Back to home

Privacy Policy

Last updated: May 19, 2026

1. Overview

30 Sec Ads ("we", "us", or "our") operates the website 30secads.com (the "Service"). This Privacy Policy explains how we collect, use, and protect information when you use our Service. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We collect the following types of information:

  • Google Account information — your email address, obtained via Google OAuth, used solely to identify your account and maintain your session.
  • Google Ads account data — when you connect your Google Ads account, we access your Google Ads customer accounts (account names and IDs) in order to publish campaigns on your behalf. We do not store campaign performance data, billing information, or any other Ads account data beyond what is required to create and submit campaigns.
  • Campaign brief data — business description, website URL, target geography, language, and other inputs you provide when creating a campaign. This data is transmitted to our servers when you request AI-generated ad content, and may be stored server-side for service improvement, quality assurance, and analytics purposes.
  • Usage data — basic server logs (IP address, browser type, pages visited) for security and service improvement purposes.

3. How We Use Google User Data

Google API Services User Data Policy Compliance

30 Sec Ads' use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Specifically, data obtained from Google APIs is used only to:

  • Authenticate you and maintain your session on our platform.
  • List your Google Ads customer accounts so you can select where to publish a campaign.
  • Create and submit Google Ads search campaigns to the account you explicitly select.

We do not use Google user data for advertising purposes, to train machine learning models, to build user profiles, or to share with any third parties beyond what is strictly necessary to provide the Service described above. We do not sell Google user data. We do not allow humans to read your Google user data unless you give us explicit permission or it is necessary for security purposes.

3a. Specific Google User Data Accessed

The following is a complete list of Google user data our application accesses:

Google Account Identity (via openid, userinfo.email, userinfo.profile)

  • Email address — used as a unique identifier for your account
  • Display name — shown in the application UI
  • Profile picture URL — shown in the application UI

Storage: Email stored server-side in encrypted session (Redis). Profile name and picture used only in-session, not persisted.

Google Ads Account Data (via https://www.googleapis.com/auth/adwords)

  • Google Ads Manager Account (MCC) structure — account IDs and names, used to display the list of accounts you can publish to
  • Sub-account (client account) IDs, names, and currency codes — used to correctly configure campaign budget in the account's native currency
  • Campaign creation — we write new Search campaigns, ad groups, keywords, and responsive search ads to the Google Ads account you select

Storage: Account IDs and names are not stored permanently. OAuth access tokens are stored in encrypted server-side sessions and expire after 30 days of inactivity. We do not store campaign performance data, billing information, payment methods, or any historical data from your Google Ads account.

4. OAuth Scopes We Request

We request the following Google OAuth scopes:

  • openid and userinfo.email — to identify you by your Google email address.
  • https://www.googleapis.com/auth/adwords — to create campaigns in your Google Ads account. This scope is only requested when you explicitly choose to connect your Google Ads account to publish a campaign.

5. Data Storage and Security

Your Google OAuth tokens are stored securely in an encrypted server-side session (Redis). We do not store OAuth tokens in your browser or in plain text. Campaign brief data (business inputs and AI-generated ad copy) is transmitted to our servers when you initiate AI generation and may be retained in our database for service improvement and analytics purposes. A copy is also maintained in your browser's local storage for the duration of your session.

All data in transit is encrypted using TLS (HTTPS). We take reasonable technical and organizational measures to protect your data against unauthorized access, alteration, or disclosure.

6. Data Retention

We retain your session data (email address and OAuth tokens) for the duration of your active session. Sessions expire after 30 days of inactivity, after which all associated data is deleted. You can request immediate deletion of your account and all associated data at any time by contacting us at privacy@30secads.com.

7. Revoking Access

You can revoke 30 Sec Ads' access to your Google account at any time by visiting myaccount.google.com/permissions and removing "30 Sec Ads" from the list of authorized applications. Revoking access will immediately invalidate our ability to access your Google Ads account.

8. Cookies and Analytics

We use cookies and similar tracking technologies. Cookies fall into two categories:

  • Strictly necessary cookies — required for the Service to function. These store your session identifier (so you stay logged in) and your cookie consent choice. These are always active and cannot be disabled.
  • Analytics cookies — used to understand how visitors use the Service (pages visited, actions taken). We use Google Analytics 4 via Google Tag Manager for this purpose. Analytics cookies are only set after you give your consent. If you decline, no analytics data is collected.

We implement Google Consent Mode v2: all analytics and advertising storage is set to denied by default. Storage is only granted when you click "Accept all" in the cookie banner. Your choice is saved in your browser and respected on future visits.

You can change your consent choice at any time by clearing your browser's local storage for this site, which will reset the banner on your next visit. You can also opt out of Google Analytics across all sites by installing the Google Analytics Opt-out Browser Add-on.

We do not use cookies for advertising, retargeting, or profiling purposes.

9. Third-Party Services

We use the following third-party services to operate the platform:

  • Google OAuth 2.0 — for user authentication.
  • Google Ads API — for creating and submitting campaigns.
  • AI content generation providers — your campaign brief (business description, website URL, target geography, language, and ad preferences) is sent to one or more of the following AI providers solely to generate ad copy. We do not include any personally identifiable information (name, email, payment data) in these requests:

10. Your Rights

Depending on where you live, you may have rights under data protection laws including the EU General Data Protection Regulation (GDPR), the UK GDPR, the California Consumer Privacy Act (CCPA), and similar laws in other jurisdictions. These rights generally include:

  • Right to access — request a copy of the personal data we hold about you.
  • Right to rectification — request correction of inaccurate or incomplete data.
  • Right to erasure ("right to be forgotten") — request deletion of your personal data and account. Upon a verified request, we will delete all session data, OAuth tokens, and stored campaign brief records associated with your account.
  • Right to data portability — receive your data in a structured, commonly used machine-readable format.
  • Right to object — object to processing of your personal data for any legitimate-interest-based purpose.
  • Right to withdraw consent — withdraw consent for analytics or any other consent-based processing at any time.
  • Right to lodge a complaint — file a complaint with your local data protection authority if you believe we have not handled your data lawfully.

For California residents under CCPA, additionally:

  • Right to know what categories of personal information we have collected about you and how it is used.
  • Right to delete personal information we collected from you, subject to certain legal exceptions.
  • Right to opt-out of sale — we do not sell personal information, so this right is satisfied by default.
  • Right to non-discrimination — exercising your privacy rights will not result in denial of service, different pricing, or reduced service quality.

How to exercise your rights: Email us at privacy@30secads.com from the email address associated with your account. We may request additional information to verify your identity if the request comes from a different address. We will respond to all verified requests within 30 days of receipt. There is no fee to exercise these rights.

You can also revoke our access to your Google account immediately, without contacting us, by visiting myaccount.google.com/permissions and removing "30 Sec Ads" from the list of authorized applications, or by clicking Disconnect Google Ads inside the application.

11. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify users of significant changes by posting the new policy on this page with an updated date. Continued use of the Service after changes are posted constitutes your acceptance of the updated policy.

12. Contact

If you have any questions about this Privacy Policy, please contact us at: privacy@30secads.com

🍪

Help us improve 30 Sec Ads

We use Google Analytics to understand how the tool is used and make it better. Your session is always kept — analytics are optional.

Privacy Policy