← Back to BlossomAds

Privacy Policy

Last updated: March 2026

1. Information we collect

We collect information you provide when you sign up (email address, name), and data accessed via the Google OAuth 2.0 flow when you connect your Google Ads account:

  • OAuth access and refresh tokens (scopes: https://www.googleapis.com/auth/adwords and https://www.googleapis.com/auth/userinfo.email)
  • Google Ads account IDs, campaign names, ad group names, and ad asset text
  • Performance metrics (impressions, clicks, conversions) for your ad assets

We also collect usage data (log events, feature interactions) to operate and improve the service.

2. How we use it

We use your data solely to deliver BlossomAds: scoring ad assets, generating copy recommendations, sending optimization digests, and applying changes to your Google Ads campaigns when you explicitly approve them.

We do not sell your personal information. We do not use your Google user data to serve or target advertising to you. We do not allow humans to read your Google user data unless you explicitly request support, it is necessary for security investigation, or required by law.

3. Google API limited use disclosure

BlossomAds' use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • Google user data is used only to provide or improve user-facing features of the BlossomAds service as described in this policy
  • Google user data is not transferred to third parties except: (a) as part of a merger/acquisition with prior user consent, (b) to comply with applicable law, (c) for security purposes, or (d) to provide the service with user consent
  • Google user data is not used for advertising, credit, lending, or sold to data brokers or advertising platforms
  • BlossomAds employees, contractors, and agents are bound by this policy and prohibited from accessing Google user data except as necessary to provide the service or as required by law

4. Data sharing

We share data only as necessary to provide the service:

  • Google — via the Google Ads API and OAuth to read and write your ad data on your behalf
  • Infrastructure subprocessors — cloud hosting and database providers who store and process data under confidentiality obligations
  • LLM providers — sanitized, non-personally-identifiable ad copy prompts may be sent to third-party AI providers to generate recommendations; no personal information or account identifiers are included in these prompts

We never sell your data to any third party.

5. Data retention and deletion

We retain your data for as long as your account is active. When you delete your account or revoke Google Ads access, we delete or anonymize your Google OAuth tokens and associated campaign data within 30 days. You can request immediate deletion by contacting us at the address below.

6. Security

We encrypt data in transit (TLS) and at rest. OAuth tokens are stored encrypted. Access to production systems is restricted to authorized personnel. We conduct periodic security reviews.

7. Cookies

We use session cookies solely for authentication and to maintain your login state. We do not use advertising cookies or third-party tracking cookies.

8. Your rights

You can access, correct, or delete your account and data at any time from within the app or by contacting us. You may revoke Google Ads access at any time from your Google Account permissions. Revoking access will prevent BlossomAds from reading or modifying your Google Ads data.

9. Contact

For privacy questions, data requests, or to report a concern, email us at ido.gil@blossomads.ai.