Privacy Policy

Effective Date: March 16, 2026

This Privacy Policy describes how Brez Marketing LLC (“Company,” “we,” “us,” or “our”), operated by Brez Scales, collects, uses, stores, shares, and protects your information when you use AdLevel (the “Service”), an AI-powered advertising management platform that connects to your Facebook and Meta ad accounts via the Meta Marketing API.

This Privacy Policy is provided in compliance with Meta Platform Terms, Facebook Developer Policies, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), the Children's Online Privacy Protection Act (COPPA), and other applicable privacy laws.

AdLevel is not endorsed, certified, or otherwise approved by Meta Platforms, Inc. or Facebook.

1. Information We Collect

1.1 Information You Provide Directly

  • Account registration data: name, email address, company name, and any other information you provide when creating an AdLevel account
  • Communication data: messages, support requests, and correspondence you send to us
  • Payment information: billing details processed through our third-party payment processor (we do not store full credit card numbers)

1.2 Information Collected via Facebook Login

When you authenticate with Facebook Login, we receive:

  • Facebook User ID — to uniquely identify your account
  • Name — for display within AdLevel
  • Email address — for account communication and identification
  • Profile picture — for display within AdLevel

1.3 Facebook/Meta Data Collected via the Marketing API

Once you grant access, AdLevel collects the following data from your connected Facebook/Meta ad accounts:

Ad Account Data:

  • Ad account ID, name, status, currency, timezone, and spending limits
  • Account-level billing and spend summaries

Campaign Data:

  • Campaign IDs, names, objectives, statuses, budgets, and bid strategies
  • Ad set IDs, names, targeting parameters, budgets, schedules, and optimization goals
  • Ad IDs, names, creative content (text, images, video references), and statuses

Performance Insights & Analytics:

  • Impressions, reach, frequency, clicks, CTR, CPC, CPM
  • Leads and cost per lead
  • Total spend data (daily and lifetime, per campaign/ad set/ad)
  • Conversion actions and cost per action type

Business & Page Data:

  • Facebook Page name and ID
  • Business Manager/Business Portfolio ID and name
  • Ad pixel IDs and names (for conversion tracking configuration)
  • Lead form names, statuses, and lead counts (for lead generation campaigns)

1.4 Automatically Collected Technical Data

  • IP address, browser type, device information, operating system
  • Pages visited within AdLevel, time spent, click patterns
  • Referral URLs and session identifiers
  • Log data (API calls, error logs, access timestamps)

2. Facebook Login Permissions Requested

AdLevel requests the following Facebook Login permissions, each for a specific purpose:

PermissionPurpose
ads_managementCreate, edit, pause, and manage campaigns, ad sets, and ads on your behalf
ads_readRead campaign structure, performance metrics, and analytics from your ad accounts
pages_show_listList Facebook Pages you manage so you can select one for ad creation
pages_manage_adsCreate and manage ads linked to your Facebook Pages, and access lead form data
pages_read_engagementRead Page metadata, profile picture, and post content to display Page details during account setup and campaign configuration
business_managementAccess Business Manager/Portfolio information and associated ad accounts

We only request permissions that are necessary for AdLevel's core functionality. You can review and revoke these permissions at any time in your Facebook Settings → Business Integrations.

3. How We Use Your Data

3.1 Facebook/Meta Data Usage

  • Ad account data: To display your connected accounts, enable account selection, and configure management settings
  • Campaign/ad set/ad data: To display, create, edit, pause, and manage your advertising campaigns through AdLevel's interface
  • Performance insights: To generate analytics dashboards, performance reports, AI-driven optimization recommendations, and automated budget adjustments
  • Business/Page data: To associate the correct Pages with ad campaigns and display business context
  • Spend data: To track budgets, calculate ROI/ROAS, and inform AI-driven budget optimization

3.2 General Data Usage

  • To provide, maintain, and improve the Service
  • To authenticate your identity and manage your account
  • To communicate with you about the Service (updates, support, billing)
  • To detect, prevent, and address technical issues and security threats
  • To comply with legal obligations
  • To generate aggregated, anonymized analytics about Service usage (which cannot be used to identify individual users or their Facebook data)

