Privacy Policy
Last updated: April 10, 2026
Yeesho Inc. ("Yeesho", "we", "us", or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, and share information when you use our advertising management platform and related services (the "Service").
1. Information We Collect
Account Information: When you create an account, we collect your name, email address, and organization details.
Advertising Platform Data: When you connect your advertising accounts (TikTok Ads, Meta Ads, Google Ads), we access campaign performance data, ad metrics, and account information through official platform APIs using OAuth 2.0 authorization.
Usage Data: We collect information about how you interact with the Service, including pages visited, features used, and session duration.
Technical Data: We collect device information, browser type, IP address, and similar technical information to ensure the Service operates correctly.
2. How We Use Your Information
We use the information we collect to:
- Provide, operate, and maintain the Service
- Display unified advertising analytics from connected platforms
- Generate reports and performance insights
- Improve and develop new features
- Communicate with you about the Service
- Ensure security and prevent fraud
3. Data from Advertising Platforms
When you connect your advertising accounts to Yeesho, we access data through the official APIs provided by each platform (TikTok Marketing API, Meta Marketing API, Google Ads API). This data is:
- Used solely for your benefit — to display analytics, generate reports, and provide insights within your Yeesho dashboard
- Never sold or shared with third parties for their own purposes
- Processed securely using encrypted connections and stored with AES-256 encryption
- Accessible only to you and authorized members of your team
We comply with each platform's developer policies and terms of service, including TikTok's Marketing API Terms, Meta's Platform Terms, and Google's API Services User Data Policy.
4. Google Ads API — Limited Use Disclosure
Yeesho's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
4.1 Data We Access via the Google Ads API
When you authorize Yeesho to connect to your Google Ads account, we access the following data through the Google Ads API:
- Campaign, ad group, and ad performance metrics (impressions, clicks, cost, conversions, ROAS, CTR, CPC)
- Campaign settings and metadata (names, types, status, budgets)
- Keyword and search term performance reports
- Shopping and Performance Max product-level metrics
- Conversion action configuration and attribution data
- Account-level daily spend summaries
4.2 How We Use Google Ads Data
Google Ads data accessed through the API is used exclusively to:
- Display campaign performance analytics in your Yeesho dashboard
- Generate automated daily and weekly performance reports
- Provide cross-platform attribution analysis by combining with other ad platform data you have authorized
- Monitor budget pacing and alert you to spending anomalies
- Identify top-performing and underperforming products in Shopping/PMax campaigns
4.3 Limited Use Restrictions
In accordance with Google's Limited Use requirements, we commit to the following:
- No selling of data: We do not sell Google Ads data to third parties under any circumstances.
- No use for advertising: We do not use Google Ads data to serve, target, or personalize advertisements.
- No unauthorized disclosure: We do not share Google Ads data with third parties except as necessary to provide the Service (e.g., secure cloud hosting infrastructure), with your explicit consent, or as required by law.
- No human reading without consent: We do not allow humans to read your Google Ads data unless (a) we have your explicit consent, (b) it is necessary for security purposes (e.g., investigating abuse), (c) it is necessary to comply with applicable law, or (d) our use is limited to internal operations where the data has been aggregated and anonymized.
4.4 Data Retention for Google Ads Data
- Performance metrics: Retained for 12 months from the date of collection, then automatically deleted.
- OAuth refresh tokens: Stored encrypted (AES-256) and deleted immediately when you disconnect your Google Ads account.
- Access tokens: Held in memory only and never persisted to disk. Automatically expire after 60 minutes.
- Account metadata: Retained for as long as your Google Ads account is connected. Deleted within 30 days of disconnection.
4.5 Revoking Access
You may revoke Yeesho's access to your Google Ads data at any time by:
- Disconnecting your Google Ads account from the Yeesho platform settings
- Revoking access from your Google Account permissions page
- Contacting us at [email protected] to request data deletion
Upon revocation, we will delete all stored Google Ads data associated with your account within 30 days.
5. Data Sharing
We do not sell, rent, or trade your personal information or advertising data. We may share information only in the following circumstances:
- With your consent: When you explicitly authorize us to share information
- Service providers: With trusted providers who assist us in operating the Service (e.g., cloud hosting on Google Cloud Platform), bound by strict confidentiality and data processing agreements
- Legal requirements: When required by law, court order, or governmental authority
Our service providers are contractually prohibited from using your data for any purpose other than providing services to Yeesho. They undergo regular security assessments.
6. Data Security
We implement industry-standard security measures to protect your data:
- All API tokens and credentials are encrypted at rest using AES-256 encryption
- All data in transit is encrypted using TLS 1.2 or higher
- OAuth 2.0 tokens are automatically refreshed and rotated
- Role-based access controls limit data access to authorized personnel
- Database access is restricted via IAM-based authentication (no shared passwords)
- All data access is logged with timestamps and user identifiers for audit purposes
- Regular security assessments and vulnerability scanning
6.1 Data Breach Notification
In the event of a data breach that affects your personal data or advertising data, we will:
- Notify affected users via email within 72 hours of becoming aware of the breach
- Provide details about what data was affected and what steps we are taking
- Notify relevant supervisory authorities as required by applicable law
- Take immediate steps to contain and remediate the breach
7. Data Retention
We retain your data according to the following schedule:
- Account information: Retained for as long as your account is active, plus 30 days after account closure
- Advertising performance data: Retained for 12 months from the date of collection
- OAuth tokens: Deleted immediately upon disconnection of the associated platform
- Usage and technical data: Retained for 6 months
- Audit logs: Retained for 24 months
You may request early deletion of your data at any time by contacting us at [email protected].
8. Your Rights
Depending on your jurisdiction, you may have the right to:
- Access: Request a copy of the personal data we hold about you
- Correction: Request correction of inaccurate or incomplete data
- Deletion: Request deletion of your personal data
- Restriction: Object to or restrict processing of your data
- Portability: Receive your data in a structured, machine-readable format
- Withdraw consent: Withdraw your consent at any time where processing is based on consent
To exercise these rights, please contact us at [email protected]. We will respond to requests within 30 days.
9. CCPA Disclosure (California Residents)
If you are a California resident, you have additional rights under the California Consumer Privacy Act (CCPA):
- The right to know what personal information we collect, use, and disclose
- The right to request deletion of your personal information
- The right to opt-out of the sale of your personal information — we do not sell personal information
- The right to non-discrimination for exercising your privacy rights
10. GDPR Compliance (EEA Residents)
If you are located in the European Economic Area, we process your personal data under the following legal bases:
- Contract performance: To provide the Service you have requested
- Legitimate interests: To improve our Service and ensure security
- Consent: Where you have given explicit consent (e.g., connecting advertising platforms)
You may lodge a complaint with your local data protection authority if you believe your rights have been violated.
11. Cookies
We use essential cookies to operate the Service (e.g., authentication sessions). We do not use third-party advertising cookies or tracking pixels on our platform.
12. International Data Transfers
Your data may be processed in the United States and other countries where our infrastructure is located (Google Cloud Platform regions). We ensure appropriate safeguards are in place for any international data transfers, including standard contractual clauses where required.
13. Children's Privacy
The Service is not intended for use by individuals under the age of 18. We do not knowingly collect personal information from children.
14. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes by email and by posting the updated policy on our website with a revised "Last updated" date. Material changes take effect 30 days after notification.
15. Contact Us
If you have questions about this Privacy Policy or our data practices, please contact us:
Yeesho Inc.
8610 Santa Monica Boulevard
PMB 44698
West Hollywood, CA 90069
United States
Privacy inquiries: [email protected]
General inquiries: [email protected]
Website: https://yeesho.com