Your privacy matters.

Account Information

When you register for OrchardAds, we collect your name, email address, and a securely hashed password. We use this to authenticate you and communicate important service updates.

Apple Ads Credentials

To connect your Apple Search Ads account, you provide a Client ID, Team ID, and Key ID. These credentials are encrypted at rest using industry-standard encryption. Your RSA private key is never stored on our servers — only the public key you generate is transmitted to Apple's API.

Usage Data

We collect anonymized usage data (pages visited, features used, error logs) to improve the platform. This data cannot be used to identify you personally.

Service Delivery

Your Apple Ads credentials are used solely to authenticate API requests to Apple's Campaign Management API on your behalf. We never access your Apple Ads data for any purpose other than fulfilling your requests within the OrchardAds dashboard.

Communication

We may email you about service updates, security notices, or significant changes to our policies. You can opt out of marketing emails at any time.

Security & Fraud Prevention

We use account and usage data to detect suspicious activity, prevent unauthorized access, and maintain platform integrity.

Encryption

All sensitive credentials are encrypted at rest using AES-256 encryption. All data in transit is protected via TLS 1.2 or higher.

Database

Your data is stored in a managed PostgreSQL database hosted on secure, SOC 2-compliant infrastructure. Access is restricted to authorized systems only.

Session Management

Authentication sessions are managed via short-lived JWTs stored in HTTP-only, Secure cookies. We do not use localStorage or sessionStorage for sensitive tokens.

We Do Not Sell Your Data

OrchardAds does not sell, rent, or trade your personal information or Apple Ads credentials to any third party, ever.

Apple Inc.

API requests made on your behalf are sent directly to Apple's Campaign Management API servers. Apple's own privacy policies govern how Apple handles these requests.

Service Providers

We may use third-party services (e.g., email delivery, error monitoring) that process limited data on our behalf under strict data processing agreements.

Access & Portability

You can request a copy of all personal data we hold about you by contacting support@orchardads.io.

Deletion

You can request deletion of your account and all associated data at any time. Upon deletion, your encrypted credentials are permanently purged from our systems within 30 days.

Correction

If any information we hold is inaccurate, you can update it directly in your profile settings or contact us to correct it.

Essential Cookies Only

OrchardAds uses only essential cookies required for authentication (HTTP-only JWT session cookie). We do not use tracking, analytics, or advertising cookies.

OrchardAds is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe a minor has registered, please contact us immediately.

We may update this Privacy Policy from time to time. We will notify you of significant changes via email or a prominent notice within the dashboard. Continued use of OrchardAds after changes constitutes acceptance of the updated policy.

For any privacy-related questions or requests, contact us at privacy@orchardads.io or visit our Contact page.