Privacy Policy

SEM & SMM Campaign Budget Optimizer (“we,” “us,” or “our”) is operated by Corriston Consulting. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform at campaignbudgetoptimizer.comand any related services (collectively, the “Service”).

By using the Service, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use the Service.

2.1 Information You Provide

• Account registration information (name, email address, password)
• Billing information processed securely through our payment provider
• Communications you send us (support requests, inquiries)

2.2 Information from Connected Ad Platforms

When you connect your advertising accounts (Google Ads, Meta Ads, Microsoft Advertising, LinkedIn Ads), we access data through their official APIs solely to provide the Service. This includes:

• Ad account IDs and campaign names
• Daily spend, impressions, clicks, and conversion data
• OAuth access tokens used to authenticate API requests

We do not access, store, or use any personal data about your end customers or the audiences targeted by your ad campaigns.

2.3 Automatically Collected Information

• Log data (IP address, browser type, pages visited, timestamps)
• Device information (operating system, screen resolution)
• Cookies and similar tracking technologies (see Section 7)

We use the information we collect to:

• Provide, operate, and improve the Service
• Generate AI-powered budget recommendations based on your campaign performance data
• Send transactional emails (account confirmations, billing receipts, alerts)
• Respond to your support requests
• Detect and prevent fraud or unauthorized access
• Comply with legal obligations

We do not sell your personal information or your ad account data to any third party. We do not use your campaign data to train general-purpose AI models shared across customers.

We may share your information with:

• Service providers — infrastructure and hosting providers (e.g., Supabase, Vercel) that process data on our behalf under confidentiality agreements
• AI providers — anonymized campaign performance data may be sent to OpenAI to generate budget recommendations. No personally identifiable information is included in these requests.
• Legal requirements — if required by law, court order, or government authority
• Business transfers — in connection with a merger, acquisition, or sale of assets, with notice to affected users

We retain your account data for as long as your account is active or as needed to provide the Service. Campaign performance data used for AI weight personalization is retained for up to 90 days on a rolling basis. OAuth tokens are deleted immediately when you disconnect a platform. You may request deletion of all your data at any time by contacting us.

We implement industry-standard security measures including encryption at rest and in transit (TLS), row-level security on our database, and access controls. OAuth tokens are stored encrypted and are only used to make API calls on your behalf. However, no method of transmission over the Internet is 100% secure, and we cannot guarantee absolute security.

We use the following types of cookies:

• Essential cookies — required for authentication and session management. These cannot be disabled without breaking the Service.
• Analytics cookies — used to understand how users interact with the Service so we can improve it. You may opt out via your browser settings.

We do not use advertising cookies or sell data to ad networks.

Depending on your location, you may have the right to:

• Access the personal data we hold about you
• Correct inaccurate data
• Request deletion of your data (“right to be forgotten”)
• Restrict or object to processing
• Data portability (receive your data in a machine-readable format)
• Withdraw consent at any time (where processing is based on consent)

To exercise any of these rights, contact us at corristonconsulting@gmail.com. We will respond within 30 days.

If you are a California resident, you have the right to know what personal information we collect, request deletion of your personal information, and opt out of the sale of personal information. We do not sell personal information. To submit a request, contact us at the email above.

If you are located in the European Economic Area (EEA), our legal basis for processing your data is:

• Contract performance — to provide the Service you signed up for
• Legitimate interests — to improve the Service and prevent fraud
• Legal obligation — to comply with applicable laws

Data is stored on servers in the United States. By using the Service, you consent to this transfer. We rely on standard contractual clauses where required.

The Service is not directed to individuals under the age of 16. We do not knowingly collect personal information from children. If you believe a child has provided us with personal information, please contact us and we will delete it promptly.

We may update this Privacy Policy from time to time. We will notify you of material changes by email or by posting a prominent notice on our website at least 14 days before the change takes effect. Your continued use of the Service after the effective date constitutes acceptance of the updated policy.

If you have any questions about this Privacy Policy, please contact us:

• Email: corristonconsulting@gmail.com
• Company: Corriston Consulting