Privacy Policy

Last updated: April 23, 2026

1. What this policy covers

Composure ("we", "us") builds an ad operations platform that connects to third-party advertising networks on your behalf. This policy explains what data we collect when you sign up, connect an ad account, or use the product, and how we use it.

2. Data we collect

  • Account info. Your email, name, and — where applicable — the organization you belong to.
  • OAuth tokens. When you connect Meta, Google Ads, Google Analytics, TikTok, LinkedIn, or Reddit, we store the access and refresh tokens those providers issue. Tokens are encrypted at rest.
  • Ad account metadata. Account IDs, campaign names, ad set structure, creative assets, budgets, and performance metrics pulled via the connected APIs — only as needed to show you data or act on your instructions.
  • Product usage. Standard server logs (IP, timestamp, path) and anonymous analytics about how features are used.

3. How we use it

  • Operating the product: deploying campaigns, reading performance, proposing changes.
  • Debugging and improving reliability of the platform.
  • Communicating with you about your account, incidents, and product updates.

We do not sell your data, and we do not use your ad performance data to train general-purpose AI models. If an AI feature processes your data (e.g. the ad optimization agent), that data is used only to serve your request and is not retained by model providers beyond the request window.

4. Who we share with

  • Infrastructure providers (hosting, databases, email) that process data on our behalf under contract.
  • Ad networksyou connect — only to the extent required to run the actions you've asked us to run.
  • Model providers (e.g. Anthropic) when you use AI features, with zero-retention agreements where available.
  • Legal where required by law or to protect rights and safety.

5. Retention

We keep account data for as long as your account is active. When you disconnect an integration, we revoke and delete the OAuth tokens for that platform. When you delete your account, we remove personal data within 30 days, except records we are legally required to retain.

6. Your choices

  • Disconnect any integration at any time from the Integrations dashboard.
  • Request an export or deletion of your data by emailing privacy@trycomposure.com.
  • Revoke Composure's access directly from each ad platform's app settings.

7. Security

We encrypt credentials at rest, use HTTPS/TLS for all traffic, and scope access to third-party APIs to the minimum required for the features you use. No system is perfect — if we learn of a breach affecting your data, we'll notify you promptly.

8. Changes

We'll update this page when our practices change. For material changes we'll give notice in-product or by email.

9. Contact

Questions? Email privacy@trycomposure.com.