# Data Processing and Security

Effective date: 01/01/2026

This page explains how [Company legal name] (“Targetologist”, “we”, “us”, or “our”) processes and protects advertising, analytics, lead, and sales data in connection with our reporting and dashboard services.

## 1. Purpose of Data Processing

We process data to provide marketing reporting, analytics, and dashboard services.

The main purposes are:
- Consolidating advertising performance data
- Comparing ad spend with leads and sales
- Calculating marketing performance metrics
- Supporting business and marketing decisions
- Reducing manual reporting work
- Improving reporting consistency and accuracy

## 2. Types of Data Processed

The Targetologist Marketing Dashboard may process:

### Advertising Data
- Date
- Advertising platform/source
- Campaign ID
- Campaign name
- Cost/spend
- Impressions
- Clicks
- Conversions

### Attribution Data
- UTM source
- UTM medium
- UTM campaign
- UTM term
- UTM content
- Click identifiers, where available

### CRM / Results Data
- Lead ID
- Lead creation date
- Deal stage
- Sale date
- Revenue
- Profit
- Sales status
- Aggregated lead and sales metrics

## 3. Google Ads API Data Processing

When Google Ads API access is used, we retrieve campaign-level performance metrics for reporting purposes only.

The Google Ads API integration is read-only. It does not create, edit, pause, delete, or manage:
- Campaigns
- Ads
- Keywords
- Budgets
- Billing settings
- Users
- Account access
- Remarketing lists

The data is used to update private reporting dashboards and analytics tables.

## 4. Data Flow

The typical data flow is:

1. An authorized connection or scheduled process retrieves advertising performance data.
2. Data is normalized into a common reporting structure.
3. Normalized data is sent to the Targetologist Marketing Dashboard backend.
4. The backend stores data in project-specific reporting tables.
5. Dashboard users with permission can view aggregated metrics.
6. Reports are used for analysis and decision-making.

## 5. Access Control

Access is controlled at the project level.

Typical roles include:
- Owner: manages project access and settings
- Editor: can manage data imports and reporting configuration
- Viewer: can view reports but cannot manage access or imports

Users can only access projects where they have been explicitly granted permission.

## 6. API Keys and Credentials

External import keys are project-specific and limited to data import actions.

Security measures include:
- Raw import keys are shown only once when created
- Import keys are stored as hashes where applicable
- Keys can be revoked
- Import keys do not grant access to project deletion, member management, invite management, or billing

OAuth credentials and platform API credentials are restricted to authorized technical users and are not displayed to dashboard viewers.

## 7. Data Storage

Reporting data is stored in a private backend database. Data is separated by project to prevent unauthorized access between clients or projects.

Physical storage paths and internal infrastructure details are not exposed through public APIs.

## 8. Data Transmission

Data is transmitted over HTTPS. We use secure transport for communication between external systems, automation workflows, and the dashboard backend.

## 9. Data Retention

We retain reporting data for historical analysis and service continuity unless a client requests deletion or the data is no longer required.

Retention may depend on:
- Client agreement
- Reporting requirements
- Legal obligations
- Operational backup practices

## 10. Data Deletion

Clients may request deletion of their project data by contacting us at admin@targetologist.com.

After receiving a deletion request, we will remove or anonymize relevant data within a reasonable timeframe, unless retention is required by law or contractual obligations.

## 11. Subprocessors and Infrastructure

We may use third-party infrastructure and tools to provide our services, such as:
- Cloud hosting providers
- Database systems
- Automation tools
- Analytics and monitoring tools
- Advertising platform APIs

These providers are used only as necessary to operate and secure the service.

## 12. Security Measures

We apply reasonable technical and organizational security measures, including:
- HTTPS encryption
- Role-based access control
- Project-level data isolation
- Restricted access to credentials
- Secure API key handling
- Logging for operational diagnostics
- Limited exposure of sensitive information

## 13. Incident Response

If we become aware of a security incident affecting client data, we will investigate the issue and take appropriate steps to reduce risk, restore security, and notify affected parties where required.

## 14. Contact

For questions about data processing or security, contact:

NIKO D.S. MANUFACTURE
MD, KISHINEV, 64 ALBISOARA STREET 93, MD-2005
Email: admin@targetologist.com