adCasa's Policies

Privacy Policy

Privacy Policy of adCasa LTD

Effective Date: September 12, 2024

adCasa LTD (“adCasa,” “we,” “our,” “us”) is committed to safeguarding your privacy and ensuring that your personal data is protected. This Privacy Policy explains how we collect, use, disclose, and secure your personal data when you use our services, including our website, adGPT, applications, and related services (collectively, the “Services”). It also outlines your rights under GDPR, CCPA, LGPD, and other applicable privacy laws.

1. Introduction

At adCasa, we prioritize your privacy and are dedicated to protecting your personal data. This Privacy Policy ensures transparency and compliance with privacy regulations, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Lei Geral de Proteção de Dados (LGPD), and other relevant frameworks. We regularly update this policy to align with evolving legal standards and best practices in data protection.

2. Data Controller and Data Processor

For users in the European Economic Area (EEA), Switzerland, or the UK, adCasa LTD acts as the Data Controller, registered at 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

Email: legal@adcasa.io
Service Address: adCasa LTD, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.

In some instances, adCasa may act as a Data Processor when processing personal data on behalf of third-party businesses. These activities are governed by Data Processing Agreements (DPA), which ensure that both parties adhere to relevant privacy standards and legal requirements. As a Data Processor, we only handle personal data based on the instructions provided by the Data Controller.

If you have questions about how we handle your data or want to contact our Data Protection Officer (DPO), please email us at dpo@adcasa.io.

3. Types of Data We Collect

We collect several types of personal data to provide and enhance our Services:

3.1 Account Information:
Purpose: To create, manage, and maintain your account, process transactions, and provide customer support.
Data Collected: Name, email address, phone number, billing information, payment details, username, password, transaction history, and records of services purchased.

3.2 User Content:
Purpose: To deliver personalized services and enhance user experience.
Data Collected: Campaign details, marketing preferences, file uploads, and other data input into our Services.

3.3 Behavioral and Technical Data:
Purpose: To understand how you interact with our Services, enhance functionality, and improve security.
Data Collected: IP addresses, browser types, device information, usage patterns, website interactions (e.g., page views, clicks), and log data.

3.4 Location Data:
Purpose: To provide location-based services and relevant content.
Data Collected: Geographic location data (with your consent) from your device.

3.5 Communication Data:
Purpose: To manage communication with you, respond to inquiries, and improve customer service.
Data Collected: Records of emails, chats, and customer support requests.

3.6 Social Media Information:
Purpose: To engage with you on social platforms and understand your preferences.
Data Collected: Publicly available information from your interactions on social media platforms (e.g., likes, comments, and shares).

3.7 Data from Connected Services:
Purpose: To enhance adGPT functionality through third-party services (e.g., Google Analytics, Google Ads).
Data Collected: Advertising, performance data, and other third-party service integrations.

3.8 Training Data for Model Improvement:
Purpose: To improve and refine our AI models, including adGPT.
Data Collected: Aggregated or anonymized user input data (e.g., campaigns, prompts, and outputs). With your consent, this data is used to enhance our AI models. You can opt out of this by contacting us or adjusting your settings.

4. How We Collect Your Data

We collect personal data through the following methods:

  • Direct Interactions: When you register for our services, fill out forms, or communicate with us directly.
  • Automated Technologies: Through cookies, web beacons, and tracking technologies, we automatically collect data related to your interactions with our Services.
  • Third-Party Services: We may receive data from partners and integrated services, such as Google Analytics or Google Ads, subject to their privacy policies.
  • Aggregated Data: We collect non-identifiable data for the purpose of analyzing trends and improving service performance.

5. Purposes for Processing Personal Data

We process your personal data for the following purposes:

  • Providing and Maintaining Services: To deliver the requested features, manage your account, process payments, and maintain our Services.
  • Improvement and Development: To analyze how users interact with our Services, improve functionality, and develop new features.
  • Communications: To notify you about updates, new features, or important information related to our Services.
  • Marketing and Promotions: To send you marketing materials, subject to your consent, which you can opt out of at any time.
  • Fraud Prevention and Security: To monitor and prevent misuse of our Services, protect the integrity of our systems, and ensure compliance with security protocols.
  • Compliance: To fulfill our legal and regulatory obligations, such as reporting to regulatory authorities.
  • Model Improvement: To use aggregated or anonymized data to train and improve our AI models, including adGPT.

6. Legal Basis for Processing

We process your data under the following legal bases:

  • Consent: When you explicitly agree to our use of your personal data (e.g., for marketing communications).
  • Contractual Necessity: To fulfill service agreements or contracts (e.g., managing your account and providing services).
  • Legitimate Interests: For service improvements, fraud prevention, and security measures, balanced with your rights and freedoms.
  • Legal Obligation: To comply with legal and regulatory requirements (e.g., financial reporting, data protection laws).

