Privacy Policy

Creaboost, operated by DEEPCASTR SAS (“Creaboost”, “we”, “us”, “our”), respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, and disclose information when you:

use our platform at https://app.creaboost.com (the “Services”),
visit https://creaboost.com (the “Website”),
interact with us as a customer, prospect, partner, or job applicant,
or otherwise communicate with us.

This Privacy Policy should be read together with our Terms of Service.

1. Scope and Roles

1.1 Data Controller vs. Data Processor

Depending on the context:

Creaboost acts as a data processor when processing data on behalf of our clients through the Services.
Creaboost acts as a data controller when processing data for its own purposes (e.g., website visitors, marketing, support).
Clients are responsible for ensuring they have a lawful basis to share data with us.

2. Information We Collect

We may collect and receive information in the following ways:

2.1 Data Processed on Behalf of Clients

When providing the Services, we may process:

advertising performance data (impressions, clicks, spend, conversions);
campaign, ad group, keyword, product, and creative data;
engagement and attribution signals;
technical identifiers provided by third-party platforms.

This data is obtained:

directly from clients;
via integrations with platforms such as Google Ads, Meta, TikTok;
via APIs authorized by the client (OAuth or similar).

We do not independently collect end-user data for our own marketing purposes.

2.2 Data You Provide Directly

We may collect personal data when you:

create an account;
subscribe to a plan;
contact support;
subscribe to communications;
apply for a job;
participate in surveys or events.

This may include: name; email address; company name; job title; billing information (processed via third-party providers); login credentials; and communication content.

2.3 Automatically Collected Data

When you use the Website or Services, we may collect: IP address; browser and device information; operating system; usage data (pages visited, actions taken); timestamps and referring URLs.

3. How We Use Information

We use personal data strictly to:

provide, operate, and maintain the Services;
generate analytics, dashboards, and reports;
authenticate users and manage accounts;
provide customer support;
ensure security and prevent fraud or abuse;
comply with legal obligations;
communicate with you (service-related or, where permitted, marketing).

Important Restrictions (Core Positioning)

Creaboost explicitly commits that:

we do not sell personal data;
we do not use data from Google, Meta, or other APIs for advertising targeting, profiling, or resale;
we do not use Customer Data to train any generalized AI or machine learning models;
we only process data to provide the Services requested by the Client.

4. Third-Party Platforms and OAuth

4.1 OAuth Authorization

Clients may authorize Creaboost to access third-party platforms (e.g., Google Ads, Meta). Access is granted via OAuth or similar mechanisms. Access can be revoked at any time. Upon revocation, we stop accessing the relevant data.

4.2 Google API Services Compliance

If we access Google APIs:

we comply with the Google API Services User Data Policy, including Limited Use requirements;
data is used only to provide analytics and reporting;
data is not used for advertising or AI training.

4.3 Meta and Other Platforms

If we access Meta, TikTok, or similar APIs: data is used strictly in accordance with platform policies; prohibited uses (e.g., surveillance, discrimination) are not permitted.

6. Data Retention

We retain personal data only as long as necessary to: provide the Services; comply with legal obligations; resolve disputes; enforce agreements.

Unless required otherwise:

client data is retained during the subscription;
data is deleted or anonymized within 30 days after termination or disconnection.

7. Security

We implement industry-standard technical and organizational measures to protect data. However: no system is completely secure; users must protect their credentials.

8. Your Rights

Under applicable laws (including GDPR), you may: access your data; correct inaccurate data; request deletion; restrict or object to processing.

If we process data on behalf of a client:
→ requests must be directed to that client. We will assist as required by law.

9. International Data Transfers

Data may be processed in different jurisdictions. Where required, we implement safeguards such as: contractual protections; equivalent data protection standards.

10. Tracking Technologies

We use limited tracking technologies such as: cookies; analytics tools; security-related tracking.

These are used to: improve the Services; understand usage; ensure security.

We do not use tracking technologies for behavioral advertising based on Customer Data.

11. Third-Party Links

Our Services may include links to third-party websites. We are not responsible for their privacy practices.

12. Updates

We may update this Privacy Policy. Material changes will be notified; continued use implies acceptance.

13. Contact

For any questions or requests:

privacy@creaboost.com
Attn: Data Protection Officer
DEEPCASTR SAS

Creaboost, operated by DEEPCASTR SAS (“Creaboost”, “we”, “us”, “our”), respects your privacy and is committed to protecting your personal data.

This Privacy Policy explains how we collect, use, store, and disclose information when you:

use our platform at https://app.creaboost.com (the “Services”),
visit https://creaboost.com (the “Website”),
interact with us as a customer, prospect, partner, or job applicant,
or otherwise communicate with us.

This Privacy Policy should be read together with our Terms of Service.

1. Scope and Roles

1.1 Data Controller vs. Data Processor

Depending on the context:

Creaboost acts as a data processor when processing data on behalf of our clients through the Services.
Creaboost acts as a data controller when processing data for its own purposes (e.g., website visitors, marketing, support).
Clients are responsible for ensuring they have a lawful basis to share data with us.

