Skip to content

Privacy Policy

Last updated: April 9, 2026

Information We Collect

When you use AdsPipe, we collect:

  • Account information: Name, email address, and billing details provided during signup.
  • Facebook data: When you connect your Facebook account via OAuth, we receive an access token and your Facebook user ID. We use this token solely to make Facebook Ads API requests on your behalf (e.g., listing campaigns, creating ads, retrieving insights).
  • Usage data: We log which API tools you call, response times, and error codes for rate limiting and billing purposes. We do not log the content of your Facebook ad data.
  • Payment information: Processed by Stripe. We never store credit card numbers.

How We Use Your Information

  • To provide and maintain the AdsPipe service
  • To authenticate your identity and authorize access to your Facebook ad accounts
  • To process billing and enforce usage limits
  • To monitor and improve service reliability
  • To communicate with you about your account

Facebook Data

  • We access your Facebook ad accounts only through the permissions you explicitly grant during the OAuth authorization flow.
  • Your Facebook access token is encrypted at rest using AES-256-GCM and stored in our database. We never store tokens in plaintext.
  • We do not sell, share, or transfer your Facebook data to any third party.
  • We do not use your Facebook data for advertising, profiling, or any purpose other than executing the API requests you initiate.
  • You can revoke AdsPipe's access to your Facebook account at any time by clicking "Disconnect" in your dashboard or by removing AdsPipe from your Facebook App Settings.
  • When you disconnect or delete your account, we immediately delete your stored Facebook token and associated data.

Data Retention & Deletion

  • Account data is retained while your account is active.
  • Usage logs are retained for billing and support purposes.
  • Facebook tokens are deleted immediately upon disconnection or account deletion.

Data Security

  • All data is transmitted over TLS (HTTPS).
  • Facebook tokens are encrypted at rest using AES-256-GCM with key versioning.
  • API keys are hashed with SHA-256 before storage.
  • Our database is hosted on DigitalOcean Managed PostgreSQL with encryption at rest.
  • We use Sentry for error monitoring with automatic scrubbing of sensitive data (tokens, API keys).

Your Rights

  • Access: You can view your account data in the dashboard at any time.
  • Deletion: You can delete your account and all associated data by contacting [email protected].
  • Revocation: You can disconnect your Facebook account at any time.
  • Data portability: Contact us to request an export of your data.

For EU/EEA users: We process your data under GDPR Article 6(1)(b) (contractual necessity) and 6(1)(f) (legitimate interest in operating the service). You may contact us at [email protected] for any GDPR-related requests.

Third-Party Services

We use the following third-party services:

  • Stripe for payment processing
  • DigitalOcean for hosting and database
  • Resend for transactional email
  • Sentry for error monitoring
  • Help Scout for customer support
  • Cloudflare for DNS and CDN

Changes to This Policy

We may update this policy from time to time. We will notify you of material changes via email or a notice on our website.

Contact

For privacy-related questions, contact: [email protected]