Privacy Policy

Last updated: April 14, 2026

MarketingMCP ("we", "our", or "us") operates the MarketingMCP service accessible at mcp-ads.com. This policy explains what data we collect, how we use it, and your rights.

1. Data We Collect

• Account data: Your name and email address, obtained through Google Sign-In.
• OAuth tokens: Google and Meta access/refresh tokens, stored encrypted, used solely to execute the API calls you request through the MCP interface.
• Billing data: Subscription status managed by Airwallex. We do not store card numbers.
• Usage data: Request logs for debugging and abuse prevention.

2. How We Use Your Data

• To authenticate you and maintain your session.
• To call Google Ads, GA4, Google Search Console, Google Sheets, and Meta Ads APIs on your behalf.
• To process subscription payments.
• To send transactional emails (e.g. invite links, billing receipts).

3. Data Sharing

We do not sell your data. We share data only with:

• Google LLC — to authenticate you and access Google APIs.
• Meta Platforms — to access Meta Ads APIs.
• Airwallex — to process payments.
• Supabase — database hosting (encrypted at rest).
• Google Cloud — application hosting.

4. Data Retention

We retain your data for as long as your account is active. You can request deletion at any time by emailing us. OAuth tokens are deleted immediately when you disconnect an account.

5. Security

OAuth tokens are encrypted with AES-256 (Fernet) before being stored. Connections use TLS. We do not log token values.

6. Your Rights

You may request access to, correction of, or deletion of your personal data at any time by contacting us at support@mcp-ads.com.

7. Google API Scopes

Our use of data received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

8. Contact

Questions? Email support@mcp-ads.com.