Privacy Policy

סוכרת בשליטה - בתאל בר, an Israeli sole proprietorship based in Israel, operating as AdShield ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our landing page monitoring service.

1. Information We Collect

1.1 Information You Provide

When you create an account or use our Service, we collect:

• Account Information: Name, email address, and profile information provided through OAuth authentication (Google, Facebook)
• Billing Information: Payment details processed securely through Airwallex (we do not store full credit card numbers)
• Communication Data: Information you provide when contacting our support team

1.2 Information from Third-Party Platforms

When you connect advertising platforms, we collect:

• Google Ads: Ad account names, campaign names, ad names, landing page URLs (read-only access)
• Facebook Ads: Ad account names, campaign names, ad names, landing page URLs (read-only access)
• TikTok Ads: Ad account names, campaign names, ad names, landing page URLs (read-only access)

Important: We only request read-only access to your advertising data. We do not create, modify, or delete any campaigns or ads on your accounts.

1.3 Automatically Collected Information

• Usage Data: Pages visited, features used, and actions taken within the Service
• Device Information: Browser type, operating system, IP address
• Cookies: Session cookies for authentication and functionality

1.4 Platform Data (Meta, Google, and TikTok Advertising APIs)

Meta refers to data obtained through their Marketing API as "Platform Data." The same principles apply to data we obtain from the Google Ads API and the TikTok Marketing API. This section sets out exactly what Platform Data we receive, how we use it, and the controls you have over it.

What Platform Data we receive. After you authorize AdShield via OAuth, we periodically read the following from your connected accounts:

• Ad account names and identifiers
• Campaign, ad set, and ad metadata (names, IDs, status, configured budgets)
• Landing page URLs associated with each ad
• Performance metrics: spend, impressions, clicks, CTR, CPC, CPM, and conversions

We do not request, receive, or store: customer audiences, custom audiences, lookalike data, message content, post comments, page-level engagement data, lead-form responses, or any data about the end users who saw or clicked your ads.

How we use Platform Data. Platform Data is used solely to provide the AdShield Service to you, specifically to:

• Discover and import your ads so you can choose which ones to monitor
• Compare actual spend, CTR, CPM, and other metrics against thresholds you configure, and alert you when a threshold is crossed
• Pair each ad with the URL it points to, then continuously check that the URL is online and serving the expected content

What we do not do with Platform Data. We do not:

• Sell Platform Data to anyone, ever
• Use Platform Data to build advertising profiles or audiences
• Share Platform Data with third parties except for the infrastructure providers required to operate the Service (database hosting, email delivery), each of which is contractually bound to use the data only on our instructions and only for the purposes described in this Policy
• Use Platform Data to train machine-learning models, AI systems, or any product unrelated to the monitoring features you signed up for
• Modify, create, or delete any campaign, ad set, ad, or other resource on your connected accounts — our access scopes are read-only on the platform side

Retention of Platform Data.

• Cached Platform Data is retained for as long as your AdShield account is active and the corresponding platform connection is in place.
• When you disconnect a platform inside AdShield (Connections → Disconnect), we revoke the OAuth token immediately and delete the cached Platform Data within 30 days.
• When you request account deletion (see §5.1), all Platform Data linked to your account is deleted within 90 days.

Your control. You can revoke AdShield's access at any time from inside the Service (Connections → Disconnect) or directly from the platform itself (Meta Business Integrations, Google Account Permissions, TikTok Ads Manager). Revoking access stops further data collection immediately.

2. How We Use Your Information

We use the collected information to:

• Provide, operate, and maintain the Service
• Monitor your landing pages and send alert notifications
• Process payments and manage subscriptions
• Communicate with you about service updates and support
• Analyze usage patterns to improve the Service
• Detect, prevent, and address technical issues or fraud
• Comply with legal obligations

3. Information Sharing and Disclosure

We do not sell your personal information. We may share information with:

• Service Providers: Third-party vendors who assist in operating our Service (e.g., Airwallex for payments, email providers for notifications)
• Legal Requirements: When required by law, court order, or governmental authority
• Business Transfers: In connection with a merger, acquisition, or sale of assets
• With Your Consent: When you explicitly authorize sharing

4. Data Storage and Security

4.1 Data Location

Your data is stored on servers located in the European Union (EU). We implement appropriate technical and organizational measures to protect your data in compliance with applicable data protection laws.

