Privacy Policy

Last updated: May 15, 2026

This Privacy Policy describes how click ("click," "we," "us," or "our") collects, uses, shares, and protects information when you visit our website, create an account, use our application (including AI features and optional Meta Ads integrations), or contact us. It also explains your choices and rights. By using the Service, you acknowledge the practices described here.

This policy is designed to be transparent about our processing in a B2B SaaS context: we host customer workspaces, process prompts and content you submit for AI-assisted workflows, and—if you connect Meta—act on your behalf using permissions you grant via OAuth. It is not legal advice; consult counsel for your compliance obligations.

1. Scope and relationship to other notices

This Privacy Policy applies to personal data we process as a controller (or business, for U.S. state privacy laws) in connection with the Service. Processing we carry out strictly on behalf of an organization customer may be governed by a separate agreement; where that conflicts, the agreement controls for that relationship.

We also maintain a Cookie Policy describing cookies and similar technologies, and a User data & account deletion page with deletion steps (including for Meta-related onboarding requirements). Our Terms of Service govern use of the product.

2. Categories of information we collect

Depending on how you use click, we may collect the categories below. Not every user will provide every category.

2.1 Account and authentication

  • Identifiers and contact data: for example email address, name if you provide it, and a unique user or workspace identifier.
  • Credentials and security data: authentication artifacts maintained by our identity provider (for example password hashes, one-time codes, or session tokens)—not your bare password in readable form.

2.2 Product usage, content, and files

  • Workspace and profile details: such as organization or workspace name, preferences, and configuration you set in the product.
  • Content you submit: text prompts, chat messages, briefs, competitor or brand URLs, uploaded images or packaging references, generated assets, and other materials you provide for creative generation, research, or campaign workflows.
  • Technical and usage data: IP address, approximate location derived from IP, browser type and version, device type, operating system, referral URL, timestamps, pages or screens viewed, feature interactions, in-product events, diagnostics, and error logs.

2.3 AI, automation, and metering

  • Prompts, completions, and tool metadata: when you use AI-assisted features, we process your inputs and model outputs. We may log related metadata (for example token or cost estimates, routing identifiers, and abuse-prevention signals) for reliability, billing caps, and improvement.

2.4 Meta (Facebook / Instagram) Ads integration

If you choose to connect a Meta Ads account, we process additional data needed to operate that integration:

  • OAuth tokens and connection metadata required to access Meta APIs on your behalf, within the scopes you approve.
  • Ad account, campaign, creative, and related technical identifiers returned by Meta when you perform actions in the product (for example listing accounts, reading or editing campaigns, managing assets consistent with your permissions).

Meta's own privacy practices apply to Meta's platform; you should review Meta's terms and policies for how they process data on their services.

2.5 Public and third-party sources

  • Ad Library and public marketing data: we may retrieve publicly available advertising content, metadata, and related signals (for example from Meta Ad Library or similar sources) based on pages or queries you ask us to analyze.
  • Site or brand inputs: when you provide a URL, we may fetch and process publicly reachable content to build summaries (such as brand palettes or positioning) as part of onboarding or generation.

2.6 Support and communications

  • Support requests: messages you send to us (including email content) and related metadata.
  • Transactional notices: service, security, and policy communications as permitted by law.

2.7 Cookies and similar technologies

We and our service providers may use cookies, local storage, and similar technologies for session management, security, preferences, and measurement. Details appear in our Cookie Policy.

3. How and why we use personal data

We use personal data for the following purposes (as permitted by applicable law):

  • Provide and operate the Service: accounts, workspaces, AI-assisted workflows, storage of your content, feature delivery, troubleshooting, and customer support.
  • Meta integrations: establish and maintain OAuth connections; execute actions you initiate in the product within granted permissions; display status and results from Meta APIs.
  • Safety, integrity, and security: fraud prevention, abuse detection, rate-limiting, authentication, monitoring, and protecting users and our systems.
  • Improvement and analytics: understanding how the Service is used, diagnosing issues, and developing features (often using aggregated or de-identified information where feasible).
  • Compliance and enforcement: complying with law; enforcing our terms; defending legal claims.
  • Marketing: where permitted, sending product updates or promotional messages you can opt out of (transactional and relationship messages may continue where allowed).

