This Privacy Policy explains how AdSights collects, uses, discloses, and protects information in connection with:

• Our websites, apps, docs, and other online properties that link to this Policy (the "Sites")
• Our analytics, creative‑insight, and reporting platform and related services (the "Platform" or "Services")
• Our marketing, sales, events, support, recruiting and other business operations

Business‑to‑Business Orientation. Our Services are provided to businesses and their authorized users, not for personal, family, or household use. We treat information from visitors and users of our Sites and Services as relating to individuals acting in a business capacity.

This Policy does not apply to third‑party websites, products, or services that may link to or be integrated with our Sites or Services. Their policies govern their practices.

Depending on context, AdSights acts as:

• Processor / Service Provider when we process Customer Data (data our business customers choose to connect to or ingest into the Platform, such as ad accounts, analytics events, or creative assets) strictly under our customers' instructions and agreements (e.g., DPA). When requests relate to Customer Data, we may refer requestors to the relevant customer and support our customer in fulfilling the request.

• Controller / Business for User/Prospect/Operational Data (e.g., our own Site analytics, account profile and billing information, leads, sales and support records) and for running, securing, and improving our Services. For interactive calculators, quizzes, and downloads on our Site or Resource Center, AdSights acts as a Controller for the information you submit. We process any Customer Data you later connect to the Platform as Processor under our DPA.

If you access our Services on behalf of a customer, that customer's privacy notice governs how they use your information and what requests you may make.

We collect information in three broad groups. Specific elements we receive depend on how you interact with us, what integrations you connect, and your settings. Information may include, but is not limited to the specific examples below:

Examples (may vary by integration and customer configuration):

• Ad & Commerce Integrations: identifiers for ad accounts and campaigns; campaign/ad set/ad metadata; performance metrics; attribution logs; pixel or SDK events; store or order metadata; product catalogs (including images, titles, tags); audience or segment metadata provided by the customer; limited financial metrics such as spend and ROAS.

• Creative & Media Inputs: image/video files; thumbnails; OCR text; speech‑to‑text transcripts; dense captioning output; feature/label metadata (e.g., objects, scenes, colors, on‑screen text, talent signals); and related timing information.

• Operational Context: connection/auth tokens and scopes, integration status, sync logs, error logs, and audit trails.

• Identifiers & Contact: name, business email, phone, job title, company, role, and preferences; authentication data and security logs.

• Billing & Commercial: subscription plan details, invoices, billing contact, and limited payment metadata processed by our payment processor; purchase history.

• Support & Communications: tickets, chat transcripts, feedback, surveys, and webinar or event registrations.

• Recruiting (if you apply): resume/CV contents, links you share, interview notes, and scheduling details.

• Technical: IP address, device and browser details, language, time zone, referrer/UTM, session identifiers.

• Usage: page views, clicks, feature use, time on page, error/diagnostic logs, and crash reports.

• Cookies & Similar Tech: pixels, tags, SDKs, local storage. See Section 6 (Cookies) for choices.

• Identifiers & Contact: Email address and contact details; company and role; quiz/calculator answers; preferences; download and template selections; timestamps and referral/UTM data; and communication settings. If you upload content to receive a template/result, we process that content to generate and deliver your output.

• Usage: page views, clicks, feature use, time on page, error/diagnostic logs, and crash reports.

• We also create aggregated/de‑identified information (e.g., trend lines across accounts, conversion lift studies, feature adoption) that does not identify an individual or customer.

• You and your organization (account creation, support, sales and events)
• Our Sites and apps (automatic collection via cookies/SDKs)
• Connected platforms and tools you choose to integrate (e.g., ad platforms, analytics, storage, commerce)
• Service providers (hosting, payments, communications, enrichment) and channel/solution partners
• Public sources (e.g., public pages, app stores, docs)

We use information, as appropriate to the role described in Section 2, to:

• Provide the Services: ingest and normalize integrations; compute analytics and insights; power dashboards, search, and exports; enable collaboration; and fulfill contractual obligations.

• Improve & secure the Services: monitoring, debugging, quality assurance, capacity planning, and incident response; developing new features and models; preventing fraud, abuse, or violations of terms.

• Operate our business: account administration, billing, collections, vendor management, audits, and compliance.

• Communicate: service alerts, product updates, onboarding resources, and—where lawful—marketing communications you can opt out of at any time.

• Compliance & safety: meet legal obligations, respond to lawful requests, and protect rights, users, and the public.

• Resource Center: we process information you submit to our Resource Center (e.g., downloads, quizzes, interactive tools) to generate and deliver your output, measure content performance, and prevent abuse.

• B2B marketing (controller/business context): where permitted, send product updates and educational content related to a Resource Center interaction. You can unsubscribe at any time.

Our Platform includes automated analysis of creative assets and performance data. We may use de‑identified or aggregated data to develop, evaluate, and improve models and features. We do not use Customer Data to train models that are made available across customers unless (i) it has been de‑identified/aggregated so it cannot reasonably identify a specific individual or customer; or (ii) a customer has expressly authorized such use in writing.

Where required, our legal bases include: performance of contract; legitimate interests (e.g., to secure and improve the Services, market B2B offerings, or prevent fraud); consent (e.g., certain cookie categories, marketing); and compliance with law.

We use cookies, pixels, SDKs, and similar technologies to run our Sites, measure usage, remember preferences, and (on our marketing properties) help tailor content and ads. You can manage cookie preferences via our Privacy Choices control (footer link, when available) and your browser settings. If you clear cookies or use a different browser/device, your settings may not carry over. Some analytics may still operate without cookies. Opt‑outs typically apply to the browser and device you use.

