Privacy Policy
Effective date: February 12, 2026
Adsity (“we”, “our”, “us”) operates the Adsity mobile and web application (the “Service”). This Privacy Policy describes how we collect, use, store, and share information when you use our Service, and explains your rights regarding that information.
By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree with this policy, please do not use the Service.
1. Information We Collect
1.1 Information You Provide
| Data Type | Examples | Purpose |
|---|---|---|
| Account info | Email address, name | Authentication, account management |
| Lead data | Contact names, phone numbers, notes | Core service functionality |
| Business data | Business name, agency info | Multi-tenancy, team collaboration |
| Sequence content | Message templates, step configuration | Follow-up automation |
| Activity logs | Notes, call logs, meeting records | Lead timeline tracking |
1.2 Information Collected Automatically
| Data Type | Examples | Purpose |
|---|---|---|
| Device info | Device type, OS version | Push notifications, compatibility |
| Push tokens | Expo push notification tokens | Delivering notification alerts |
| Timezone | Auto-detected from device | Scheduling follow-ups, daily summaries |
1.3 Information from Third Parties
If you connect your Facebook account, we receive ad campaign data and lead information through the Facebook Marketing API, solely for syncing leads into your Adsity account.
2. Legal Basis for Processing (GDPR)
If you are in the European Economic Area (EEA), UK, or Switzerland, we process your personal data under the following legal bases:
- Contract performance: Processing necessary to provide the Service you signed up for (account data, lead data, sequences).
- Legitimate interest: Analytics and service improvement, provided these interests are not overridden by your rights.
- Consent: Push notifications and optional Facebook integration. You can withdraw consent at any time.
3. How We Use Your Information
- To provide, operate, and maintain the Service’s lead management and follow-up features
- To authenticate your identity and secure your account
- To send push notifications you have opted into (daily summaries, new lead alerts)
- To sync leads from connected Facebook ad campaigns
- To provide customer support when you contact us
- To detect and prevent fraud, abuse, or security incidents
We do not use your data for advertising, profiling, or automated decision-making.
4. How We Share Your Information
We do not sell, rent, or trade your personal data.
We share data only with the following categories of service providers, solely to operate the Service:
| Provider | Purpose | Privacy Policy |
|---|---|---|
| Clerk | Authentication & user management | clerk.com/privacy |
| Convex | Backend database & real-time sync | convex.dev/legal/privacy |
| Expo | Push notification delivery | expo.dev/privacy |
| Meta / Facebook | Ad lead sync (only if you connect) | facebook.com/privacy |
We may also disclose your information if required by law, legal process, or government request.
5. Messaging
When you use the messaging feature, the Service opens your preferred messaging app (WhatsApp, Telegram, SMS, or Messenger) via a deep link with a pre-filled message. We do not send messages on your behalf, access your messaging accounts, or store message content. The message is sent entirely through your own device and messaging app.
6. Data Storage and Security
Your data is stored on servers operated by Convex (hosted in the United States). Data is encrypted in transit (TLS) and at rest. Authentication credentials are managed by Clerk using industry-standard security practices including bcrypt hashing and secure session management.
While we implement reasonable technical and organizational measures to protect your data, no method of electronic storage or transmission is 100% secure. We cannot guarantee absolute security.
7. Data Retention
- Active accounts: Your data is retained for as long as your account is active.
- Archived sequences: Soft-deleted with a 14-day grace period before permanent removal.
- Deleted agencies/businesses: Soft-deleted with a 14-day grace period.
- Push tokens: Automatically cleaned up after 30 days of inactivity.
- Account deletion: Upon deletion, all associated data is permanently removed. See our Account Deletion page for details.
8. Your Rights
All Users
- Access: View all your data within the App at any time.
- Deletion: Delete your account and all data directly from Settings in the App, or contact us.
- Notification control: Enable or disable push notifications via device settings or in-app preferences.
- Facebook disconnect: Revoke Facebook integration at any time from Settings.
EEA, UK, and Swiss Users (GDPR)
In addition to the above, you have the right to:
- Rectification: Correct inaccurate personal data.
- Restriction: Request that we limit processing of your data.
- Portability: Receive your data in a structured, machine-readable format.
- Object: Object to processing based on legitimate interest.
- Withdraw consent: Where processing is based on consent, withdraw it at any time.
- Lodge a complaint: File a complaint with your local data protection authority.
To exercise any of these rights, contact us at [email protected]. We will respond within 30 days.
California Users (CCPA)
If you are a California resident, you have the right to:
- Know what personal information we collect and how it is used.
- Request deletion of your personal information.
- Not be discriminated against for exercising your privacy rights.
We do not sell personal information as defined by the CCPA.
9. International Data Transfers
Your data may be transferred to and processed in the United States, where our service providers operate. If you are located outside the United States, by using the Service you consent to the transfer of your data to the US. We ensure that appropriate safeguards are in place to protect your data in accordance with this policy.
10. Children’s Privacy
The Service is not directed at children under the age of 13. We do not knowingly collect personal information from children under 13. If we become aware that we have collected data from a child under 13, we will take steps to delete it promptly. Users between 13 and 18 may use the Service with the consent of a parent or legal guardian.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the effective date at the top. Your continued use of the Service after changes are posted constitutes acceptance of the revised policy.
12. Contact Us
If you have any questions about this Privacy Policy, your data, or wish to exercise your rights, contact us at: