Privacy Policy

1. Scope & summary

This policy covers Adlenz, Inc. (“we”, “Adlenz”) and all services provided at adlenz.com. It applies to customers who authenticate via Meta to run creative audits, visitors to our marketing site, and recipients of shareable report links.

One-line summary: We collect the minimum data needed to run your creative audit, we never train models on your data, and you can delete everything at any time.

2. What we collect

From Meta (read-only)

• Ad creatives — images, videos, captions, headlines, CTAs
• Ad metadata — campaign names, dates, placements, audiences
• Performance metrics — impressions, clicks, conversions, spend, ROAS

We do not collect: user-level data (customer profiles, emails, addresses), pixel events, attribution windows you haven’t approved, or data from any account you haven’t connected.

From you directly

• Account info — name, work email, company, role
• Brand inputs — brand guidelines PDFs, voice notes, competitor URLs (optional)
• Billing — last 4 digits, card brand, billing address (handled by Stripe; we never see full card numbers)

Automatically

• Product usage — pages viewed, features used, errors encountered (via self-hosted PostHog)
• Cookies — one session cookie + one preference cookie. No third-party tracking pixels on the app.

3. How we use it

We use the data strictly to:

• Generate your creative audit reports (vision + copy analysis, scoring, pattern detection, briefs)
• Keep your reports up to date with weekly/daily re-analysis on subscription plans
• Respond to support requests
• Send transactional emails (login codes, billing receipts, fatigue alerts you opt into)
• Improve the product — only in aggregate, de-identified form (e.g., “avg audit takes 7 minutes”)

We will never use your data to market to your customers, sell to third parties, or train external AI systems.

4. Sharing & sub-processors

We use a small, audited list of sub-processors. Each has a DPA and SOC 2 Type II:

• AWS (us-east-1) — hosting, storage, compute
• Stripe — payments
• OpenAI — portions of copy analysis (no training on inputs per Enterprise agreement)
• Anthropic — portions of copy analysis (no training on inputs per Enterprise agreement)
• Resend — transactional email

We do not share your data with advertisers, ad networks, or any third party for marketing purposes.

5. AI training

We do not train, fine-tune, or otherwise use your creative data to improve our own scoring or generation models. Our scoring model was trained once on a curated set of public and licensed creative data, before launch. It is updated quarterly using that same licensed corpus.

All prompts sent to OpenAI and Anthropic are covered by zero-retention Enterprise agreements: inputs are deleted within 24 hours and never used for training.

6. Retention & deletion

We keep your audit data for 90 days by default on Growth and Agency plans (so you can compare to historical reports). Single audits are retained for 30 days, then auto-purged.

You can delete your account at any time: Settings → Account → Delete. All creative files, embeddings, reports, and logs are purged within 30 days. Tax receipts are kept for 7 years per U.S. law.

7. Your rights

Under GDPR (EU), CCPA (California), and comparable laws, you have the right to: access your data, correct it, export it, delete it, restrict processing, and object to processing. To exercise any of these, email privacy@adlenz.com — we respond within 10 business days.

8. Security

Encryption: AES-256 at rest, TLS 1.3 in transit. Access: role-based with hardware keys for engineering. Audit: quarterly penetration tests, annual SOC 2 Type II (in progress, expected Q3 2026). Incident response: 72-hour breach notification commitment.

9. Contact

Privacy questions: privacy@adlenz.com
Data Protection Officer: Elena M. Walsh
Mailing address: Adlenz, Inc., 548 Market St #89340, San Francisco, CA 94104, USA