Retrofit AI Systems ("we", "us") operates the Meta Ads Monitor service ("the Service"). This policy describes what data the Service collects, why, how long we keep it, and how you can request its deletion.
The Service collects two categories of data:
Account data (provided by you when you sign up): the email address you used to sign in, a randomly-generated client identifier, and the timestamp of sign-up.
Meta advertising data (retrieved on your behalf via Facebook's Marketing API after you grant access through Facebook Login for Business): the IDs and names of the ad accounts you authorized, and campaign-level performance metrics for the trailing rolling window — including spend, impressions, clicks, click-through rate, cost per impression, cost per click, conversions, revenue, return on ad spend, frequency, and reach. We do not collect ad creatives, audience definitions, the contents of any messages, or personal information about the people who saw your ads.
When you click "Connect Meta", you are redirected to Facebook's login screen and asked to authorize two permissions: ads_read (to read ad performance metrics) and business_management (to list the ad accounts under your Business Manager). After you approve, Facebook issues us a long-lived system user token that the Service uses to pull the metrics described above on your behalf. The token is stored encrypted at rest using authenticated encryption (AES-GCM). You can revoke our access at any time from your Facebook Business Manager settings, and we will mark your account as needs reconnect on the next polling cycle.
Account data is retained for the lifetime of your account. Campaign performance metrics are retained for 90 days from the date they cover; older daily metrics are deleted on a rolling basis. Alert history (the record of which alerts fired and when) is retained for 365 days for audit. If you request deletion of your account, all of the above is deleted within 30 days.
We do not sell your data and we do not share it with third parties for advertising or analytics. The data is handled only by the following named processors, each acting on our behalf under their respective data-processing terms:
You can request export or deletion of all data associated with your account by emailing privacy@retrofitaisystems.com. We will respond within 14 days and complete deletion within 30 days of the request. You can also disconnect your Meta account at any time from the Service dashboard, which immediately stops new data collection.
Meta access tokens are encrypted at rest with AES-GCM authenticated encryption. All traffic between you, the Service, and Meta uses HTTPS. We never log access tokens.
If we materially change what data we collect or how we use it, we will update the date at the top of this page and email account owners at least 14 days before the change takes effect.
For privacy questions or data requests, contact privacy@retrofitaisystems.com.