2. Information We Collect

We may collect and receive information in the following ways:

2.1 Data Processed on Behalf of Clients

When providing the Services, we may process:

advertising performance data (impressions, clicks, spend, conversions);
campaign, ad group, keyword, product, and creative data;
engagement and attribution signals;
technical identifiers provided by third-party platforms.

This data is obtained:

directly from clients;
via integrations with platforms such as Google Ads, Meta, TikTok;
via APIs authorized by the client (OAuth or similar).

We do not independently collect end-user data for our own marketing purposes.

2.2 Data You Provide Directly

We may collect personal data when you:

create an account;
subscribe to a plan;
contact support;
subscribe to communications;
apply for a job;
participate in surveys or events.

This may include: name; email address; company name; job title; billing information (processed via third-party providers); login credentials; and communication content.

2.3 Automatically Collected Data

When you use the Website or Services, we may collect: IP address; browser and device information; operating system; usage data (pages visited, actions taken); timestamps and referring URLs.

3. How We Use Information

We use personal data strictly to:

provide, operate, and maintain the Services;
generate analytics, dashboards, and reports;
authenticate users and manage accounts;
provide customer support;
ensure security and prevent fraud or abuse;
comply with legal obligations;
communicate with you (service-related or, where permitted, marketing).

Important Restrictions (Core Positioning)

Creaboost explicitly commits that:

we do not sell personal data;
we do not use data from Google, Meta, or other APIs for advertising targeting, profiling, or resale;
we do not use Customer Data to train any generalized AI or machine learning models;
we only process data to provide the Services requested by the Client.

4. Third-Party Platforms and OAuth

4.1 OAuth Authorization

4.2 Google API Services Compliance

If we access Google APIs:

we comply with the Google API Services User Data Policy, including Limited Use requirements;
data is used only to provide analytics and reporting;
data is not used for advertising or AI training.

4.3 Meta and Other Platforms

If we access Meta, TikTok, or similar APIs: data is used strictly in accordance with platform policies; prohibited uses (e.g., surveillance, discrimination) are not permitted.

6. Data Retention

We retain personal data only as long as necessary to: provide the Services; comply with legal obligations; resolve disputes; enforce agreements.

Unless required otherwise:

client data is retained during the subscription;
data is deleted or anonymized within 30 days after termination or disconnection.

7. Security

We implement industry-standard technical and organizational measures to protect data. However: no system is completely secure; users must protect their credentials.

8. Your Rights

Under applicable laws (including GDPR), you may: access your data; correct inaccurate data; request deletion; restrict or object to processing.

If we process data on behalf of a client:
→ requests must be directed to that client. We will assist as required by law.

9. International Data Transfers

Data may be processed in different jurisdictions. Where required, we implement safeguards such as: contractual protections; equivalent data protection standards.

10. Tracking Technologies

We use limited tracking technologies such as: cookies; analytics tools; security-related tracking.

These are used to: improve the Services; understand usage; ensure security.

We do not use tracking technologies for behavioral advertising based on Customer Data.

11. Third-Party Links

Our Services may include links to third-party websites. We are not responsible for their privacy practices.

12. Updates

We may update this Privacy Policy. Material changes will be notified; continued use implies acceptance.

13. Contact

For any questions or requests:

privacy@creaboost.com
Attn: Data Protection Officer
DEEPCASTR SAS

1. Scope and Roles

1.1 Data Controller vs. Data Processor

2. Information We Collect

2.1 Data Processed on Behalf of Clients

2.2 Data You Provide Directly

2.3 Automatically Collected Data

3. How We Use Information

Important Restrictions (Core Positioning)

4. Third-Party Platforms and OAuth

4.1 OAuth Authorization

4.2 Google API Services Compliance

4.3 Meta and Other Platforms

5. Sharing of Information

5.1 Service Providers

5.2 Legal Obligations

5.3 Business Transfers

5.4 Aggregated Data

6. Data Retention

7. Security

8. Your Rights

9. International Data Transfers

10. Tracking Technologies

11. Third-Party Links

12. Updates

13. Contact

Privacy Policy

1. Scope and Roles

1.1 Data Controller vs. Data Processor

2. Information We Collect

2.1 Data Processed on Behalf of Clients

2.2 Data You Provide Directly

2.3 Automatically Collected Data

3. How We Use Information

Important Restrictions (Core Positioning)

4. Third-Party Platforms and OAuth

4.1 OAuth Authorization

4.2 Google API Services Compliance

4.3 Meta and Other Platforms

5. Sharing of Information

5.1 Service Providers

5.2 Legal Obligations

5.3 Business Transfers

5.4 Aggregated Data

6. Data Retention

7. Security

8. Your Rights

9. International Data Transfers

10. Tracking Technologies

11. Third-Party Links

12. Updates

13. Contact