Privacy Policy

At PPC Spy Bot, we are committed to protecting your privacy and being transparent about how we collect, use, and protect your information.

Google API Services Compliance

PPC Spy Bot's use and transfer of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

Our Limited Use Compliance:

  • We only access Google APIs to create and manage Google Sheets for your PPC data
  • We do not use Google user data for advertising, marketing, or data brokering
  • We do not transfer Google API data to third parties except as necessary for providing our service
  • We do not use Google API data for user profiling or credit worthiness assessment

Information We Collect

Personal Information

  • Email address for account creation and authentication
  • Name (if provided) for personalization
  • Payment information (processed securely by Stripe)

Service Data

  • Keywords and locations you configure for PPC tracking
  • Google OAuth tokens (encrypted with AES-256-GCM) for automated sheet creation
  • Project settings and configurations

Automatically Collected Information

  • Usage analytics to improve our service (via Google Analytics)
  • Technical information like IP address, browser type, and device information
  • Service performance and error logs

How We Use Your Information

  • To provide and maintain our PPC tracking service
  • To authenticate your access and secure your account
  • To process payments and manage subscriptions
  • To create and manage Google Sheets on your behalf
  • To send important service notifications and updates
  • To analyze usage patterns and improve our service
  • To provide customer support when requested

Data Storage and Security

Your PPC Data

All scraped PPC data is stored directly in Google Sheets within your own Google Drive account. We do not store, access, or retain any of your collected advertising data on our servers.

Security Measures

  • All sensitive data is encrypted using industry-standard AES-256-GCM encryption
  • Google OAuth tokens are stored securely and never exposed in plain text
  • Payment processing is handled entirely by Stripe (PCI DSS Level 1 certified)
  • Regular security audits and monitoring
  • HTTPS encryption for all data transmission

Data Sharing and Third Parties

We do not sell, trade, or otherwise transfer your personal information to third parties except as described below:

Service Providers

  • Clerk: Authentication and user management
  • Stripe: Payment processing and subscription management
  • Google: Sheet creation and data storage (in your Drive)
  • Vercel: Hosting and content delivery

These service providers are contractually obligated to protect your information and may only use it to provide services to us.

Your Rights and Choices

You have the right to:

  • Access: Request a copy of the personal information we hold about you
  • Rectification: Request correction of any inaccurate information
  • Erasure: Request deletion of your personal data
  • Portability: Request transfer of your data to another service
  • Withdrawal: Revoke consent for data processing at any time

Important: Your Google Sheets and collected PPC data remain in your Google Drive even if you delete your PPC Spy Bot account. You maintain full control over this data independently of our service.

Data Retention

  • Account information is retained while your account is active
  • OAuth tokens are deleted immediately upon account deletion or disconnection
  • Payment records are retained as required by law and for tax purposes
  • Analytics data is anonymized and aggregated after 26 months
  • Support communications are retained for up to 3 years

Cookies and Tracking

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences and settings
  • Analyze service usage (Google Analytics)
  • Monitor service performance and errors

You can control cookie preferences through your browser settings. Note that disabling certain cookies may limit service functionality.

International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure appropriate safeguards are in place to protect your data during international transfers, including relying on adequacy decisions and standard contractual clauses approved by relevant authorities.

Children's Privacy

Our service is not intended for children under 13 years of age. We do not knowingly collect personal information from children under 13. If you believe a child has provided us with personal information, please contact us immediately.

Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. Your continued use of the service after such modifications constitutes acceptance of the updated policy.

Contact Information

If you have any questions about this Privacy Policy or our data practices, please contact us:

Email: kudakwashe.chinhara@gmail.com

Subject Line: Privacy Policy Inquiry

Response Time: We aim to respond within 48 hours

Last updated: September 30, 2025