3.3 How We Do NOT Use Your Data

  • We do NOT sell your Facebook/Meta data to any third party
  • We do NOT use your ad account data to run our own advertisements
  • We do NOT share your campaign data with other AdLevel users
  • We do NOT use your data for profiling or targeting you with ads
  • We do NOT transfer Facebook data to data brokers
  • We do NOT use Facebook data for any purpose other than providing and improving AdLevel

4. How We Store & Protect Your Data

4.1 Storage

  • Data is stored on secure cloud infrastructure with industry-standard protections
  • Facebook/Meta API access tokens are encrypted at rest using AES-256 encryption
  • Database connections use TLS/SSL encryption in transit
  • Backups are encrypted and stored in geographically redundant locations

4.2 Security Measures

  • All data in transit is encrypted via TLS 1.2 or higher
  • All data at rest is encrypted using AES-256
  • Access to production systems is restricted to authorized personnel only, with multi-factor authentication
  • Regular security audits and vulnerability assessments
  • Access logging and monitoring for all data access
  • Principle of least privilege for all internal access
  • Facebook access tokens are stored in encrypted credential vaults, never in plaintext

4.3 Data Retention

  • Active accounts: Data is retained for as long as your account is active and your ad accounts are connected
  • Performance data: Historical analytics may be retained for up to 24 months to provide trend analysis and reporting
  • After disconnection: Upon removal of AdLevel from your Facebook settings or account termination, your data is deleted within 30 days
  • Legal obligations: Certain data may be retained longer if required by applicable law (e.g., financial records, tax compliance)
  • Backups: Data in encrypted backups is purged within 90 days of deletion from primary systems

5. How We Share Your Data

5.1 Third-Party Service Providers

We may share limited data with the following categories of service providers, solely to operate AdLevel:

  • Cloud hosting providers: To store and process data (data is encrypted)
  • AI/ML service providers: To process analytics and generate optimization recommendations (data is anonymized/aggregated where possible)
  • Payment processors: To process subscription payments (they do not receive Facebook data)
  • Email/communication providers: To send transactional emails (limited to name and email)

All third-party service providers are bound by data processing agreements that restrict their use of your data to only what is necessary to provide their service to us.

5.2 What We Do NOT Share

  • We do NOT sell your personal information or Facebook data to any third party
  • We do NOT share your ad account data with other AdLevel users or customers
  • We do NOT provide your data to advertising networks, data brokers, or information resellers
  • We do NOT share your data for any third party's own marketing purposes

5.3 Legal Requirements

We may disclose your data if required by law, subpoena, court order, or government request, or if we believe disclosure is necessary to protect our rights, your safety, or the safety of others.

5.4 Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your data may be transferred to the acquiring entity. We will notify you via email and/or a prominent notice on our website before your data is transferred and becomes subject to a different privacy policy.

6. Data Deletion & Removal of the App

6.1 How to Request Data Deletion

You may request deletion of your data at any time by:

  • Visiting our Data Deletion Instructions page
  • Emailing support@adlevel.ai with the subject line “Data Deletion Request”
  • Removing AdLevel from your Facebook Business Integrations at facebook.com/settings

6.2 What Happens When You Remove the App

When you remove AdLevel from your Facebook settings or request deletion:

  • We immediately lose API access to your Facebook/Meta ad accounts
  • All stored Facebook data associated with your account is queued for deletion
  • Data is permanently deleted from our primary systems within 30 days
  • Data is purged from encrypted backups within 90 days
  • We retain only what is legally required (e.g., billing records for tax purposes)
  • You will receive an email confirmation when deletion is complete

6.3 Data Deletion Callback

AdLevel supports Meta's data deletion callback mechanism. When you remove the app from your Facebook settings, Meta sends a deletion request to our servers, which automatically initiates the data deletion process described above. The callback URL is: https://adlevel.ai/api/data-deletion-callback

7. Cookies & Tracking Technologies

  • Essential cookies: Required for authentication, session management, and security (cannot be disabled)
  • Analytics cookies: Used to understand how you use AdLevel so we can improve the Service (can be opted out)
  • Meta Pixel / Facebook SDK: We may use the Meta Pixel or Facebook SDK on our marketing pages for conversion tracking. This is separate from the ad account data we access on your behalf. You can opt out via your Facebook Ad Preferences.

