Privacy Policy
Last updated March 28, 2025
1. Introduction
Marketa ("we", "our", or "us") operates the platform at marketa.space. This Privacy Policy explains how we collect, use, and safeguard your information when you use the Service — including when you connect your Facebook / Instagram advertising accounts via the Meta API.
By using Marketa you agree to the collection and use of information in accordance with this policy.
2. Information We Collect
Account Information
When you register, we collect your name, email address, and password via Firebase Authentication. We never store your plaintext password.
Meta / Facebook Data
When you connect your Meta Ads account we request OAuth access and the following permissions:
- ads_management — create, read, update, and delete campaigns on your behalf
- ads_read — read performance data and insights for your ad accounts
- business_management — access business pages connected to your ad account
We store your Meta access token (encrypted) and Ad Account ID solely to perform ad automation actions you explicitly trigger. We do not sell or share this data.
Usage Data
We collect server logs including IP address, browser type, pages visited, and timestamps for security and debugging only.
AI-Generated Content
When you use our AI features, your input (URLs, brand descriptions) is sent to Google Gemini API for processing. We do not retain this input beyond the request.
3. How We Use Your Information
- To authenticate you and provide access to the Service
- To connect to and manage your Meta Ads accounts on your behalf
- To generate AI-powered ad copy and campaign recommendations
- To send transactional emails (account-related notifications only)
- To monitor and improve the security and performance of the Service
- To comply with legal obligations
We do not use your data for our own advertising or sell it to data brokers.
4. Data Retention
We retain your account data for as long as your account is active. Meta access tokens are deleted when you disconnect your Meta account or delete your Marketa account. Campaign data synced from Meta is retained for up to 12 months, after which it is automatically purged.
5. Third-Party Services
Firebase (Google)
Authentication and user management
Supabase
Database hosting in EU/US regions
Meta Graph API
Ad account management on your behalf
Google Gemini API
AI content generation
n8n
Workflow automation for campaign execution
6. Data Security
All data is transmitted over HTTPS. Meta access tokens are encrypted at rest. We apply rate limiting, access logging, and role-based access controls. No method of transmission over the internet is 100% secure.
7. Your Rights
- Access the personal data we hold about you
- Correct inaccurate data
- Request deletion of your data
- Withdraw consent at any time by disconnecting your Meta account
- Lodge a complaint with your local data protection authority
Email privacy@marketa.space to exercise any of these rights.
8. Data Deletion
You may request deletion of all personal data at any time. See our Data Deletion Instructions page for the full process.
9. Children's Privacy
The Service is not directed to individuals under 16. We do not knowingly collect data from children.
10. Changes to This Policy
We may update this policy from time to time and will notify you of material changes by posting the new policy on this page.