data on our behalf:
- Google Analytics & Google Ads — for website analytics, advertising measurement, and (when you connect your account) Google Ads API access to sync campaign data you authorize. Google's privacy policy applies: policies.google.com/privacy.
- Email service providers — to send transactional and marketing emails.
- Hosting & infrastructure — to securely serve our website and platform.
These providers are contractually required to keep your data secure and use it only as directed by us. We require data processing agreements (DPAs) with subprocessors that handle personal or sensitive data on our behalf.
05 Data Security
We protect the data we process, including sensitive data and Google user data obtained through authorized OAuth scopes, using the following technical and organizational safeguards:
- Encryption in transit — all data exchanged between your browser, our platform, third-party APIs (including Google APIs), and our backend services is encrypted using TLS/HTTPS.
- Encryption at rest — data stored in our databases, analytics systems, and object storage is encrypted at rest using industry-standard AES-256 encryption provided by our cloud infrastructure (Google Cloud Platform).
- Access controls — access to production systems and customer data is restricted to authorized personnel on a least-privilege basis, protected by role-based access controls and multi-factor authentication.
- Tenant isolation — each customer's data is logically isolated and scoped to their account, preventing cross-account access.
- Secure credential storage — OAuth refresh tokens, access tokens, and API credentials are stored in a dedicated secrets manager (Google Cloud Secret Manager), never in source code or client-side storage, and are used only to access the specific data you authorize.
- Network and infrastructure security — our platform runs on hardened cloud infrastructure with firewall rules, private networking where applicable, and regular security patching.
- Monitoring and logging — we log and monitor access to systems that handle sensitive data to detect unauthorized activity and operational issues.
- Vendor management — subprocessors that handle data on our behalf are vetted and bound by contractual security and confidentiality obligations.
- Retention and deletion — we retain data only as long as needed for the purposes described in this policy and delete or anonymize it on request or when you disconnect an integration (see Sections 06 and 07).
- Incident response — if we become aware of a data breach affecting your personal data, we will notify affected users and relevant authorities as required by applicable law.
06 Data Retention
We retain your personal data only as long as necessary to fulfill the purposes described in this policy, or as required by law. When you disconnect a third-party integration (such as Google Ads), we delete associated OAuth tokens promptly and remove or anonymize synced account data according to your account settings and applicable retention requirements.
Anonymized, aggregated data (from which no individual can be identified) may be retained indefinitely for product analytics and improvement purposes.
07 Your Rights
Depending on your location, you may have the right to:
- Access the personal data we hold about you.
- Request correction or deletion of your data.
- Opt out of marketing communications at any time.
- Lodge a complaint with a data protection authority.
- Request restriction of processing or data portability (GDPR / CCPA where applicable).
To exercise any of these rights, please contact us using the information in Section 11.
08 Children's Privacy
Our services are not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe we have inadvertently collected such data, please contact us immediately and we will delete it.
09 Changes to This Policy
We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page. For material changes, we will notify users via email or a prominent notice on our platform. We encourage you to review this page periodically.
A1 AI Data Processing
Appvertiser.ai is an AI-powered mobile growth platform. Our AI agents process certain data inputs to generate recommendations, automate tasks, and deliver insights. This data processing may include:
- App Store metadata — titles, descriptions, screenshots, and category data from public app stores.
- Advertising performance data — aggregated campaign metrics you choose to connect to the platform (e.g., impressions, clicks, installs, ROAS).
- User-provided inputs — prompts, configuration settings, and instructions you give to AI agents within the platform.
- Platform usage context — your preferences and history within the platform, used to personalize AI outputs.
A2 Data Used by Our AI Agents
The following table summarizes what data our AI agents access, why, and whether it is retained:
| Data Type | Purpose | Retained? |
|---|---|---|
| Prompts & instructions | Execute AI tasks in-session | Session only |
| App Store data (public) | Market analysis & ASO recommendations | Cached |
| Ad performance metrics | Campaign optimization suggestions | Per account |
| Platform activity logs | Improve AI response quality | Anonymized |
| End-user personal data (from your apps) | Not used | Not collected |
A3 AI Training & Your Data
We are committed to transparency about how your data may or may not be used to train AI models:
- We do not use your private campaign data, Google user data, or account-specific content to train our proprietary AI models without your explicit consent.
