🌐 Language · Idioma · Idioma · Lang:
← Back to MasReach

Privacy Policy

Last updated: March 24, 2026

1. Overview

MasReach ("we", "our", or "us") is a multi-platform advertising management platform that helps businesses create, manage, and monitor ad campaigns across Google Ads, Meta (Facebook/Instagram), and other platforms. This Privacy Policy explains how we collect, use, store, and protect your information when you use our service.

By using MasReach, you agree to the collection and use of information described in this policy.

2. Information We Collect

Account Information

When you register, we collect your email address and any profile information you provide. This is used to authenticate you and operate your account.

OAuth Tokens & Ad Platform Credentials

To connect your advertising accounts (Google Ads, Meta, etc.), we store OAuth access tokens and refresh tokens. These tokens are encrypted at rest and are used solely to interact with those platforms on your behalf — to read campaign data, create campaigns, and push updates you initiate within MasReach.

Campaign & Advertising Data

We store campaign names, budgets, targeting parameters (age ranges, locations, interests, gender), ad creative assets you upload, and performance metrics synced from connected platforms. This data is used to power the MasReach dashboard and campaign management features.

Usage Data

We may collect information about how you interact with MasReach, including pages visited, features used, and actions taken. This helps us improve the product.

3. How We Use Your Information

  • To operate your MasReach account and provide the service
  • To connect to and interact with your ad platforms on your explicit instruction
  • To display your campaign data, budgets, and performance metrics in the dashboard
  • To push campaign updates to connected platforms when you save changes
  • To send you important service-related communications (not marketing without consent)
  • To improve, debug, and develop new features in MasReach
  • To comply with legal obligations

4. Third-Party Services

MasReach uses the following third-party services to operate. Each has its own privacy policy:

Supabase: Database, authentication, and file storage. Your account data and campaign records are stored here.
Meta Marketing API: Used to read and write campaign data to your Meta (Facebook/Instagram) ad accounts.
Google Ads API: Used to read and write campaign data to your Google Ads accounts.
Vercel: Hosting and serverless infrastructure for the MasReach application.

We do not sell, rent, or share your data with any third party beyond what is required to operate these integrations on your behalf.

5. Data Retention

We retain your data for as long as your account is active. If you disconnect a platform integration, the associated OAuth token is deleted immediately. If you delete your account, all associated data — including campaigns, tokens, and assets — will be permanently removed within 30 days.

Meta OAuth tokens expire after 60 days and must be renewed by reconnecting. Google OAuth tokens use refresh tokens and are renewed automatically.

6. Security

We use industry-standard security measures to protect your data:

  • All data is encrypted in transit using TLS/HTTPS
  • OAuth tokens and sensitive fields are encrypted at rest
  • Access to production data is restricted to authorized personnel only
  • Row-level security (RLS) ensures users can only access their own data

7. Your Rights

Depending on your location, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Correction: Request that we correct inaccurate or incomplete data
  • Deletion: Request that we delete your personal data
  • Portability: Request your data in a portable, machine-readable format
  • Objection: Object to certain types of data processing

To exercise any of these rights, contact us at masreachadmin@masreach.net.

8. Cookies

MasReach uses minimal cookies — primarily HttpOnly session cookies for OAuth state management during platform connection flows. We do not use advertising cookies or cross-site tracking cookies. Your authentication session is stored in your browser's local storage, not in persistent cookies.

9. Contact

For privacy questions, data requests, or concerns, please contact us at masreachadmin@masreach.net. We will respond within 30 days.

This privacy policy may be updated from time to time. We will notify you of material changes by email or by posting a notice in MasReach before the change takes effect.

Terms of ServiceBack to MasReach