AdRoast (“we”, “us”) helps marketers review and improve Meta ads. This policy explains what data we collect, why we collect it, and the choices you have. We try to keep this short and human.
What we collect
- Account info: name, email, and login provider when you sign up.
- Ad creatives & context: images, videos, copy, and campaign details you upload to be roasted.
- Meta Ads data (optional): read-only campaign, ad set, ad, and metric data (CTR, hook rate, CPUC, spend) when you connect your Meta Ads Manager.
- Usage data: basic logs, page views, and feature usage so we can fix bugs and improve the product.
- Billing data: handled by Stripe. We never see or store your full card number.
How we use it
- To generate roasts, scores, and improvement suggestions.
- To run your account, credits, and billing.
- To improve model prompts, evaluation, and product quality.
- To send important account or product emails (no spam).
Meta Ads connection
The Meta connection is read-only and encrypted. AdRoast cannot create, edit, pause, or delete anything in your Ads Manager. Tokens are encrypted at rest and you can disconnect at any time from your account settings, which revokes our access.
AI processing
To produce roasts, your creative and context are sent to AI model providers we use as sub-processors (such as OpenAI and Google). We do not sell your data and we do not use your private creatives to train third-party foundation models.
Data sharing
We share data only with sub-processors required to run AdRoast: hosting, database, file storage, payments (Stripe), email delivery, analytics, and AI model providers. We do not sell personal data.
Retention
Roasts and uploads are kept while your account is active so you can revisit them. You can delete individual roasts or your full account at any time, which removes the associated creatives and reports from our active systems.
Your rights
You can access, export, correct, or delete your data, and object to certain processing. Email us and we will help.
Security
Data is encrypted in transit (TLS) and at rest. Access to production systems is restricted and audited.
Changes
If we make material changes to this policy, we will update the date above and notify you in-app or by email when appropriate.