Privacy Policy

Last updated: April 17, 2026

1. General

This Privacy Policy ("Policy") describes how FOP Sprinskyi Rostyslav Valeriiovych ("We", "Us", "Marketoria") collects, uses, and protects your information when you use the marketoria.com.ua service ("Service").

Registered address: 04213 Kyiv, vul. Pryrichna, bud. 17v, kv. 24, Ukraine. Tax ID (ЄДРПОУ): 3289617335.

2. Data We Collect

We collect the following types of data to provide the Service:

  • Registration data: Your email address provided during account creation.
  • Facebook (Meta) data: When you connect your advertising account via Facebook Login, we receive your User ID, Name, Email (if permitted), and Access Tokens to interact with the Marketing API.
  • Advertising campaign data: Information about your ad accounts, campaigns, ad sets, ads, and creatives for analysis and generation of new banners.
  • Facebook Pages data: List of Pages you manage, used for ad placement selection.
  • Instagram account data: Basic Instagram business account information linked to your Pages, used for ad placement on Instagram.
  • Product catalog data: Catalog information used when creating dynamic ad campaigns.
  • User-generated content: Texts and images (banners) generated or uploaded by you in the Service.
  • Google account data: When you connect Google Drive, we receive your Google User ID, Name, Email, and OAuth tokens to interact with Google Drive API.
  • Google Drive data: Only files that you explicitly select through Google Picker or files created by the Service (uploaded banners, folders). We do not access your entire Google Drive.

3. How We Use Your Data

We use your data exclusively for:

  • Providing AI-powered ad creative generation services.
  • Authenticating your account and maintaining security.
  • Integrating with Facebook Ads Manager and Instagram to manage your advertising.
  • Reading your existing ad campaigns, ad sets, and ads for analysis and optimization recommendations.
  • Creating and publishing new ad campaigns on your behalf (with your explicit action).
  • Accessing your product catalogs for dynamic ad creation.
  • Importing images you select from Google Drive via Google Picker for use in banner generation.
  • Uploading generated banners to your Google Drive (with your explicit action).
  • Processing billing and payments.
  • Providing technical support.

4. Facebook (Meta) Data Usage

Our Service uses Meta APIs (Graph API, Marketing API) to access your advertising data. We request the following permissions:

  • ads_management — to create, edit, and manage ad campaigns on your behalf.
  • ads_read — to read your existing campaigns, ad sets, and performance data.
  • business_management — to list your Business Managers and associated ad accounts.
  • pages_read_engagement — to read the list of Pages you manage for ad placement.
  • pages_manage_ads — to publish ads through your Facebook Pages.
  • instagram_basic — to access basic Instagram business account information for ad placement.
  • catalog_management — to access product catalogs for dynamic ad campaigns.

We emphasize:

  • We DO NOT SELL your data to third parties.
  • We DO NOT SHARE your Facebook data with any third-party services, advertisers, or data brokers.
  • Your access tokens are stored in encrypted form and are used solely to execute your requests within the Service.
  • We do not use your data for any purpose other than providing the Service as described in this Policy.
  • You can revoke Marketoria's access to your Facebook profile at any time through your Facebook account settings (Settings → Apps and Websites → Marketoria → Remove).

5. Google Drive Data Usage

Our Service integrates with Google Drive API to allow you to import images and save generated banners. We request the following OAuth scope:

  • drive.file — access only to files created or opened by the Service. This is a non-sensitive scope that does not grant access to your entire Google Drive.

How we handle your Google data:

  • We only access files you explicitly select through Google Picker or files created by the Service (uploaded banners).
  • We DO NOT access, read, or scan your entire Google Drive.
  • We DO NOT SELL or share your Google data with any third parties.
  • Google OAuth refresh tokens are stored encrypted (AES-256) and are used solely to maintain your connection.
  • We do not use your Google data for advertising, profiling, or any purpose other than providing the Service.

To revoke access:

  1. Disconnect Google Drive in your project settings within the Service.
  2. Remove Marketoria from your Google account: Google Account → Security → Third-party apps → Marketoria → Remove Access.

6. Data Storage and Security

Your data is stored in Supabase and Vercel cloud infrastructure. We employ industry-standard encryption methods (AES-256 for tokens at rest, TLS for data in transit) to prevent unauthorized access.

Both Facebook and Google OAuth tokens are encrypted using AES-256 before storage and are never logged or exposed in plaintext.

Data is retained for the duration of your use of the Service. Upon account deletion, all your data is permanently deleted within 30 days (except data we are legally required to retain).

7. EU Users — GDPR Rights

If you are located in the European Economic Area (EEA), you have rights under the General Data Protection Regulation (GDPR):

  • Right to access your personal data.
  • Right to rectification of inaccurate data.
  • Right to erasure ("right to be forgotten").
  • Right to restrict or object to processing.
  • Right to data portability.

To exercise these rights, contact us at: privacy@marketoria.com.ua.

8. Data Deletion

You can request deletion of your data in the following ways:

  1. Delete your account directly in the Service settings.
  2. Send a written request to privacy@marketoria.com.ua.
  3. To disconnect your Facebook account, follow the instructions on our Data Deletion page.
  4. Remove the app from your Facebook account: Facebook → Settings → Apps and Websites → Marketoria → Remove.
  5. To disconnect Google Drive: use the Service settings or remove access at Google Account → Third-party apps.

When we receive a data deletion request from Meta's callback, we immediately delete your access tokens, Facebook User ID, and all associated connection data from our database.

9. Cookies

We use only functional cookies to maintain your authentication session. We do not use advertising cookies to track your activity outside the Service.

10. Contact

For privacy inquiries, contact us at:

Email: privacy@marketoria.com.ua
Address: 04213 Kyiv, vul. Pryrichna, bud. 17v, kv. 24, Ukraine