Adfynx LogoAdfynx

Privacy

Detailed information about how Adfynx collects, uses, stores, and protects your data, and your privacy rights.

Note: This page provides a high-level overview of our privacy practices. For complete legal details, please refer to our Privacy Policy.

What Data We Collect

1. Account Information

  • Email address (for login and communication)
  • Name (optional, for personalization)
  • Password (hashed, never stored in plain text)

2. Meta Advertising Data

We retrieve (but do not store) the following data from Meta in real-time:

  • Ad account identifiers (Ad Account ID, Page ID, etc.)
  • Campaign, ad set, and ad basic information (name, status, objective, etc.)
  • Ad performance metrics (impressions, clicks, spend, conversions, CTR, CPC, ROAS, etc.)
  • Insights report data (segmented by time, region, age, gender, placement, etc.)
  • Creative assets metadata (image URLs, video URLs, ad copy text)

3. Content You Generate in Adfynx

  • AI-generated analysis reports
  • Custom dashboard configurations
  • Saved filters and views
  • Notes and annotations
  • Feedback and support requests

4. Usage Data

  • Login times and IP addresses
  • Pages visited and features used
  • Browser type and device information
  • Error logs and performance metrics

5. Payment Information

We use Stripe as our payment processor. We do not store your full credit card number. We only retain transaction records (amount, date, status) for billing and accounting purposes.

How We Use Your Data

Provide Services

  • Display your advertising data and performance metrics
  • Generate AI-powered analysis and insights
  • Provide dashboard and reporting features
  • Sync data from Meta API

Improve Product

  • Analyze usage patterns to optimize features
  • Identify and fix bugs
  • Develop new features based on user needs

Customer Support

  • Respond to your inquiries and support requests
  • Troubleshoot technical issues
  • Send service-related notifications

Security & Compliance

  • Detect and prevent fraud and abuse
  • Comply with legal obligations
  • Enforce our Terms of Service

What We DON'T Do

  • We do not sell your data to third parties
  • We do not use your advertising data for our own advertising or marketing
  • We do not share your data with competitors
  • We do not train AI models on your data without explicit consent

When We Share Your Data

We only share your data in the following limited circumstances:

1. Service Providers (Subprocessors)

We use third-party service providers to help us deliver our services. These providers have access to your data only to perform specific tasks on our behalf and are obligated to protect it.

  • Vercel: Frontend hosting and CDN
  • Railway: Backend hosting and computing
  • Supabase: Database and storage
  • Stripe: Payment processing
  • AWS SES: Email service
  • Google Analytics 4: Website analytics

See our Subprocessors page for the complete list.

2. Legal Requirements

We may disclose your data if required by law, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or others' safety.

3. Business Transfers

If Adfynx is involved in a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction. We will notify you before your data is transferred and becomes subject to a different privacy policy.

4. With Your Consent

We may share your data with third parties if you explicitly consent (e.g., integrating with other tools you use).

How Long We Keep Your Data

  • Account Data: Retained while your account is active. After account closure, deleted within 24 hours, unless legally required to retain longer.
  • Meta Raw Data: Not retained long-term. May exist in short-term cache or processing queues to complete requests and troubleshooting.
  • Analysis Reports: Retained for your access until you delete them. After deletion, removed from active systems immediately.
  • Usage Logs: Retained for 12 months for security and troubleshooting purposes.
  • Payment Records: Retained for 7 years for tax and accounting compliance.

How We Protect Your Data

We implement multiple layers of security measures to protect your data:

  • Encryption in Transit: All data transmission uses TLS 1.2+ encryption
  • Encryption at Rest: Sensitive data (e.g., Meta Access Tokens) encrypted at application layer using AES-256
  • Access Control: Least privilege principles; production data access requires 2FA
  • Monitoring: Real-time security monitoring and anomaly detection
  • Audit Logs: All production access logged and regularly reviewed
  • Vulnerability Management: Regular dependency scanning and security updates

For more details, see our Security page.

Your Privacy Rights

Depending on your location, you may have the following rights:

Right to Access

You can request a copy of the personal data we hold about you. Most data is accessible directly in your account dashboard.

Right to Rectification

You can update or correct your personal information in account settings. For data you cannot edit yourself, contact us.

Right to Deletion

You can request deletion of your data. We will delete within 24 hours, unless legally required to retain. You can also delete specific reports or content in-product.

Right to Data Portability

You can export your data in machine-readable format (e.g., JSON, CSV). Export functionality available in account settings.

Right to Object

You can object to certain data processing activities. For example, you can opt out of marketing emails (we don't send many anyway).

Right to Restrict Processing

You can request we limit how we use your data in certain circumstances (e.g., while disputing data accuracy).

How to Exercise Your Rights

To exercise any of these rights:

We will respond to your request within 2 business days to acknowledge receipt, and provide a substantive response within 14 days. If we need more time, we will notify you and explain why.

International Data Transfers

Our primary data processing and storage region is us-east-1 (US East). If you are located outside the United States, your data will be transferred to and processed in the US.

We ensure appropriate safeguards are in place for international data transfers:

  • Our infrastructure providers (Vercel, Railway, Supabase) comply with industry-standard security practices
  • We implement contractual protections with subprocessors (Data Processing Agreements)

Children's Privacy

Adfynx is not intended for use by individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will delete it promptly. If you believe we have collected data from a child, please contact us at support@adfynx.com.

Cookies & Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for login and core functionality (cannot be disabled)
  • Analytics Cookies: Help us understand how you use Adfynx (Google Analytics 4)
  • Performance Cookies: Monitor application performance and errors

You can control cookie preferences in your browser settings. Note that disabling essential cookies may affect functionality.

Privacy Policy Updates

We may update our privacy practices from time to time. If we make material changes, we will:

  • Update the "Last Updated" date on our Privacy Policy
  • Notify you via email or in-platform notification
  • For significant changes, request your consent before they take effect

We recommend reviewing our Privacy Policy periodically to stay informed about how we protect your data.

Frequently Asked Questions

A: Absolutely not. We will never sell your data to third parties. Our business model is subscription-based; we make money from your subscription fees, not from selling your data.

Contact Us

If you have questions about our privacy practices or want to exercise your privacy rights:

Last updated: December 19, 2025

Adfynx - AI-Powered Ad Insights