GenAds

Privacy Policy

Last updated: June 7, 2026

This Privacy Policy describes how GenAds handles your personal data when you use our websites, app, and API. By using GenAds, you agree to the practices described here.

1. Who we are

GenAds (“GenAds”, “we”, “us”) operates the websites at www.genads.ai and app.genads.ai and the related API and services (the “Service”). This policy explains what personal data we process and why. The data controller is Rocket Digital Limited, 1603, The L Plaza, 367-375 Queens Road Central, Hong Kong SAR. For privacy questions, contact privacy@genads.ai.

2. Information we collect

We collect the following categories of information:

  • Account information — your name, email address, and authentication identifiers when you sign up (via email, magic link, Google, or Apple).
  • Content — the prompts you enter, the media you generate, and the images, videos, captions, and other content you upload or create.
  • Connected social accounts — when you connect TikTok, Instagram, Facebook, Pinterest, or YouTube, we receive an OAuth access (and refresh) token, your account/handle identifiers, and the scopes you grant. We use these only to publish content you schedule and to retrieve the post metrics (views, likes, comments, shares) you ask us to display.
  • Usage data — logs, device and browser information, IP address, and analytics events generated as you use the Service.
  • Billing information — your subscription plan, token balance, and billing metadata. Card details are processed by Stripe; we do not store full card numbers.

3. How we use your information

We use personal data to:

  • Provide, operate, and secure the Service, including generating content, scheduling, and publishing posts on your behalf.
  • Authenticate you and manage your workspace and any sub-accounts.
  • Process payments, manage subscriptions, and meter token usage.
  • Retrieve and display analytics for the posts you publish through GenAds.
  • Send transactional emails (welcome, receipts, post-failure and reconnection alerts) and, where permitted, product updates.
  • Detect, prevent, and investigate abuse, fraud, and security incidents, and comply with legal obligations.

4. AI content generation

When you generate content, your prompt and any input media are sent to our AI generation providers (Fal.ai and Replicate) to produce the output. We do not use your prompts or content to train our own models. Providers process this data under their own terms; do not include sensitive personal data in prompts. AI-generated media may be labeled as synthetic where the destination platform requires it.

5. Use of social platform data

Our access to data from TikTok, Meta (Instagram/Facebook), Google (YouTube), and Pinterest is governed by each platform’s developer terms and policies, in addition to this policy. We:

  • Request only the scopes needed to publish content you schedule and to read the metrics for content you posted through GenAds.
  • Store OAuth tokens encrypted at rest (Supabase Vault) and use them only on your behalf; we never sell platform data or use it for advertising.
  • Do not share platform data with third parties except the infrastructure processors listed below, and only to operate the Service.
  • Delete stored platform tokens when you disconnect an account or delete your workspace.

6. Third-party processors

We share data with vendors that process it on our behalf under contract: Supabase (database, authentication, storage), Stripe (payments), Fal.ai and Replicate (AI generation), Resend (email), Vercel (hosting and analytics), and Google Analytics and Meta Pixel (website analytics). We also transmit your content to the social platforms you connect, at your direction.

7. Data retention

We retain personal data for as long as your account is active and as needed to provide the Service, then delete or anonymize it within a reasonable period, unless a longer retention is required by law (for example, tax records). Generated media and analytics snapshots are retained while your workspace exists.

8. Deleting your data

You can disconnect any social account at any time in Accounts, which deletes the stored tokens for that account. You can request deletion of your account and associated personal data by emailing privacy@genads.ai or using the in-app deletion option; we will action verified requests within 30 days. Deleting your workspace removes your generated media, connected-account tokens, and associated records.

9. Security

We use industry-standard measures including encryption in transit, encryption of OAuth tokens at rest, row-level access controls, signed webhooks, and least-privilege access. No method of transmission or storage is 100% secure, but we work to protect your data and to promptly address vulnerabilities.

10. Your rights

Depending on your location, you may have rights to access, correct, delete, port, or restrict processing of your personal data, and to object to certain processing (GDPR), and rights to know, delete, correct, and opt out of “sale”/“sharing” of personal information (CCPA/CPRA). We do not sell personal information. To exercise rights, contact privacy@genads.ai.

11. Cookies and analytics

We use strictly necessary cookies for authentication and, where enabled, analytics cookies (Google Analytics, Meta Pixel, Vercel Analytics) to understand usage. See our Cookie Policy for details and choices.

12. International transfers, children, and changes

We may process data in countries other than yours, using appropriate safeguards where required. The Service is not directed to children under 16, and we do not knowingly collect their data. We may update this policy; we will post the new version with an updated date and, for material changes, notify you.

13. Contact

Questions or requests: privacy@genads.ai.

This document is a template provided for convenience and is not legal advice. Replace the bracketed placeholders and have it reviewed by qualified counsel before relying on it.