Adbridge connects to your Google Calendar and Google Ads accounts, so the access you grant is the most sensitive thing we hold. This page explains how we protect it.
1. Per-service access
Signing in uses only your basic profile. Calendar and Google Ads access are granted separately, each on its own consent screen, and only when you choose to connect that service. We request the minimum scopes the features need.
2. Encrypted token storage
OAuth refresh tokens are encrypted at rest with AES-256-GCM and decrypted only on our servers to call Google APIs on your behalf. They are never sent to the browser and never visible to other users.
3. Changes you can review
Campaigns created through Adbridge always start paused, and automation only makes the changes you configured — enabling, pausing, or adjusting within your rules. Nothing spends money without an action you set up.
4. What we never do
- Sell or share your Google data with third parties.
- Use your data for advertising or to train AI models.
- Read your data manually, except with your consent, for security, or as required by law.
5. Revoke at any time
Disconnect either service in Adbridge at any time, or revoke access at myaccount.google.com/permissions. After disconnection we delete the associated data within 30 days.
6. Report a concern
Found a vulnerability or have a security question? Email datlechin@gmail.com.