Privacy Policy
Last Updated :
Adsency ("we", "us", "our") is committed to protecting the personal data of our clients, platform users, and individuals whose data is processed through our advertising services. This Privacy Policy describes how we collect, use, share, and safeguard personal data, and explains your rights under applicable data protection laws including the UK GDPR, EU GDPR, and CCPA.
Adsency acts as both a data controller (for our platform users and clients) and a data processor (when processing consumer data on behalf of our advertising clients). This policy covers both roles.
1. Who we are
Adsency is a full-service digital advertising agency specializing in performance marketing, programmatic advertising, brand strategy, and data-driven campaign management. Our registered office is at 45 Digital Commerce Square, London EC2A 4PN, United Kingdom. For EU data protection matters, Adsency's EU representative is Adsency GmbH, Unter den Linden 10, 10117 Berlin, Germany.
2. Data we collect
From clients and platform users:
Account information: name, email address, job title, company, phone number
Billing information: payment method details, invoicing address, VAT number
Platform usage data: log-in history, dashboard interactions, campaign configurations
Communication records: emails, support tickets, onboarding calls
Contract and agreement data
Consumer data processed on behalf of clients:
Device identifiers: cookie IDs, mobile advertising IDs (IDFA/GAID)
IP addresses and approximate location (country/city level)
Browsing behavior: pages viewed, clicks, time spent, referral source
Ad interaction data: impressions served, clicks, conversions, viewability
Audience segments: interest categories inferred from browsing behavior
3. How we use your data
We use personal data to provide and improve our advertising platform, process payments, communicate with clients, comply with legal obligations, prevent fraud and abuse, and deliver targeted advertising campaigns on behalf of our clients. We do not sell personal data to third parties for their own marketing purposes.
Service delivery and account management
Campaign planning, execution, and reporting
Billing, invoicing, and fraud detection
Product development and platform improvement
Regulatory compliance and legal obligations
Marketing our own services to business contacts (with opt-out)
4. Legal bases for processing
We process personal data on the following legal bases under the UK/EU GDPR: performance of a contract (for service delivery), legitimate interests (for analytics, fraud prevention, and B2B marketing), legal obligation (for tax, financial reporting, and law enforcement requests), and consent (for non-essential cookies and direct marketing to individuals).
5. Data sharing and transfers
We share personal data with our clients (campaign results and audience insights), technology partners and sub-processors (cloud infrastructure, analytics tools, ad servers), payment processors, legal and regulatory authorities where required by law, and potential acquirers in the event of a business transaction.
When we transfer personal data outside the UK or EEA, we implement appropriate safeguards including Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA), or reliance on an adequacy decision where applicable.
6. Data retention
Client account data is retained for the duration of the contract and for up to 7 years thereafter for financial and legal compliance purposes. Consumer advertising data is retained for a maximum of 13 months, after which it is anonymized or deleted. You may request earlier deletion subject to our legal obligations.
7. Your rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Right of access — request a copy of your personal data
Right to rectification — correct inaccurate or incomplete data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing (including profiling)
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority
California residents have additional rights under CCPA/CPRA including the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. Submit a request to privacy@adsency.com or via our in-platform Privacy Request portal.
8. Data security
Adsency employs industry-standard technical and organizational security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, role-based access controls, regular penetration testing, SOC 2 Type II certification, and ISO 27001-aligned information security management. In the event of a data breach that poses a risk to individuals, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay.
9. Children's privacy
Our services are intended for business clients and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. Our advertising campaigns include brand safety controls to exclude minor-facing inventory where instructed by clients and as required by law (including COPPA in the US and applicable UK/EU rules).
10. Changes to this policy
We reserve the right to update this Privacy Policy periodically. Material changes will be communicated via email or a prominent platform notice at least 30 days before they take effect. Continued use of our services after changes take effect constitutes acceptance of the revised policy.
Adsency ("we", "us", "our") is committed to protecting the personal data of our clients, platform users, and individuals whose data is processed through our advertising services. This Privacy Policy describes how we collect, use, share, and safeguard personal data, and explains your rights under applicable data protection laws including the UK GDPR, EU GDPR, and CCPA.