- Aggregated, anonymized usage patterns (e.g., which types of recommendations were acted upon) may be used to improve platform performance.
- If you use features powered by third-party AI providers (e.g., large language models), those providers' data policies also apply — see Section A5.
A4 Automated Decision-Making
Some features of our platform involve automated decision-making or recommendations generated without direct human review. These may include:
- Automated keyword and creative suggestions for App Store Optimization (ASO).
- AI-generated bid or budget recommendations for advertising campaigns.
- Automated audience segmentation or targeting proposals.
All AI recommendations are advisory. Final decisions on campaign execution, budget allocation, and creative selection remain with you — no irreversible action is taken automatically without your approval.
If you have questions about a specific AI recommendation or wish to understand the reasoning behind it, you may contact us and we will provide a human review upon request.
A5 AI Providers & Third-Party Models
Our platform may leverage third-party AI models and APIs to power certain features. When data is sent to these providers, it is subject to both our terms and their respective privacy policies:
- Large language model providers — We may use API services from providers such as OpenAI, Anthropic, or Google. Inputs and outputs processed through these APIs may be subject to those providers' data retention and usage policies. We configure these services in API mode, which typically means data is not used for model training by those providers.
- Computer vision and image analysis — Screenshot and creative analysis may be processed by third-party vision APIs.
- Analytics & monitoring — AI inference logs may be monitored for safety, accuracy, and performance purposes.
We carefully vet all AI providers and require data processing agreements (DPAs) where applicable. We do not send data to AI providers that would permit them to use your information for training their general models.
10 Google User Data and OAuth API Access
When you choose to connect your Google Ads account to Appvertiser.ai, we access Google user data through Google's OAuth 2.0 authorization flow. This section describes how we handle that data.
Scopes we request. Our application requests the Google Ads API scope (https://www.googleapis.com/auth/adwords) so we can read advertising account and campaign performance data that you authorize.
Data we access. Depending on your account permissions, this may include:
- Google Ads customer account IDs and account names.
- Campaign, ad group, and creative structure and settings you authorize us to read.
- Performance metrics such as impressions, clicks, installs, spend, conversions, and ROAS.
- Billing and budget summaries exposed by the Google Ads API for reporting purposes.
How we use Google user data. We use this data solely to:
- Display your advertising performance inside the Appvertiser.ai platform.
- Sync metrics into your analytics dashboards and reports.
- Generate optimization recommendations and alerts for campaigns you manage on the platform.
- Provide customer support related to your connected integrations.
How we protect Google user data. Google user data is subject to the data protection mechanisms described in Section 05, including encryption in transit and at rest, tenant isolation, secure token storage in Google Cloud Secret Manager, and restricted employee access.
Sharing and disclosure. We do not sell Google user data. We do not share Google user data with third parties except:
- Subprocessors that host or process data on our behalf under data processing agreements and only as needed to operate the platform (for example, cloud hosting and database providers).
- When required by law, regulation, or valid legal process.
- With your explicit direction or consent.
Retention and deletion. We retain Google user data only while your integration remains connected and as needed to provide the services described in this policy. You may disconnect Google Ads at any time from within the platform. When you disconnect, we revoke and delete stored OAuth tokens and remove or anonymize synced Google Ads data according to Section 06. You may also request deletion by contacting us at the email in Section 11.
Human access. Authorized Appvertiser.ai personnel may access Google user data only when necessary for troubleshooting, security, compliance, or support at your request. We do not allow employees to read Google user data for unrelated purposes.
- We use Google user data only to provide or improve user-facing features you request.
- We do not use Google user data to serve advertisements unrelated to your use of our platform.
- We do not sell Google user data.
- We do not use Google user data to train generalized artificial intelligence or machine learning models.
- We do not transfer Google user data to third parties except as described in this policy and as necessary to provide the service.
Revoking access. You can revoke Appvertiser.ai's access to your Google account at any time through your Google Account permissions page or by disconnecting the integration in our platform.
11 Contact Us
If you have any questions or requests regarding this Privacy Policy — including AI-specific inquiries, data deletion requests, or opt-out requests — please reach out:
Appvertiser.ai
We aim to respond to all privacy requests within 30 days.