Privacy Policy

AdSim is an AI-powered platform that simulates how synthetic consumers might respond to advertising creatives. To deliver the Service, we process account data, the creatives and inputs you upload, and usage information. We do not sell personal information, and we do not use your User Content to train foundation models without your consent.

We collect the following categories of information:

• Account data. Name, email address, password hash, profile picture (optional), preferred language, time zone, and authentication identifiers.
• Subscription & billing data. Plan, subscription status, billing address, tax identifier, and payment-related metadata (card brand, last four digits, expiry). Full card numbers are processed and stored by our payment processor (Stripe), not by AdSim.
• User Content. Creatives (images, video, copy, audio), audience definitions, brand profiles, simulation configurations, and calibration uploads (e.g., Meta Ads CSV exports you choose to import).
• Simulation outputs. Reports, metrics, agent transcripts, scores, and other artifacts generated for your account.
• Usage & device data. Pages visited, features used, simulations run, credits consumed, device type, operating system, browser, language, IP address, and approximate location derived from IP.
• Communications. Messages you send to support, feedback, survey responses, and email-engagement metadata.
• Cookies & similar technologies. See the Cookies section.

We use personal information to:

• Provide, operate, and maintain the Service;
• Run simulations, generate Output, and meter Credits;
• Process subscriptions, payments, and refunds;
• Authenticate users and protect Accounts from fraud and abuse;
• Provide customer support;
• Send transactional and security messages (e.g., receipts, password resets);
• Send product and marketing communications, where permitted, with the ability to opt out;
• Measure performance, debug issues, and improve features;
• Generate de-identified, aggregated calibration and benchmark data;
• Comply with legal obligations and enforce our Terms.

To produce simulation Output, we send model inputs (prompts assembled from your User Content, audience definitions, and brand profiles) to large-language-model providers via gateways such as OpenRouter, including providers like Anthropic, OpenAI, and Google. We configure these providers to disable training on our prompts and outputs where the provider supports such configuration.

We do not use your User Content or Output to train foundation models. We may use de-identified, aggregated signals (for example, calibration deltas comparing simulated to real-world ad performance) to improve our calibration system and benchmarks.

Simulation Output is generated by probabilistic models and may be inaccurate. See the AI Output disclaimer in our Terms of Service.

If you are in the EEA, UK, or Brazil, we process personal data on the following bases:

• Contract — to deliver the Service you signed up for;
• Legitimate interests — to secure, debug, and improve the Service, prevent fraud, and develop new features, where those interests are not overridden by your rights;
• Consent — for non-essential cookies and certain marketing communications, which you may withdraw at any time;
• Legal obligation — to comply with tax, accounting, and regulatory requirements.

We share personal information only as described below. We do not sell personal information.

• Subprocessors who provide infrastructure on our behalf — see the next section;
• Payment processors for billing;
• Professional advisors (lawyers, accountants, auditors) bound by confidentiality;
• Authorities when required by law, valid legal process, or to protect rights and safety;
• Business transfers (merger, acquisition, asset sale), subject to confidentiality and equivalent protection.

We use the following categories of subprocessors:

• Supabase — database, authentication, file storage, real-time messaging.
• Stripe — subscription billing and payments.
• OpenRouter and underlying model providers (e.g., Anthropic, OpenAI, Google) — generating simulation Output and AI interviews. Configured to disable training where supported.
• Hosting & CDN providers — running the application and delivering assets globally.
• Analytics & error monitoring — measuring usage and diagnosing issues; configured to minimize personal data collected.
• Email providers — sending transactional and marketing emails.

A current list of subprocessors is available on request at privacy@adsim.app.

We process and store data in countries that may differ from yours. When we transfer personal data out of the EEA, UK, or Brazil to a country without an adequacy decision, we rely on appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms with each subprocessor.

We retain personal data for as long as necessary to provide the Service and comply with our legal obligations:

• Account data — for the life of the Account;
• User Content & Output — for the life of the Account, plus a short backup window after deletion;
• Billing records — as required by tax and accounting law (typically 5–10 years);
• Logs and security data — typically 30–180 days;
• Marketing engagement — until you opt out, then deleted on a regular schedule.

When you delete your Account, we delete or anonymize your personal data, except where we must retain it for legal, accounting, or fraud-prevention purposes.

We use industry-standard administrative, technical, and physical safeguards to protect personal information, including encryption in transit, encryption at rest for stored credentials and sensitive fields, role-based access control, audit logging, and least-privilege engineering practices. No method of transmission over the Internet is 100% secure; we cannot guarantee absolute security.

Depending on your jurisdiction, you may have the right to: (a) access your personal data; (b) correct inaccurate data; (c) delete your data; (d) object to or restrict processing; (e) port your data to another provider; (f) withdraw consent at any time (without affecting the lawfulness of prior processing); and (g) lodge a complaint with a supervisory authority (e.g., your local data protection authority, the ANPD in Brazil, or the relevant EEA / UK regulator).

To exercise these rights, write to privacy@adsim.app from the email associated with your Account, or use the in-product privacy controls. We respond within the timeframes required by applicable law.

We use the following categories of cookies and similar technologies:

• Strictly necessary — required for authentication, security, and core functionality. Cannot be disabled.
• Functional — remember preferences such as language and theme.
• Analytics — help us understand how the Service is used so we can improve it. Set only with consent where required.
• Marketing — used sparingly and only with consent where required.

You can manage cookies through your browser settings and, where available, through our in-product cookie controls.

The Service is not directed to children under 18 (or the age of digital consent in your jurisdiction). We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, contact us and we will delete it.

California residents have the right to know what personal information we collect, delete personal information, correct inaccurate information, opt out of the “sale” or “sharing” of personal information for cross-context behavioral advertising, and limit the use of sensitive personal information. AdSim does not sell or share personal information for cross-context behavioral advertising.

To exercise California rights, write to privacy@adsim.app. We will not discriminate against you for exercising your rights.

We may update this Privacy Policy as the Service evolves or laws change. Material changes will be communicated by updating the effective date and, where appropriate, by email or in-product notice.

For privacy questions or to exercise your rights, write to our privacy team at privacy@adsim.app. For general legal inquiries, write to legal@adsim.app.