Adsency acts as both a data controller (for our platform users and clients) and a data processor (when processing consumer data on behalf of our advertising clients). This policy covers both roles.
1. Who we are
Adsency is a full-service digital advertising agency specializing in performance marketing, programmatic advertising, brand strategy, and data-driven campaign management. Our registered office is at 45 Digital Commerce Square, London EC2A 4PN, United Kingdom. For EU data protection matters, Adsency's EU representative is Adsency GmbH, Unter den Linden 10, 10117 Berlin, Germany.
2. Data we collect
From clients and platform users:
Account information: name, email address, job title, company, phone number
Billing information: payment method details, invoicing address, VAT number
Platform usage data: log-in history, dashboard interactions, campaign configurations
Communication records: emails, support tickets, onboarding calls
Contract and agreement data
Consumer data processed on behalf of clients:
Device identifiers: cookie IDs, mobile advertising IDs (IDFA/GAID)
IP addresses and approximate location (country/city level)
Browsing behavior: pages viewed, clicks, time spent, referral source
Ad interaction data: impressions served, clicks, conversions, viewability
Audience segments: interest categories inferred from browsing behavior
3. How we use your data
We use personal data to provide and improve our advertising platform, process payments, communicate with clients, comply with legal obligations, prevent fraud and abuse, and deliver targeted advertising campaigns on behalf of our clients. We do not sell personal data to third parties for their own marketing purposes.
Service delivery and account management
Campaign planning, execution, and reporting
Billing, invoicing, and fraud detection
Product development and platform improvement
Regulatory compliance and legal obligations
Marketing our own services to business contacts (with opt-out)
4. Legal bases for processing
We process personal data on the following legal bases under the UK/EU GDPR: performance of a contract (for service delivery), legitimate interests (for analytics, fraud prevention, and B2B marketing), legal obligation (for tax, financial reporting, and law enforcement requests), and consent (for non-essential cookies and direct marketing to individuals).
5. Data sharing and transfers
We share personal data with our clients (campaign results and audience insights), technology partners and sub-processors (cloud infrastructure, analytics tools, ad servers), payment processors, legal and regulatory authorities where required by law, and potential acquirers in the event of a business transaction.
When we transfer personal data outside the UK or EEA, we implement appropriate safeguards including Standard Contractual Clauses (SCCs), the UK International Data Transfer Agreement (IDTA), or reliance on an adequacy decision where applicable.
6. Data retention
Client account data is retained for the duration of the contract and for up to 7 years thereafter for financial and legal compliance purposes. Consumer advertising data is retained for a maximum of 13 months, after which it is anonymized or deleted. You may request earlier deletion subject to our legal obligations.
7. Your rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
Right of access — request a copy of your personal data
Right to rectification — correct inaccurate or incomplete data
Right to erasure ("right to be forgotten")
Right to restrict processing
Right to data portability
Right to object to processing (including profiling)
Right to withdraw consent at any time
Right to lodge a complaint with a supervisory authority
California residents have additional rights under CCPA/CPRA including the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. Submit a request to privacy@adsency.com or via our in-platform Privacy Request portal.
8. Data security
Adsency employs industry-standard technical and organizational security measures including AES-256 encryption at rest, TLS 1.3 encryption in transit, role-based access controls, regular penetration testing, SOC 2 Type II certification, and ISO 27001-aligned information security management. In the event of a data breach that poses a risk to individuals, we will notify the relevant supervisory authority within 72 hours and affected individuals without undue delay.
9. Children's privacy
Our services are intended for business clients and are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. Our advertising campaigns include brand safety controls to exclude minor-facing inventory where instructed by clients and as required by law (including COPPA in the US and applicable UK/EU rules).
10. Changes to this policy
We reserve the right to update this Privacy Policy periodically. Material changes will be communicated via email or a prominent platform notice at least 30 days before they take effect. Continued use of our services after changes take effect constitutes acceptance of the revised policy.