4.2 Security Measures

• OAuth tokens are encrypted using AES-256 encryption
• All data transmissions use TLS 1.2+ encryption (HTTPS)
• We never store your advertising platform passwords
• Access to production systems is restricted and logged
• Regular security assessments and updates

5. Data Retention

We retain your data as follows:

• Account Data: Retained while your account is active
• Monitoring Data: Task execution history retained for service operation
• After Account Deletion: Personal data is deleted within 90 days
• OAuth Tokens: Revoked and deleted immediately upon disconnecting a platform

5.1 Data Deletion Requests

Meta and other platforms require us to provide a clear way for you to request deletion of any data we hold about you. You can request deletion at any time using either of the following channels.

Disconnect a single platform. If you only want us to stop collecting data from one connected ad platform, sign in to AdShield, open Connections, and click Disconnect next to that platform. The OAuth token is revoked immediately and the cached Platform Data from that platform is deleted within 30 days. The rest of your AdShield account remains intact.

Delete your entire account. Email privacy@adshield.limpox.co.il from the email address registered on your AdShield account, with the subject line "Data Deletion Request". We will:

• Acknowledge your request within 5 business days
• Verify that the request comes from the account holder (we may ask for additional information)
• Permanently delete your account, all associated Platform Data, OAuth tokens, monitoring tasks, execution history, and notification records from our active systems within 30 days
• Purge any remaining copies from encrypted backups within 90 days
• Confirm completion in writing

Effect of deletion. Once deletion is complete, AdShield can no longer monitor your ads or send alerts, and the action is irreversible. Records that we are legally required to retain (for example, invoice records held by our payment processor Airwallex) will be retained according to those legal obligations and the corresponding processor's own retention rules.

For Meta users specifically: the URL https://adshield.limpox.co.il/legal/privacy#data-deletion is the official Data Deletion Instructions URL registered with Meta for the AdShield application.

6. Your Rights

Depending on your location, you may have the following rights:

• Access: Request a copy of your personal data
• Correction: Request correction of inaccurate data
• Deletion: Request deletion of your personal data
• Portability: Receive your data in a structured, machine-readable format
• Objection: Object to processing of your personal data
• Withdraw Consent: Withdraw consent for data processing at any time

To exercise these rights, contact us at info@adshield.limpox.co.il.

7. Cookies and Tracking

We use cookies for:

• Essential Cookies: Required for authentication and core functionality
• Analytics Cookies: To understand how users interact with our Service

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

8. Third-Party Services

Our Service integrates with:

• Airwallex: Payment processing (Airwallex Privacy Policy)
• Google: OAuth authentication and Google Ads API (Google Privacy Policy)
• Facebook/Meta: OAuth authentication and Facebook Ads API (Meta Privacy Policy)
• TikTok: TikTok Ads API (TikTok Privacy Policy)

9. International Data Transfers

סוכרת בשליטה - בתאל בר is based in Israel. Your information may be transferred to, stored, and processed in locations outside your country of residence, including Israel and the European Union. The European Commission has issued an adequacy decision for Israel under Article 45 GDPR, which means transfers of personal data from the EEA to Israel do not require additional safeguards. By using our Service, you consent to such transfers, and we maintain appropriate technical and organisational safeguards for any onward transfers in compliance with applicable data protection laws.

10. Children's Privacy

Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected data from a child, we will take steps to delete such information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

12. Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us:

סוכרת בשליטה - בתאל בר
Operating as AdShield
Email: info@adshield.limpox.co.il
Israel

13. Israeli Privacy Protection Law

As an Israel-based business, סוכרת בשליטה - בתאל בר complies with the Israeli Protection of Privacy Law, 5741-1981 (חוק הגנת הפרטיות, התשמ"א-1981) and the Privacy Protection Regulations (Information Security), 5777-2017. You have the rights granted under those laws, including the right to inspect personal data we hold about you and to request correction or deletion of that data. Requests can be submitted to privacy@adshield.limpox.co.il and will be handled in line with §5.1 of this Policy and the timelines required by Israeli law.

14. Additional Rights for EU Residents (GDPR)

If you are located in the European Economic Area (EEA), you have additional rights under the General Data Protection Regulation (GDPR):

• Right to lodge a complaint with a supervisory authority
• Right to restrict processing of your personal data
• Right not to be subject to automated decision-making

Our legal basis for processing personal data includes: contract performance, legitimate interests, and consent where applicable.

15. California Privacy Rights (CCPA)

If you are a California resident, you have the right to:

• Know what personal information is collected about you
• Know whether your personal information is sold or disclosed
• Say no to the sale of personal information (we do not sell personal information)
• Access your personal information
• Request deletion of your personal information
• Not be discriminated against for exercising your privacy rights