Get ScaleLogic

Privacy Policy

Last updated: April 28, 2026

At Get ScaleLogic we respect your privacy and are committed to protecting the personal data you share with us. This policy explains what we collect, how we use it, and the rights you have over your information.

1. Information we collect

We collect the email and name you provide at sign-up, the campaign data you log manually, and metrics imported from ad platforms (Meta Ads, Google Ads) once you authorize the connection. We also store technical data such as access logs, IP address, and browser type for security purposes.

2. How we use your data

Your data is used exclusively to operate the dashboard, calculate ROI and net profit, sync ad spend, send service notifications, and improve the product. We never sell your data to third parties.

3. Sharing with third parties

We share data only with infrastructure providers strictly necessary to run the service (hosting, database, authentication). When you connect Meta or Google, data is exchanged via official APIs under the terms of those platforms.

4. Data retention

We keep your data while your account is active. You can delete your campaigns at any time from the dashboard, and request full account deletion via support.

5. Your rights

You have the right to access, correct, export, and delete your data, as well as revoke consent for ad-platform integrations at any time from the Integrations page.

6. Google API Services — Limited Use disclosure

Get ScaleLogic's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements. We only request the Google Ads scope (https://www.googleapis.com/auth/adwords) to read campaign spend, impressions, clicks and daily performance from accounts you authorize. We never create, edit, pause or delete campaigns, never sell Google user data, never use it for advertising, and never allow humans to read it except (a) with your explicit consent, (b) for security and abuse investigations, or (c) when required by law. Tokens are stored encrypted and are only accessible to backend processes that sync your dashboard. You can revoke access at any time from the Integrations page or from https://myaccount.google.com/permissions.

7. Contact

For privacy questions, write to support@getscalelogic.com.

Data Protection for Sensitive API Scopes

Get ScaleLogic accesses Google Ads data (and other ad platform data) through OAuth scopes that Google classifies as sensitive. We apply the following safeguards specifically to Google Ads data and the OAuth tokens that authorize access to it:

  • Encryption in transit: All data — including Google Ads API calls and OAuth token exchanges — is transmitted over industry-standard TLS/HTTPS. Plain-HTTP traffic is never accepted.
  • Encryption at rest: OAuth access tokens and refresh tokens are stored in our managed Postgres database (Supabase) with encryption at rest enabled at the storage layer.
  • Minimum data necessary: We only persist what is strictly required to sync ad spend (account ID, refresh token, short-lived access token, and the login-customer-id needed by the Google Ads API). We do not copy or store Google Ads creatives, audiences, keywords, or any user personal data from the Ads account.
  • No browser storage of access tokens: Google Ads access tokens are never written to localStorage, sessionStorage, cookies, or any client-side storage. They live only server-side and are used exclusively from our backend to call the Google Ads API.
  • Revocable at any time: You can disconnect Google Ads at any time from the Integrations page, which deletes the stored tokens. You can also revoke access directly from your Google Account permissions page.
  • Regular security audits: We conduct regular reviews of access controls, RLS policies, dependency vulnerabilities, and OAuth token handling.
  • Secure infrastructure: Data is processed and stored on Supabase (Postgres) with row-level security policies that restrict every user to only their own integration rows.
  • No sale or sharing for ads: We never sell, share, transfer, or otherwise disclose user data (including Google Ads data) to third parties for advertising, marketing, or data-broker purposes.
  • Right to deletion: You can request permanent deletion of all your data, including stored OAuth tokens and synced ad metrics, at any time from your account settings or by contacting support.