Last updated: March 13, 2026

1. Introduction

Digital Marketing Audit (“we,” “our,” or “the Service”) is a privacy-by-design application that helps you audit your Google Ads accounts. This Privacy Policy explains what information we collect, how we use it, and your rights regarding your data. We are committed to minimizing the data we collect and do not store your email address, name, or other personally identifiable information beyond what is strictly necessary to provide the Service.

2. Information We Collect

We collect only the following categories of information:

Account identifiers: When you sign in with Google, we create and store an opaque user ID (generated by us) and Google’s stable subject identifier (“googleSub”) so we can recognize you on return visits. We do not store your email address or display name.

Google Ads connection data: If you connect your Google Ads account, we store an OAuth refresh token and a list of Google Ads customer IDs (and whether each is an MCC) that you have access to. We do not store account names or other identifiable labels for those accounts.

Technical and usage data: Our hosting and infrastructure (including Google Cloud / Firebase) may log IP addresses, request timestamps, and similar technical data for security and operation. We do not use this for profiling or advertising.

How We Use Your Information

We use the information we collect solely to:

– Provide and maintain the Digital Marketing Audit service

– Authenticate you and link your session to your stored account and Google Ads connection

– Display your connected Google Ads customer IDs and run audits as you request

– Improve the security and reliability of the Service

– Comply with applicable law and enforce our Terms of Service

We do not sell your information. We do not use your data for advertising or marketing purposes.

4. Cookies and Similar Technologies

We use cookies and similar technologies only as necessary to operate the Service:

Session cookies: To keep you signed in (e.g., session cookie). These are essential for the Service to function.

OAuth state cookies: Temporary cookies used during the “Connect Google Ads” flow to prevent cross-site request forgery. They are deleted after the flow completes.

We do not use cookies for tracking, analytics, or advertising. You can control or delete cookies through your browser settings; disabling essential cookies may prevent the Service from working correctly.

5. Third-Party Services and Data Sharing

We use the following third-party services:

Google: For sign-in (Google OAuth) and for the Google Ads API when you connect your Google Ads account. Google’s use of data is governed by [Google’s Privacy Policy](https://policies.google.com/privacy) and the [Google API Terms of Service](https://developers.google.com/terms). We only request the minimum scopes needed (e.g., sign-in profile, Google Ads access).

Google Cloud / Firebase (Firestore): To store the minimal data described above (user IDs, connection data). Data is stored in Google Cloud and is subject to Google Cloud’s terms and privacy practices.

We do not share your information with other third parties except: (a) as required by law or to protect rights and safety; (b) with your consent; or (c) with service providers who process data on our behalf under strict confidentiality and data-processing terms.

6. Data Retention and Deletion

We retain your account and Google Ads connection data for as long as your account is active. If you wish to delete your data, you may contact us (see Section 10). We will delete or anonymize your data within a reasonable period, except where we must retain it for legal or legitimate operational reasons (e.g., security logs).

7. Security

We use industry-standard measures to protect your data, including encryption in transit (HTTPS), secure storage of tokens, and access controls. OAuth tokens are stored in a secure database and are not exposed to the client. Despite our efforts, no method of transmission or storage is 100% secure; we cannot guarantee absolute security.

8. Your Rights

Depending on your location, you may have the right to:

– Access the personal data we hold about you

– Correct or update your data

– Request deletion of your data

– Object to or restrict certain processing

– Data portability

– Withdraw consent where processing is based on consent

– Lodge a complaint with a supervisory authority

To exercise these rights, please contact us using the details in Section 10. We will respond in accordance with applicable law.

9. Children

The Service is not directed at children under 16. We do not knowingly collect personal information from children under 16. If you believe we have collected such information, please contact us so we can delete it.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will post the updated policy on this page and update the “Last updated” date. Continued use of the Service after changes constitutes acceptance of the revised policy. For material changes, we may provide additional notice (e.g., by email or a notice in the Service).

11. Contact Us

If you have questions about this Privacy Policy or our data practices, or wish to exercise your rights, please contact us via the contact method provided on the Digital Marketing Audit website (e.g., contact form or email listed on the site).