We do not use tracking technologies to monitor your activity outside of AdLevel.

8. International Data Transfers

Brez Marketing LLC is based in Miami, Florida, USA. If you access AdLevel from outside the United States, your data may be transferred to, stored in, and processed in the United States and other countries where our service providers operate.

For users in the European Economic Area (EEA), United Kingdom, or Switzerland: we rely on Standard Contractual Clauses (SCCs) approved by the European Commission and/or other lawful transfer mechanisms to ensure adequate protection of your data during international transfers.

By using AdLevel, you consent to the transfer of your data to the United States and other jurisdictions as described in this policy.

9. Your Rights

9.1 Rights Under GDPR (EU/EEA Users)

If you are located in the European Economic Area, you have the following rights under the General Data Protection Regulation (GDPR):

  • Right of access: Request a copy of the personal data we hold about you
  • Right to rectification: Request correction of inaccurate data
  • Right to erasure: Request deletion of your personal data (“right to be forgotten”)
  • Right to restrict processing: Request that we limit how we use your data
  • Right to data portability: Request your data in a structured, machine-readable format
  • Right to object: Object to processing based on legitimate interests
  • Right to withdraw consent: Withdraw consent at any time where processing is based on consent
  • Right to lodge a complaint: File a complaint with your local Data Protection Authority

Legal bases for processing: We process your data based on: (a) your consent (Facebook Login authorization); (b) contractual necessity (providing the Service); (c) legitimate interests (improving the Service, security); and (d) legal compliance.

9.2 Rights Under CCPA (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with the following rights:

  • Right to know: Request disclosure of the categories and specific pieces of personal information we collect, the purposes for collection, and the categories of third parties with whom we share it
  • Right to delete: Request deletion of your personal information
  • Right to opt-out of sale: We do NOT sell your personal information. No opt-out is necessary.
  • Right to non-discrimination: We will not discriminate against you for exercising your CCPA rights

To exercise any of these rights, contact us at support@adlevel.ai. We will respond within 30 days (GDPR) or 45 days (CCPA).

10. Children's Privacy

AdLevel is not intended for use by anyone under the age of 18, and we do not knowingly collect personal information from anyone under the age of 13 in compliance with the Children's Online Privacy Protection Act (COPPA).

If we discover that we have inadvertently collected personal information from a child under 13, we will delete that information immediately. If you believe a child under 13 has provided us with personal data, please contact us at support@adlevel.ai.

11. Meta Platform Terms Compliance

Our collection and use of Facebook/Meta data is governed by Meta Platform Terms and Facebook Developer Policies. We commit to:

  • Only requesting permissions that are necessary for AdLevel's core functionality
  • Only using Facebook data for the purposes described in this Privacy Policy
  • Deleting all Facebook data when a user removes the app or requests deletion
  • Not transferring, selling, or licensing Facebook data to any third party (except service providers bound by data processing agreements)
  • Not using Facebook data to build or augment user profiles for advertising or commercial purposes unrelated to AdLevel
  • Not attempting to re-identify de-identified or anonymized data
  • Maintaining reasonable security measures to protect Facebook data from unauthorized access
  • Promptly notifying Meta and affected users of any data breach involving Facebook data

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we make material changes, we will:

  • Update the “Effective Date” at the top of this page
  • Notify you via email if we have your email address
  • Post a prominent notice within AdLevel

Your continued use of AdLevel after changes are posted constitutes acceptance of the updated Privacy Policy. If you do not agree, you must stop using the Service and request data deletion.

13. Contact Information

For questions, concerns, or requests related to this Privacy Policy or your data, contact us:

  • Company: Brez Marketing LLC
  • Operated by: Brez Scales
  • Location: Miami, Florida, USA
  • General support: support@adlevel.ai
  • Data Protection Officer (DPO): support@adlevel.ai
  • Data deletion requests: adlevel.ai/deletion
  • Website: adlevel.ai