Privacy Policy

For the purposes of this Privacy Policy, the following definitions apply:

• User: Individual or legal entity that uses the DirectAds platform for uploading and managing advertising campaigns.
• Personal Data: Information related to an identified or identifiable natural person.
• Controller: Individual or legal entity that makes decisions about the processing of personal data (DirectAds, regarding data of its users).
• Operator: Individual or legal entity that processes data on behalf of the controller.
• Processing: Any operation performed with personal data (collection, storage, use, sharing, etc.).

We collect the following data to execute our bulk advertising campaign upload services:

• Registration Data: Full name, email, phone, billing data - for account management, support, and billing.
• Meta Access Credentials: OAuth tokens from Facebook Login for Business, explicitly authorized by the USER during consent, containing the following permissions used strictly for the declared purposes: email, public_profile, ads_management, ads_read, business_management, catalog_management, attribution_read, pages_show_list, pages_read_engagement, pages_manage_ads, pages_manage_metadata, pages_manage_posts, pages_manage_engagement, pages_messaging, leads_retrieval, read_insights.
• Usage Data: Activity logs, campaigns created, usage metrics - for service improvement and technical support.
• Payment Data: Credit card or bank information - processed by secure payment gateway.
• Marketing and Analytics Data: We capture data during pre-registration (WaitlistModal) and while you use our platform: name, email, phone, UTM parameters (utm_source, utm_medium, utm_campaign, utm_content, utm_term), advertising click IDs (fbclid from Facebook, gclid from Google, ttclid from TikTok), IP address, user-agent, and referrer URL. We use this data for campaign attribution, fraud detection, and marketing optimization.

When you use DirectAds to upload advertising campaigns, the platform acts as a Data Operator regarding third-party data processed:

• Ad creatives (images, videos, texts)
• Target audiences configured for campaigns
• Destination URLs and landing pages

In these cases, you (User) are the Controller of this data and must ensure you have authorization to use it in advertising campaigns. DirectAds only processes this data according to your instructions for uploading to advertising platforms.

We use the collected information to:

• Execute the bulk advertising campaign upload service
• Process payments and manage your subscription
• Provide technical support and customer service
• Send communications about updates, news, and maintenance
• Improve the platform and develop new features
• Prevent fraud and ensure platform security
• Comply with legal and regulatory obligations

We implement technical and organizational measures to protect your data:

• SSL/TLS encryption on all data transmissions
• Access tokens stored in encrypted form
• Servers protected with firewalls and 24/7 monitoring
• Restricted access only to authorized employees
• Regular backups with geographic redundancy

Your data may be shared with:

• Meta/Facebook: For executing campaign uploads to connected ad accounts.
• Payment Processors: Stripe Inc. (USA) for secure processing of subscriptions and transactions.
• Infrastructure Providers: DigitalOcean LLC (servers), Cloudflare Inc. (CDN and protection), Railway Corp. (auxiliary services), all under confidentiality agreements.
• Authorities: When required by law, court order, or investigation.

We never sell your personal data to third parties.

Compliance with Meta policies: DirectAds operates in compliance with the Meta Platform Terms and Developer Policies, processing Meta Platform Data exclusively as authorized by the USER via Facebook Login for Business.

We use cookies and similar technologies to:

• Keep your session authenticated on the platform
• Remember your language and theme preferences
• Analyze platform usage for improvements
• Ensure security and prevent fraud

You can configure your browser to refuse cookies, but this may affect platform functionality.

According to LGPD (Art. 18), you have the right to:

• Confirmation: Know if we process your personal data
• Access: Request a copy of the data we hold
• Correction: Correct incomplete or outdated data
• Anonymization/Blocking: For unnecessary or excessive data
• Portability: Receive your data in a structured format
• Elimination: Request data deletion (respecting legal obligations)
• Revocation: Withdraw consent at any time

We commit to responding to requests within 2 business days.

DirectAds is intended exclusively for users 18 years of age or older. We do not intentionally collect data from minors. If you believe a minor has provided data to the platform, please contact us for immediate removal.

This Privacy Policy may be updated periodically. Significant changes will be communicated by email or notification on the platform. The date of the last update will always be visible at the top of this document.

We recommend reviewing this page periodically.

For questions about this Privacy Policy or to exercise your rights:

• Email: suporte@directads.ai
• WhatsApp: +55 (11) 95254-6214

Applicable Law: This policy is governed by Brazilian law, especially Law No. 13.709/18 (LGPD) and the Brazilian Civil Rights Framework for the Internet (Law No. 12.965/14).

For questions about this Privacy Policy or to exercise your rights:

• Email: suporte@directads.ai
• WhatsApp: +55 (11) 95254-6214

Applicable Law: This policy is governed by Brazilian law, especially Law No. 13.709/18 (LGPD) and the Brazilian Civil Rights Framework for the Internet (Law No. 12.965/14).