Privacy policy.

When you sign up for PMax Sentinel and connect your Google Ads account, we collect the following data:

• Account identifiers — your email address (used for login and alerts) and the Google account you authorize.
• OAuth refresh token — an encrypted credential issued by Google that lets us read your Google Ads data on a daily schedule. Encrypted at rest with AES-256-GCM.
• Google Ads metrics — search-term performance data (search_term_view), keyword performance data (keyword_view), account metadata (currency, timezone, account name), and campaign types. We pull only the fields needed to detect Performance Max cannibalization.
• Brand keywords — the list of branded queries you provide on /onboarding/brand-terms. Stored to drive the daily detection algorithm.
• Telegram chat ID — if you connect Telegram, we store the chat identifier so we can deliver your daily alert.
• Billing data — handled entirely by Stripe. We never see or store your card number; we only store the Stripe subscription ID associated with your account.

PMax Sentinel uses the Google Ads API exclusively to detect cannibalization between Performance Max and Search campaigns. We adhere to Google's API Services User Data Policy.

• All API access is read-only. We never create, edit, pause, or delete campaigns, ad groups, ads, keywords, budgets, bids, or any other Google Ads entity.
• We do not sell, share, transfer, or expose your Google Ads data to any third party.
• We do not use Google Ads data for advertising, retargeting, audience building, or model training.
• We do not aggregate Google Ads data across accounts beyond the scope of your own audit reports.
• You can revoke access at any time from your Google account permissions page. When access is revoked, we honor disconnect within 24 hours by purging the associated refresh token.

All data is stored in our managed Postgres database (Supabase), located in the EU. Access is restricted by row-level security so customers can only read data tied to their own account. All API traffic uses TLS 1.3.

• OAuth refresh tokens — kept until you disconnect or delete your account, then purged within 24 hours.
• Search-term metrics — rolling 90-day window. Older data is automatically deleted.
• Audit summaries — retained while your account is active. Purged within 30 days of account deletion.
• Telegram chat IDs — kept until you disconnect Telegram, then purged within 24 hours.

PMax Sentinel uses a small set of trusted infrastructure providers. We do not share Google Ads data with any of them beyond what is required to operate the service.

• Vercel — application hosting and daily cron execution.
• Supabase — managed Postgres database and authentication.
• Stripe — subscription billing. We never see your card number.
• Resend — transactional email (login, password reset, billing receipts).
• Telegram Bot API — daily waste alerts. Messages contain only your account's own summary statistics.
• PostHog — product analytics on PMax Sentinel itself (page views, signup events). We never send Google Ads data to PostHog.

You have the right to access, correct, export, or delete your data at any time. To exercise any of these rights, email privacy@draftlabs.org and we will respond within 30 days.

If you revoke OAuth access from your Google account, we honor disconnect within 24 hours and purge the associated refresh token.

Privacy questions: privacy@draftlabs.org. Operated by Draft Labs.