Where permitted, we work with ad networks and analytics providers to understand traffic and improve marketing effectiveness. You may also use industry choice tools (where available in your region) and Global Privacy Control signals; see Section 10.

We disclose information to:

• Service Providers & Vendors (hosting, storage/CDN, error monitoring, customer support, communications, authentication, payments, analytics, ad tech, enrichment, professional services) that process data for us under appropriate contracts.

• Integration Partners & Platforms you connect (e.g., ad/commerce/analytics platforms), consistent with your and our agreements.

• Business Partners & Resellers for co‑selling, referral, enablement, or regional delivery.

• Corporate Transactions such as a merger, acquisition, financing, or sale of assets (we'll require recipients to honor commitments or give you notice and choices, where required).

• Legal & Safety: to comply with law or enforce terms; to respond to lawful requests; or when disclosure is necessary to protect the rights, property, or safety of AdSights, our customers, or the public.

• With consent or direction: we may share information you ask us to share. This includes information you submit to our Resource Center (e.g., downloads, quizzes, interactive tools) and third-party tools (e.g. Hubspot, Google Analytics, Klaviyo, ActiveCampaign, etc.) to process your request. These providers may process your information in accordance with their own privacy policies.

We may use and share aggregated/de‑identified insights that do not identify an individual or customer.

We do not sell Customer Data (processed for customers) as that term is commonly defined under US state privacy laws. On our Sites, some cookie‑based disclosures may be deemed a "sale" or "sharing" for targeted advertising; see Section 10 for opt‑out choices.

We operate globally using third‑party providers and infrastructure. Where required, we use appropriate transfer mechanisms—such as Standard Contractual Clauses (SCCs) and comparable frameworks—and take steps designed to protect transferred information. If we later self‑certify under a recognized framework (e.g., EU‑U.S. Data Privacy Framework), we will reflect that in this Policy.

We retain information for as long as needed to provide the Services, comply with legal obligations, resolve disputes, enforce agreements, and pursue legitimate business purposes. Factors include the nature and sensitivity of the data, risks of harm from unauthorized use or disclosure, the purposes of processing, applicable legal requirements, and customer direction (for Customer Data). We may retain minimal logs or records to demonstrate compliance and for fraud prevention. When no longer needed, we will delete or de‑identify data consistent with our policies and applicable law.

• Use our Privacy Choices control (when/where available in the footer) to manage consent for cookie categories that are not strictly necessary.

• Where supported, we honor Global Privacy Control (GPC) signals as a request to opt out of sale/sharing for targeted advertising on our Sites.

You can unsubscribe from marketing emails via the link in each message. We may continue to send important transactional or service emails.

Depending on your location, you may have rights to request access, correction, deletion, portability, restriction, or to object to certain processing. For requests:

• Customer Data: please contact the relevant customer (your employer/organization). We will support the customer in responding where we are the processor.

• User/Prospect/Operational Data: contact us at support@adsights.ai. We will verify your identity (and authority, if you are an agent) before fulfilling requests and may retain minimal records of the request for compliance/audit purposes. Some rights may be subject to exceptions.

We may collect (from you, your organization, your device, integrations you connect, our service providers, or public sources) the following categories of personal information for the business and commercial purposes described in Section 5:

Opt‑out of Sale/Sharing (Sites). Use Privacy Choices in our footer (when available) and/or enable a GPC signal in your browser. Opt‑outs are browser/device‑specific and may rely on cookies.

We employ administrative, technical, and physical safeguards appropriate to the nature of the data and our business to protect against unauthorized access, loss, misuse, or alteration. No method of transmission or storage is 100% secure, and we cannot guarantee absolute security.

Our Services are not directed to children and we do not knowingly collect personal information from individuals under the age at which consent is required in their jurisdiction. If you believe a child has provided us personal information, please contact us so we can take appropriate steps.

Our Sites and Services may include links to third‑party sites or services. We are not responsible for their privacy or security practices. Review their policies to understand how they handle your information.

We may revise this Policy from time to time. If we make material changes, we will provide appropriate notice (e.g., by email or within the Services) before the changes take effect. The "Effective Date" above indicates the latest version. Continued use after the effective date constitutes acceptance.

• EEA/UK: You may have rights under the GDPR/UK GDPR including to lodge a complaint with your local supervisory authority. Where required, an EU/UK representation will be available via the Data Protection Officer (DPO) contact details.

• Canada: Individuals may have rights of access and correction subject to applicable law. Contact us to exercise rights.

• US States (CA, CO, CT, UT, VA, etc.): You may have rights to access, delete, correct, or opt out of targeted advertising, sale, or profiling in furtherance of decisions with legal or similarly significant effects. Appeals: if we deny your request, you may appeal by replying to our decision email; we will provide instructions.

Questions about this Policy or our privacy practices?

• Email: support@adsights.ai
• Postal: Intelsem LLC d/b/a AdSights — 50 W Broadway Ste 333 #306374, Salt Lake City, Utah 84101
• EU/UK Representative (if/when appointed): Emily Luther, dpo@adsights.ai
• Data Protection Officer (if/when appointed): Emily Luther, dpo@adsights.ai

When we act as controller for Operational Data, submit requests to support@adsights.ai and include: (i) your name and business email; (ii) request type (access, correction, deletion, portability, restriction/objection, opt‑out); (iii) the context in which we collected your data (e.g., demo signup). We may request additional information to verify identity and authority and may retain minimal records of the request for compliance.

When we act as processor, we only process Customer Data under our customer's instructions and DPA. We will redirect data subject requests to the applicable customer and provide reasonable assistance. Customers are responsible for ensuring they have all necessary consents and notices for data they instruct us to process.