Privacy Policy

We collect the following categories of information:

• Account information — your name, email address, password (stored only as a secure hash), and organization details.
• Data from connected services — when you authorize a connection (via OAuth or credentials) to platforms such as Google Ads, Google Analytics (GA4), Meta Ads, Mailchimp, WordPress, or others, we access the data needed to provide the Service — for example campaign performance, spend, audiences, analytics, and ad assets. We never receive your passwords for these platforms.
• Content you provide — files you upload (such as CSVs and brand assets), prompts, and the marketing strategies, creatives, and campaigns you generate.
• Usage and device data — log data, IP address, browser type, and how you interact with the Service, used for security, diagnostics, and improving the product.

• Provide, operate, and maintain the Service.
• Generate marketing strategies, creatives, reports, and ad campaigns, and surface analytics and recommendations.
• Authenticate you, secure your account, and prevent abuse.
• Provide customer support and respond to your requests.
• Improve and develop new features, in aggregated or de-identified form where possible.
• Comply with legal obligations.

Sonaira's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically, data obtained from Google Ads and Google Analytics is used only to provide and improve the user-facing features you see in Sonaira. We do not sell this data, use it for advertising, or use it to train generalized AI/ML models, and we only share it as needed to provide the Service or as required by law.

Data accessed from Meta, Mailchimp, WordPress, and other platforms is likewise used only to deliver the features you request and is handled in accordance with those platforms' terms. You control which platforms are connected and can disconnect any of them at any time.

We use third-party AI providers — including Amazon Web Services (AWS Bedrock / Anthropic Claude) and OpenAI — to generate text, strategies, and images. We do not use your connected-account data to train these providers' general-purpose models, and content is processed only to deliver the output you request.

We do not sell your personal information. We share information only:

• With service providers that host or power the Service (e.g. AWS for hosting, storage, and AI), under contractual confidentiality and security obligations.
• With the advertising and marketing platforms you connect, to carry out actions you request (e.g. creating a paused campaign).
• When required by law, or to protect the rights, safety, and security of users and the public.
• In connection with a merger, acquisition, or sale of assets, subject to this Policy.

We retain your information for as long as your account is active or as needed to provide the Service. When you disconnect a platform, we delete the data synced from that account and revoke our stored access. You may request deletion of your account and associated data at any time by contacting us.

We protect your data with industry-standard measures, including encryption in transit (TLS) and encryption at rest for sensitive credentials such as OAuth tokens. No method of transmission or storage is completely secure, but we work to protect your information and to limit access to it.

• Access, correct, or delete your account information.
• Disconnect any connected platform, which removes the data synced from it.
• Revoke Sonaira's access from the platform itself (for Google, via your Google Account permissions).
• Request a copy of your data or ask questions about how it is used.

We are based in the United States and process data on U.S.-based infrastructure. If you access the Service from outside the U.S., you understand your information may be transferred to and processed in the United States.

The Service is not directed to children under 16, and we do not knowingly collect personal information from them.

We may update this Privacy Policy from time to time. We will revise the "Last updated" date above and, where appropriate, notify you. Continued use of the Service after changes take effect constitutes acceptance.

If you have questions about this Privacy Policy or your data, contact us at privacy@sonaira.ai.