InteliAds

Privacy Policy

Effective April 29, 2026

This policy explains what data InteliAds ("we", "our", the "Service") collects when you use inteliads.io and the dashboard at dashboard.inteliads.io, why we collect it, who we share it with, and how you can exercise your rights over it. We aim to keep this short and readable rather than legally exhaustive — if anything is unclear, email support@inteliads.ioand we'll answer in plain language.

1. What we collect

Account information

When you sign up we collect your email address and a hashed password. If you sign in via a third party (e.g. Login with Amazon) we receive the profile information that provider chooses to share with us.

Amazon Ads account data

To operate the Service we ask you to authorize InteliAds against your Amazon Advertising account. When you do, we receive a refresh token scoped to that account and use it to read and modify your campaigns, ad groups, keywords, product targets, and search terms — only what's necessary to provide the optimization features you asked for.

We store the metrics Amazon returns (impressions, clicks, spend, sales, ACOS, etc.) so the Service can analyze them over time without re-fetching on every page load. We do not sell, share, or expose this data to anyone outside your account.

Billing information

When you subscribe to a paid plan, payment is processed by Stripe. We never see or store your full card number; Stripe handles all card data under PCI DSS. We do receive (and store) the metadata Stripe sends about your subscription: customer id, subscription id, plan, trial dates, renewal dates, and whether your last payment succeeded or failed.

Usage and diagnostic data

We log requests to our backend (timestamp, IP address, user-agent, endpoint hit, response code) so we can debug problems and detect abuse. We log structured events when you take meaningful actions inside the Service (signing in, syncing your Amazon account, creating a rule, etc.) — see "Audit trail" below.

Cookies and similar technologies

We use a single first-party authentication cookie / token to keep you signed in. We do not use third-party advertising cookies. If we ever add optional analytics (Plausible, PostHog, etc.) you'll be asked to opt in via the cookie banner before they load.

2. Why we collect it (legal basis)

  • Performance of the contract with you — operating the Service, syncing your Amazon data, running your automation rules, billing you for the plan you signed up for.
  • Legitimate interest— basic logging for security, abuse prevention, and product debugging. We don't use this for marketing.
  • Consent— for any non-essential cookie or analytics tooling we add later, we'll only load it after you opt in via the cookie banner.
  • Legal obligation — to keep records that tax authorities or auditors may require (typically 7 years for billing records).

3. Who we share it with (data processors)

We share data only with the third-party services we need to run InteliAds. We have data-processing agreements with each:

  • Supabase — managed Postgres database where your account, plan, and ad data is stored. Data resides in EU regions where available.
  • Stripe — payment processing. PCI-compliant. They store your card details, not us.
  • Amazon Advertising API — we send authenticated requests on your behalf to fetch and modify your Amazon Ads campaigns. This is the core of what the Service does.
  • Hostinger — VPS infrastructure that runs our backend.
  • GitHub Actions / GHCR — CI/CD pipeline. Your data does not flow through here; only application code does.
  • Email delivery — transactional email (welcome, trial-ending reminders, payment failures) is sent via SMTP. We may switch providers as we scale; the current provider is listed in the public DNS records of our sending domain.

We do not sell your data. We do not share your data with advertising networks, data brokers, or other unrelated third parties.

4. How long we keep it

  • Account data— for as long as your account exists. Closing your account triggers deletion within 30 days, except where we're legally required to keep records (typically billing).
  • Ad metric data — historical data is retained while your account is active so the rules engine can analyze trends. After account deletion this is purged with the account.
  • Billing records — kept for the period required by law in our jurisdiction (typically 7 years).
  • Logs — application and security logs are retained for up to 90 days, then rotated out.

5. Your rights (GDPR & equivalents)

If you're in the EU, UK, or other jurisdictions with similar laws, you have the right to:

  • Access a copy of the personal data we hold about you.
  • Correct data that's inaccurate or incomplete.
  • Delete your data (the "right to be forgotten").
  • Export your data in a portable format.
  • Object to specific uses, or restrict our processing.
  • Withdraw consent at any time where we relied on it.
  • Lodge a complaint with your local data protection authority.

To exercise any of these, email support@inteliads.iofrom the address on your account. We'll respond within 30 days.

6. Audit trail

InteliAds keeps an internal log of significant actions you take in the Service — logging in, syncing your Amazon account, creating or modifying optimization rules, executing rules, and billing events. This log is for your own diagnostic visibility and our ability to investigate incidents. Admins can read it; other users cannot.

7. Security

We use TLS for all data in transit. Database access is restricted by row-level security policies that scope every query to the requesting user's account. Backups are encrypted at rest. Production hosts run with reduced privileges and a hardened container configuration.

No system is perfectly secure. If you suspect a breach involving your account, email support@inteliads.io immediately and we'll investigate within 24 hours.

8. International transfers

InteliAds operates from the European Union and stores data primarily on EU-region infrastructure. Some of our processors (notably Stripe and Amazon) are US-based or operate globally. Transfers outside the EU rely on the EU Standard Contractual Clauses or equivalent safeguards.

9. Children

InteliAds is a B2B tool intended for KDP authors and other professional advertisers. It is not directed at children under 16, and we do not knowingly collect data from children. If you believe a child has provided us with personal data, email us and we'll delete it.

10. Changes to this policy

We may update this policy as the Service evolves or as we onboard new processors. The effective date at the top of this page reflects the most recent change. For material changes (e.g. new processors, expanded data collection) we'll notify you by email or in-app banner before they take effect.

11. Contact

Questions, requests, complaints — all welcome at support@inteliads.io. We read every message a real human sends us, and we aim to respond within one business day.