1. Data collection
We collect the minimum amount of data required to operate client workspaces: account credentials, workspace configuration, usage analytics, and uploaded media. All information is stored in the Supabase project you control.
2. Access controls
Role-based access control (RBAC) and row-level security policies ensure users only access the clients they are assigned. Superadmins can impersonate other users strictly for support purposes—every impersonation is audited.
3. Integrations
When connecting third-party AI providers or ad networks, credentials are stored as encrypted secrets. You can disable modules at any time to revoke access.
4. Data retention
Customer data remains in your Supabase instance. Delete workspaces or users to immediately revoke access and remove associated records. Backups follow Supabase retention policies.
5. Contact
Questions about privacy? Email privacy@adsculptor.io.