How DTCadAi processes advertising account, reporting, creative and audit-log data after you authorize access.
When you register, sign in or connect an advertising platform, we process your account email, workspace name, team role, ad account IDs, campaign data, delivery reports, Pixel / CAPI status, creative asset records and system audit logs.
DTCadAi only accesses data from Meta, TikTok, Google and other ad platforms after you explicitly authorize it. We never ask for your platform passwords and never access ad accounts via cookies or simulated login.
Data is used to show ad account status, generate optimization suggestions, prepare ad drafts for confirmation, record actions executed after user confirmation, build reports and help teams audit operations.
The system works on a "suggest, then execute after user confirmation" basis. DTCadAi does not submit real ad changes on your behalf without your authorization or confirmation.
Ad account connections are completed through official OAuth or platform API authorization. You can revoke authorization at any time in DTCadAi or in the platform.
Team member permissions can be restricted by role, platform, ad account, campaign, Pixel, reporting and finance module.
Platform access tokens are encrypted at rest on the server and are never exposed to the browser frontend. Sensitive actions are written to an audit log for troubleshooting and recovery.
We retain the operation records needed to help you trace who connected an account, created a draft, confirmed a publish, changed a budget or disconnected an account.
After you connect a TikTok ad account through the official TikTok Marketing API (OAuth / Business Center authorization), DTCadAi accesses, within the authorized scope: ad account and Business Center information, campaign / ad group / ad structure, delivery reports and metrics, Pixel and conversion events, and the creative assets you upload or generate.
For automated ad creation, DTCadAi creates campaigns, ad groups and ads and uploads creatives on behalf of the authorized user; new objects are created in a paused state by default and never spend until you explicitly activate them.
TikTok access tokens are stored encrypted with AES-256-GCM on the server and are never exposed to the browser; every create, pause and budget action is written to an audit log.
DTCadAi complies with TikTok developer and advertising policies and uses TikTok data only to provide advertising management and optimization for that user. We do not sell or transfer it to third parties. You can disconnect at any time in DTCadAi or revoke authorization in TikTok Business Center; on disconnect we delete the corresponding access token and synced data (see Data Deletion).
After you connect a Google Ads account through Google OAuth, DTCadAi accesses, within the authorized scope: Google Ads account and manager (MCC) structure, campaigns, ad groups, ads, keywords, budgets, performance reports and conversion metrics.
For automated ad placement, DTCadAi creates and manages campaigns, ad groups and ads on behalf of the authorizing user; changes are executed after user confirmation and important objects can be created in a paused state.
Google Ads access and refresh tokens are stored encrypted at rest on the server and are never exposed to the browser; every create, pause and budget action is written to an audit log.
DTCadAi’s access to and use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements. Google Ads data is used only to provide advertising management and optimization for the authorizing user; it is not sold or transferred to third parties, not used for advertising, and not used to train generalized AI models or for any purpose other than providing the service. You can disconnect at any time in DTCadAi or revoke access in your Google Account; on disconnect we delete the corresponding tokens and synced data (see Data Deletion).
After you connect a Meta ad account through Facebook Login / OAuth, DTCadAi accesses, within the authorized scope: ad account and Business Manager information, campaigns, ad sets, ads, insights / reports, connected Pages, and Pixel / Conversions API status.
For automated ad management, DTCadAi creates, duplicates, pauses and adjusts campaigns, ad sets and ads on behalf of the authorizing user; new or duplicated objects are created in a paused state by default and only activate after the user confirms.
Meta access tokens are stored encrypted at rest on the server and are never exposed to the browser; every create, pause and budget action is written to an audit log.
DTCadAi complies with the Meta Platform Terms and Developer Policies and uses Meta data only to provide advertising management and optimization for the authorizing user. We do not sell or transfer it to third parties. You can disconnect at any time in DTCadAi or revoke access in your Meta Business settings; on disconnect we delete the corresponding access token and synced data (see Data Deletion).
Data controller: FutureWave Commerce LLC (the company operating DTCadAi), 316 S Hunter St, Aspen, CO 81611, USA.
To access, export or delete your data, contact support@dtcadai.com.