Legal bases (EEA/UK/Switzerland): where GDPR-style laws apply, we rely on one or more of: performance of a contract with you; legitimate interests (for example securing and improving the Service, provided your rights are balanced); compliance with legal obligations; and, where required, consent (for example for certain cookies or marketing). You may withdraw consent where processing is consent-based, without affecting prior lawful processing.

4. Automated processing, including AI

Parts of click use machine learning and large language models to generate suggestions, creatives, summaries, or planning assistance. Outputs can be inaccurate or inappropriate; you are responsible for reviewing suitability before relying on them (especially for advertising, legal, or financial decisions). We do not use automated decisions that produce legal or similarly significant effects about you in the sense of Article 22 GDPR solely through this Service, unless we explicitly notify you otherwise within a feature.

5. How we share information

We do not sell your personal information in the conventional sense (no money for data brokerage). We share personal data as follows:

  • Infrastructure and hosting: cloud hosting, databases, authentication, and related services (for example our database and auth provider, application hosting, and edge network providers).
  • Storage and delivery: object storage and content delivery for assets and media you generate or upload.
  • AI and model providers: routing or processing through aggregated AI infrastructure and underlying model vendors as configured in our environment.
  • Background jobs and orchestration: services that run asynchronous tasks (for example long-running generation or processing pipelines).
  • Research and retrieval tooling: providers used to fetch public web or ad library content you request.
  • Meta Platforms: when you connect Meta, we exchange data with Meta APIs per your authorization.
  • Professional advisers: lawyers, auditors, or insurers where appropriate.
  • Business transfers: a merger, acquisition, financing, or asset sale may involve transfer of information; we will require successor obligations where required by law.
  • Legal and safety: disclosure when we believe in good faith it is necessary to comply with law, enforce terms, detect or prevent abuse, or protect rights and safety.

A current list of categories of sub-processors may be available on request at hi@tryclick.ai. We use contractual and organizational measures with vendors who process personal data on our instructions.

6. International transfers

We may process and store information in the United States and other countries where we or our providers operate. Those jurisdictions may have different data-protection laws. Where required, we implement appropriate safeguards (for example standard contractual clauses) for transfers from the EEA, UK, or Switzerland.

7. Retention

We retain personal data only as long as needed for the purposes above, including providing the Service, resolving disputes, security, and legal compliance. Retention periods vary by data type; for example, account data is kept while your account is active, certain logs may be kept for shorter security windows, and backups may persist for a limited period after deletion. When you delete your account, we remove or anonymize personal data consistent with our deletion procedures and applicable law; some data may be retained where we have a legitimate need (for example security logs or legal holds).

8. Security

We implement technical and organizational measures designed to protect personal data (such as access controls, encryption in transit for modern clients, and vendor diligence). No method of transmission or storage is perfectly secure; we cannot guarantee absolute security.

9. Your rights and choices

Depending on where you live, you may have rights to access, correct, delete, or export certain personal data; object to or restrict certain processing; withdraw consent where processing is consent-based; and lodge a complaint with a supervisory authority. For account holders, many settings are available in-product; you may also contact us at hi@tryclick.ai.

Deletion: see User data & account deletion. Email requests must be sent from your account email and use the subject line specified on that page so we can verify your identity.

U.S. state privacy laws:residents of certain states (including California, Colorado, Connecticut, Virginia, and others) may have additional rights regarding personal information and sensitive data, including opt-out of certain "sale" or "sharing" (including cross-context behavioral advertising, where applicable) and appeal rights. We describe how to exercise rights through contact above.

10. Children

The Service is intended for businesses and adults. It is not directed to children under 13, and we do not knowingly collect personal information from children under 13. If you believe we have collected information from a child under 13, contact us and we will take appropriate steps to delete it.

11. Third-party links and embedded services

Our website or application may reference or link to third-party sites or services (including Meta). Their privacy practices are governed by their own policies. We are not responsible for third-party content or practices.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. We will post the revised version on this page and update the "Last updated" date. If changes are material, we will provide additional notice as required (for example by email or an in-product message). Continued use after the effective date constitutes acceptance of the updated policy where permitted by law.

13. Contact

Privacy questions or requests: hi@tryclick.ai.