Privacy Policy
Effective date: 12.02.2026
Last updated: 12.02.2026
This Privacy Policy describes how Meta Ads BI ("we", "us", "our") collects, uses, stores, and protects information about users of our service ("you", "your") and the Meta advertising data you authorize us to access.
1. Who we are
Meta Ads BI is operated by EDGE FIVE FINTECH LIMITED, a Cyprus entity. You can contact us at privacy@edgefivefintechlimited.com.
2. What we collect
From you directly
Email address and password hash (we never store passwords in plaintext)
Optional name
Organization name you provide at signup
IP address of authenticated requests (used for audit logging)
From Meta, only after your explicit authorization
Your Meta user ID and display name (returned by `/me`)
The list of Business Managers you can access: ID and name
The list of ad accounts you can access: account ID, account name, currency, timezone, account status, and parent Business Manager
Daily ad performance metrics for ad accounts you have explicitly enabled in our app: spend, impressions, reach, clicks, click-through rate, cost-per-click, cost-per-mille, frequency, conversion counts (purchases, leads, registrations, add-to-cart, initiate-checkout), and conversion revenue
Hierarchy metadata for the above: campaign, ad set, and ad IDs and names
We do not collect demographic breakdowns, audience composition, creative content (images or videos), pixel data, custom audiences, billing information, or any other Meta data not enumerated above.
3. How we use the information
Provide the service: display dashboards, generate CSV reports, and send alerts to you about your ad performance.
Operate and maintain the service: keep your account active, route requests, debug errors, generate audit logs.
Communicate with you: send transactional emails (password reset, alert notifications you opted into).
We do not sell, rent, or share your data with third parties for advertising or marketing purposes. We do not use your data to train machine learning models. We do not transmit your data to advertising networks.
4. How we share information
We share information only in the following limited circumstances:
Service providers: that operate our infrastructure (cloud hosting, database hosting, email delivery). These providers are contractually bound to use the data only to provide the service to us.
Compliance with law: if required to respond to a valid subpoena, court order, or other lawful request from a government authority. We will notify you unless legally prohibited.
Business transfers: if we are involved in a merger, acquisition, or sale of assets, your data may be transferred to the successor entity, subject to this policy.
We never share your Meta access tokens with anyone — they are encrypted at rest and decrypted only by our backend at the moment of an API call.
5. How we secure information
Meta access tokens are encrypted at rest using AES-256-GCM with envelope encryption.
All network traffic is encrypted in transit via HTTPS.
Database access requires authentication; the database is not exposed to the public internet.
Passwords are hashed with Argon2id (memory: 64MB, iterations: 3, parallelism: 2).
Access to our infrastructure is restricted to a small number of authorized personnel with multi-factor authentication.
We log every administrative action and review the logs regularly.
We cannot guarantee absolute security, but we apply industry-standard practices and continuously improve them.
6. How long we keep information
Authentication credentials: (email, password hash): kept while your account is active.
Meta access tokens: kept while the connection is active. When you disconnect a Meta account or delete your user, tokens are revoked via the Graph API and purged from our database within 24 hours.
Ad performance data: kept for 13 months after collection by default, configurable per organization. After this period, account_id is replaced with an irreversible hash.
Audit logs: kept for 24 months for security and compliance purposes.
Backups: retained for up to 30 days; deleted data is removed from backups within this window.
7. Your rights
Depending on your jurisdiction, you have the right to:
Access the data we hold about you. Visit Settings → Export my data, or email privacy@edgefivefintechlimited.com.
Correct inaccurate data. Edit your profile in the app, or email us.
Delete your data. Visit Settings → Delete my data, or email us. Deletion is processed within 30 days.
Restrict or object to processing. Email us with details of your request.
Data portability: request a machine-readable export of your data.
Withdraw consent for Meta access at any time by clicking Disconnect on the Connections page.
If you believe we are not handling your data appropriately, you have the right to lodge a complaint with your local data-protection authority.
8. Meta-specific data deletion
In addition to the rights above, you can request deletion of your Meta-derived data through Meta itself, by removing our app from your Facebook account settings. Meta will then send us a deletion request, and we will purge the corresponding data within 30 days. We respond at the URL `https://meta-ads-bi.monevents.com/api/meta/data-deletion-callback` configured in our Meta App settings.
9. International transfers
Your data is processed and stored in Europe. If you access the service from a region with different data-protection laws, you consent to your data being transferred to and processed in our region. We use Standard Contractual Clauses where required.
10. Children's data
The service is not directed at children under 16. We do not knowingly collect data from children. If you believe we have collected data from a child, please contact us at privacy@edgefivefintechlimited.com and we will delete it.
11. Changes to this policy
We may update this Privacy Policy occasionally. Material changes will be communicated by email and via an in-app notice at least 14 days before they take effect. Continued use of the service after the effective date constitutes acceptance of the updated policy.
12. Contact
For privacy questions or to exercise any of the rights above, contact:
EDGE FIVE FINTECH LIMITED
Email: privacy@edgefivefintechlimited.com