Privacy Policy

Last updated: February 2026

1. Information We Collect

When you create a ClientSignal account, we collect your email address and agency name. When you connect integrations, we securely store OAuth tokens to access your advertising platform data on your behalf.

2. How We Use Your Information

We use your information to:

• Generate and deliver automated performance reports to your clients
• Pull advertising metrics from connected platforms (Google Ads, GA4, Meta Ads)
• Send report emails via your configured sender address
• Monitor integration health and alert you to connection issues

3. Data Security

All OAuth tokens are encrypted at rest using AES-256-GCM encryption. We use Supabase with row-level security policies to ensure strict data isolation between agencies. All data is transmitted over HTTPS.

4. Third-Party Services

We use the following third-party services to operate ClientSignal:

• Supabase — database and authentication
• Vercel — application hosting
• Resend — email delivery
• Anthropic (Claude) — AI report generation
• Google, Meta, Slack — platform integrations

5. Data Retention

Report logs and metrics snapshots are retained according to your agency settings (default: 365 days). You can configure your retention period in your account settings. When you delete your agency account, all associated data is permanently removed.

6. Your Rights

You have the right to:

• Access and export your data at any time
• Request deletion of your account and all associated data
• Disconnect integrations and revoke OAuth access
• Update your data retention preferences

7. Client Data

Advertising metrics pulled from connected platforms are processed solely to generate reports. We do not sell, share, or use this data for any purpose other than generating reports on your behalf. Metrics snapshots are stored only to enable churn risk analysis and historical reporting.

8. Contact

For privacy questions or data requests, contact us at hello@yourdomain.com.