7. Data Sharing and Transfers

We may share your personal data with the following entities:

  • Service Providers: Third-party companies that help us operate our Services, such as cloud storage providers, payment processors, and customer support platforms. These providers are contractually obligated to protect your data and act only on our instructions.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred to the new entity. The privacy protections will remain in place.
  • Legal Obligations: We may share data if required by law, such as in response to legal processes, government requests, or investigations.
  • Affiliates: Our subsidiaries and affiliates for internal business purposes, in line with this Privacy Policy.
  • Third-Party Platforms: When you integrate or connect third-party services (e.g., Google Ads, Google Analytics) with adGPT, data will be shared as necessary, governed by their respective privacy policies.

International Data Transfers: When transferring data outside the EEA, Switzerland, or the UK, we implement appropriate safeguards, such as Standard Contractual Clauses (SCCs) or similar legal mechanisms, ensuring that data protection levels remain consistent with GDPR requirements.

8. Data Retention

We retain your personal data for as long as necessary to fulfill the purposes described in this Privacy Policy or as required by law. Retention periods vary depending on:

  • Legal Requirements: For example, we retain billing records for tax and legal compliance.
  • Operational Needs: Logs related to security, fraud prevention, and system maintenance may be retained for longer periods.

Once the retention period expires, we securely delete or anonymize your data.

9. Your Rights

You have the following rights regarding your personal data:

  • Access: Request access to the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your data (right to be forgotten), subject to certain conditions.
  • Restriction of Processing: Request limitations on the processing of your data in specific circumstances.
  • Data Portability: Request your data in a structured, commonly used, and machine-readable format.
  • Objection: Object to the processing of your data for specific purposes, such as direct marketing.
  • Withdraw Consent: Withdraw consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Post-Mortem Instructions: Specify how we should handle your data after your death, in accordance with applicable laws.

To exercise these rights, contact us at legal@adcasa.io. We may require identity verification before fulfilling your request.

10. Automated Decision-Making and Profiling

We may use automated decision-making processes, including profiling, to personalize services or advertisements. These processes help us better tailor content based on your preferences and behavior. You have the right to:

  • Object to automated decision-making and profiling.
  • Request human intervention to review decisions made by automated processes.

11. Cookies and Similar Technologies

We use cookies and similar technologies to enhance your experience and ensure smooth operation of our website. The purposes include:

  • Essential Cookies: Enable core functionalities of the website.
  • Analytical Cookies: Help us analyze user interactions to improve performance and user experience.
  • Marketing Cookies: Deliver personalized ads based on your browsing activity.

For more detailed information, refer to our Cookie Policy. You can manage your cookie preferences through your browser or our cookie consent tool.

12. Security Measures

We implement strong security measures to safeguard your personal data, including:

  • Encryption: All data is encrypted both in transit and at rest using industry-standard protocols.
  • Access Control: Access to personal data is restricted to authorized personnel who require it for their job functions.
  • Security Audits: Regular audits and vulnerability assessments are conducted to ensure the robustness of our security protocols.

While we strive to protect your data, no method of internet transmission is completely secure.

13. Children’s Privacy

Our services are not intended for individuals under 16. We do not knowingly collect personal data from children without verifiable parental consent. If we discover that we have collected such data, we will promptly delete it.

14. Data Breach Notification

In the event of a data breach that could compromise your personal data, we will notify affected individuals and relevant regulatory authorities within 72 hours, as required by the GDPR. We will also provide details of the breach, potential risks, and recommendations for protection.

15. Third-Party Links and External Services

Our website and services may contain links to third-party websites or external services. This Privacy Policy does not apply to these platforms, and we encourage users to review the privacy policies of any third-party websites or services before interacting with them.

16. International Data Transfers

For cross-border data transfers outside of the EEA, Switzerland, or the UK, we ensure that Standard Contractual Clauses (SCCs) or equivalent legal mechanisms are in place to uphold high data protection standards.

17. Privacy by Design and Data Protection Impact Assessments

We integrate privacy by design principles into our product development and business processes to ensure that privacy protections are embedded from the outset. For high-risk data processing activities, we conduct Data Protection Impact Assessments (DPIAs) to assess and mitigate risks to individuals’ rights and freedoms.

18. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, or legal obligations. When significant changes occur, we will notify you by email or by placing a prominent notice on our website at least 30 days before the changes take effect. Your continued use of our Services following such updates constitutes acceptance of the revised Privacy Policy.

19. Contact Information

If you have any questions or concerns about this Privacy Policy or how we handle your personal data, please contact us:

Email: legal@adcasa.io
Service Address: adCasa LTD, 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom.