Privacy Policy

Last updated: April 12, 2026

1. Introduction

ADS UP ("we", "our", "us"), operated by Adsup Pro LLC, provides an AI-powered marketing automation platform at adsup.pro ("the Service"). This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our Service.

By using ADS UP, you agree to the data practices described in this policy. If you do not agree, please do not use the Service.

2. Information We Collect

We collect the following categories of data:

  • Account information: email address, name, profile image (provided during registration or via OAuth sign-in with Facebook/Instagram)
  • Business information: business name, products, services, knowledge base entries, ad account IDs
  • Platform tokens: OAuth access tokens and refresh tokens for connected platforms (Facebook, Instagram, WhatsApp, Google, TikTok, YouTube, Notion)
  • Content: posts, captions, images, videos, and other media you create or upload through the Service
  • Messaging data: conversations from connected Messenger, Instagram DM, and WhatsApp inboxes
  • Advertising data: campaign configurations, targeting parameters, budgets, and performance metrics synced from Meta Ads
  • Usage data: pages visited, features used, AI chat interactions, and error logs
  • Device information: browser type, operating system, IP address (for security and rate limiting)

3. How We Use Your Information

  • To provide, maintain, and improve the ADS UP Service
  • To manage and publish content to your connected social media accounts
  • To create and manage advertising campaigns on Meta platforms on your behalf
  • To process and respond to messages from your customers via connected inboxes
  • To generate AI-powered marketing insights, content suggestions, and analytics
  • To sync and display campaign performance metrics and business analytics
  • To send service-related notifications (errors, alerts, billing)
  • To detect and prevent fraud, abuse, and security threats
  • To comply with legal obligations

4. Data Sharing and Third-Party Services

We share your data with the following categories of third parties, solely for the purpose of providing the Service:

  • Meta Platforms (Facebook, Instagram, WhatsApp): We send your content, ad configurations, and messaging data to Meta's APIs to publish posts, create campaigns, and manage conversations. Meta processes this data under their own Data Policy.
  • AI providers (OpenAI, Z.ai): We send your chat messages, business context, and content prompts to AI model providers to generate responses and content. We do not send platform tokens or passwords to AI providers.
  • TikTok, YouTube, Google: Content and tokens are sent to these platforms' APIs for publishing and analytics when you connect them.
  • Error tracking (GlitchTip): We send anonymized error reports (no tokens, no email, no IP) to our self-hosted GlitchTip instance for debugging.

We do not sell your personal data to any third party. We do not share your data with advertisers, data brokers, or any party unrelated to the Service.

5. Data Storage and Security

  • All data is stored on our self-hosted infrastructure (DigitalOcean VPS, Frankfurt region)
  • OAuth tokens are encrypted at rest using AES-256-GCM encryption with a dedicated encryption key
  • All data in transit is protected by TLS 1.2+ (HTTPS enforced, HSTS enabled)
  • Database access is restricted to internal network only (no public ports)
  • Passwords are hashed using bcrypt before storage
  • Access to user data requires authentication and ownership verification

6. Cookies and Tracking

We use the following cookies and local storage:

  • Session cookie (next-auth.session-token): Authenticates your login session. Essential — the Service cannot function without it.
  • Locale cookie (locale): Stores your language preference. Optional.
  • Cookie consent (localStorage): Records whether you accepted the cookie banner. Essential.
  • Theme preference (localStorage): Light/dark mode setting. Optional.

We do not use third-party tracking cookies, advertising pixels, or analytics services (Google Analytics, Facebook Pixel, etc.).

7. Data Retention

  • Account data: retained while your account is active. Deleted within 7 days of account deletion request.
  • Content and campaigns: retained while your account is active. Deleted with account.
  • Messaging data: retained while your account is active. Deleted with account.
  • Platform tokens: retained while integration is connected. Revoked and deleted when you disconnect or delete your account.
  • Error logs: anonymized, retained for up to 90 days.
  • Billing records: retained for up to 7 years as required by tax and accounting law.

8. Data Deletion

You have the right to request deletion of your account and all associated personal data at any time. We offer two ways:

  • From Facebook: Go to Facebook Settings → Apps and Websites, find "ADS UP", click "Remove". Facebook will notify us automatically via our data deletion callback.
  • Contact us: Email hello@adsup.pro with subject "Data Deletion Request".

Full instructions and the list of data we delete are available at /data-deletion. Deletion requests are processed within 7 days and confirmed via a status page with a unique confirmation code.

9. Age Requirement

The Service is intended for users who are at least 18 years of age. We do not knowingly collect personal information from anyone under 18. If we learn that we have collected data from a user under 18, we will delete the account and associated data promptly. If you believe a minor is using the Service, please contact us at hello@adsup.pro.

10. International Data Transfers

Your data is stored on servers located in the European Union (Frankfurt, Germany). When you use the Service, your data may be transferred to third-party API providers (Meta, OpenAI, Z.ai, TikTok, Google) whose servers may be located in other jurisdictions. These transfers are necessary to provide the Service and are covered by each provider's data processing agreements.

11. Your Rights

Depending on your jurisdiction, you may have the following rights:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate data.
  • Deletion: Request deletion of your data (see Section 8).
  • Portability: Request your data in a machine-readable format.
  • Restriction: Request that we limit processing of your data.
  • Objection: Object to processing of your data for specific purposes.
  • Withdraw consent: Withdraw consent for data processing at any time by disconnecting integrations or deleting your account.

To exercise any of these rights, contact us at hello@adsup.pro. We will respond within 30 days.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify registered users of material changes via email or in-app notification. The "Last updated" date at the top reflects the most recent revision. Continued use of the Service after changes constitutes acceptance of the updated policy.

13. Contact

For questions about this Privacy Policy or to exercise your data rights, contact us at: hello@adsup.pro

Adsup Pro LLC
Bali, Indonesia