overads
Start trial
Legal

Privacy policy

Last updated: May 21, 2026

1. Introduction

This privacy policy explains how overads ('we', 'us', 'our') collects, uses, and protects information when you visit our marketing site or use the overads product. By using overads you agree to the practices described here. This document is a placeholder template; please consult counsel before launch.

2. Data we collect

We collect account information you provide directly (name, email, workspace name), authentication metadata from your identity provider, usage telemetry generated as you use the product, and ad-account data you authorize us to fetch via OAuth from supported platforms. We do not collect payment card numbers directly; payment processing is handled by our payments provider.

3. How we use data

We use the data we collect to operate the service, authenticate you into your workspace, sync metrics from connected ad platforms, generate AI suggestions, send transactional email, prevent abuse, and improve the product. We do not sell personal data and we do not train third-party foundation models on customer ad data.

4. Sharing with third parties

We share data with a limited set of subprocessors that are essential to running the service (infrastructure, payments, AI inference, error tracking, transactional email). A full list of subprocessors is available in our Data Processing Agreement. We do not share customer data with advertisers or data brokers.

5. Cookies and similar technologies

We use a small number of first-party cookies for authentication, workspace switching, and basic product analytics. We do not use third-party advertising cookies on our application surfaces. Our marketing site may use lightweight, privacy-respecting analytics to understand aggregate page performance.

6. Your rights

Depending on where you live, you may have rights to access, correct, export, or delete the personal data we hold about you. You can exercise most of these rights from inside the product Settings. For anything else, write to privacy@overads.io and we will respond within thirty days.

7. GDPR (EEA, UK, Switzerland)

If you are located in the European Economic Area, the United Kingdom, or Switzerland, we process personal data on the legal bases of contract performance, legitimate interest, and consent where applicable. We offer a Data Processing Agreement that incorporates the relevant Standard Contractual Clauses for international transfers.

8. CCPA (California)

If you are a California resident, you have specific rights under the California Consumer Privacy Act including the right to know what personal information we collect, the right to delete personal information, and the right to opt out of any sale of personal information. We do not sell personal information.

9. Data retention

We retain personal data and ad-platform data for as long as your workspace is active. When a workspace is deleted, data enters a thirty-day soft-delete window during which it can be restored, then is permanently removed from primary systems. Encrypted backups age out within ninety days.

10. Contact

Questions about this policy or our data practices can be sent to privacy@overads.io. For formal data protection inquiries from the EEA or UK, write to the same address with the subject prefix 'GDPR request'.