Privacy Policy

Adrico ("we", "our", or "us") operates an AI-driven campaign optimization platform that connects to advertising platforms including Meta (Facebook & Instagram), Google Ads, and other supported networks. This Privacy Policy explains how we collect, use, store, and protect your information when you use our services at adrico.io (the "Service").

By using Adrico, you agree to the collection and use of information as described in this policy. If you do not agree, please discontinue use of the Service.

2.1 Account Information

• Name and email address (provided during registration)
• Organization name and industry category
• Password (stored as a one-way cryptographic hash — we never store plaintext passwords)

2.2 Advertising Platform Data

When you connect your advertising accounts, we access and store data through the official APIs of each platform, strictly within the permissions you grant:

• Google Ads: Campaign names, impressions, clicks, conversions, spend, ROAS, ad group and keyword performance. Access is governed by the Google API Services User Data Policy.
• Meta (Facebook & Instagram) Ads: Campaign and ad set data, creative performance, spend, reach, frequency, conversions. Access is governed by the Meta Platform Policy.

We do not access your personal Facebook profile, personal posts, messages, photos, or any data outside of advertising account metrics.

2.3 Usage Data

• Browser type, operating system, and IP address
• Pages visited within the Service and time spent
• Features used and actions taken (e.g., running an optimization)

2.4 Cookies & Similar Technologies

We use strictly necessary cookies for session authentication (httpOnly, secure). We do not use third-party tracking cookies or cross-site advertising cookies.

We use the information we collect to:

• Provide, maintain, and improve the Adrico Service
• Analyze your campaign performance and generate AI-driven recommendations
• Detect performance gaps and calculate ROAS simulations
• Authenticate your identity and maintain secure sessions
• Send transactional emails (account creation, password reset, important service notices)
• Respond to your support requests
• Comply with legal obligations

We do not sell your data to third parties. We do not use your campaign data to train general-purpose AI models shared across customers. Your data is processed solely to power your own campaign insights.

Adrico integrates with the following platforms via their official developer APIs. By connecting your accounts, you authorize Adrico to access the data scopes described below:

4.1 Google Ads API

Adrico uses the Google Ads API to read campaign performance data. We request read-only access to your Google Ads accounts. We do not create, modify, or delete campaigns on your behalf unless you explicitly trigger an action within the platform. Use of Google user data complies with the Google API Services User Data Policy, including the Limited Use requirements.

4.2 Meta Marketing API

Adrico uses the Meta Marketing API to access advertising campaign data associated with your Meta Business account. We request the ads_read and read_insights permissions. We do not access your personal Meta profile, friends list, posts, or messages. Access is governed by the Meta Platform Policy.

4.3 Revoking Access

You can disconnect any platform at any time from the Integrations page within your Adrico account. You can also revoke access directly from:

• Google Account Permissions
• Meta Business Integrations

Your data is stored on secure servers. We implement industry-standard security measures including:

• TLS encryption for all data in transit
• Encryption at rest for sensitive fields
• httpOnly, Secure session cookies to prevent XSS-based token theft
• Short-lived access tokens with automatic refresh
• Role-based access controls — only your organization can access your campaign data

While we take reasonable precautions, no system is 100% secure. We encourage you to use a strong password and report any suspicious activity to security@adrico.io.

We retain your account data for as long as your account is active. Campaign performance data synced from connected platforms is retained for up to 24 months to enable historical trend analysis.

When you delete your account, we permanently delete your personal data and campaign data within 30 days, except where retention is required by law.

Depending on your location, you may have the following rights:

• Access: Request a copy of the data we hold about you.
• Correction: Request correction of inaccurate data.
• Deletion: Request deletion of your personal data ("right to be forgotten").
• Portability: Request your data in a machine-readable format.
• Objection: Object to certain processing activities.
• Restriction: Request that we limit how we use your data.

To exercise any of these rights, contact us at privacy@adrico.io. We will respond within 30 days.

Adrico is intended for business use by individuals aged 18 and older. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, contact us immediately at privacy@adrico.io.

We may update this Privacy Policy from time to time. When we make material changes, we will notify you via email or a prominent notice within the Service. The "Last updated" date at the top of this page reflects the most recent revision.

If you have questions about this Privacy Policy or your data, please contact: