PRIVACY POLICY

Last Updated: December 1, 2025

TL;DR Summary

NanoAds collects Google user data (email, name, profile picture) and YouTube account data (channel info, OAuth tokens) exclusively to provide authentication and YouTube video publishing functionality. We store this data securely, share it only with Google services necessary for our functionality, and delete it when you disconnect your account or delete your profile.

1. Overview

NanoAds is a Chrome extension and web application that helps users generate AI-powered advertisements and publish them to YouTube. We are committed to protecting your privacy and being transparent about our data practices.

2. Google User Data Disclosure

This section specifically addresses how NanoAds accesses, uses, stores, and shares Google user data in compliance with Google's API Services User Data Policy.

What Google User Data We Collect

Google OAuth Authentication Data

When you sign in with Google, we collect:

  • Email Address: Used for account identification and communication
  • Full Name: Used to personalize your account experience
  • Profile Picture: Displayed in your account dashboard
  • Google User ID: Used to link your Google account with your NanoAds account

YouTube API Data

When you connect your YouTube account, we collect and store:

  • YouTube Channel ID: Unique identifier for your YouTube channel
  • YouTube Channel Username/Custom URL: Your channel's custom URL (if set)
  • YouTube Channel Display Name: Your channel's public display name
  • YouTube Channel Avatar: Your channel's profile picture URL
  • OAuth Access Tokens: Secure tokens that allow us to upload videos and manage your YouTube content
  • OAuth Refresh Tokens: Used to obtain new access tokens when they expire
  • OAuth Scopes Granted: Record of which YouTube API permissions you've authorized
  • Video Metadata: When uploading videos, we temporarily store title, description, tags, category, and privacy settings

How We Use Google User Data

We use Google user data exclusively to provide and improve our application's core functionality:

Google OAuth Data Usage

  • Account Creation & Authentication: Your email, name, and profile picture are used to create and maintain your NanoAds account
  • User Identification: Your Google User ID links your Google account to your NanoAds account for seamless login
  • Account Personalization: Your name and profile picture are displayed in your dashboard

YouTube API Data Usage

  • Channel Verification: We retrieve your YouTube channel information to verify account connection
  • Video Upload: We use OAuth tokens to upload videos you create directly to your YouTube channel
  • Video Management: We use OAuth tokens to update video metadata and delete videos when you request it
  • Token Management: We automatically refresh expired access tokens to maintain service continuity

We do NOT use Google user data for:

  • Advertising or marketing purposes
  • Data analytics beyond usage metrics for plan enforcement
  • Training AI models
  • Any purpose other than providing or improving our application's functionality

How We Store Google User Data

Storage Locations:

  • Supabase Database: Your Google OAuth data and YouTube account data are stored in our secure Supabase database
  • Chrome Extension Local Storage: For extension users, authentication tokens are stored locally using Chrome's secure storage API

Data Protection Mechanisms:

  • Encryption in Transit: All data transmission uses HTTPS/TLS encryption
  • Encryption at Rest: Sensitive data including OAuth tokens are encrypted in our database
  • Row Level Security (RLS): Database access is restricted - users can only access their own data
  • Secure Token Storage: OAuth tokens are stored securely and never exposed in client-side code
  • Token Expiration: Access tokens automatically expire and are refreshed securely

With Whom We Share Google User Data

We share Google user data only with the following third parties, and only to provide or improve our application's functionality:

Google Services

  • Google OAuth API: We exchange authentication credentials with Google to verify your identity
  • YouTube Data API: We send OAuth tokens to YouTube's API to upload videos and manage content on your behalf
  • Google Gemini API: We send product images (not Google user data) for AI-powered ad generation

All interactions with Google services are governed by Google's Privacy Policy and YouTube API Terms of Service.

Service Providers

  • Supabase: Our database hosting provider stores your Google user data securely. See Supabase Privacy Policy.
  • Stripe: For payment processing. We share your email address with Stripe for payment receipts. Stripe never receives your Google user data. See Stripe's Privacy Policy.

We do NOT:

  • Sell Google user data to third parties
  • Share Google user data with third parties for advertising purposes
  • Transfer Google user data to third parties except as necessary to provide our service

Data Retention and Deletion

Retention Period:

  • Active Accounts: Google user data is retained while your NanoAds account is active
  • YouTube Connection: YouTube account data and tokens are retained until you disconnect your YouTube account or delete your NanoAds account
  • Video Metadata: Scheduled post metadata is retained until the post is published or cancelled, then deleted

Deletion Rights:

  • Disconnect YouTube Account: You can disconnect your YouTube account at any time through your dashboard. This immediately deletes all YouTube-related data
  • Delete Account: You can delete your entire NanoAds account, which will permanently delete all Google user data
  • Data Deletion Request: Contact us at team@ddtechsolution.com to request deletion
  • Revoke Access: You can revoke Google OAuth permissions through your Google Account settings

3. General Data Collection

What We Store Locally (In Your Browser - Chrome Extension)

  • User Account Info: Email, name, profile picture (from Google OAuth)
  • Product Images: Temporarily stored in browser memory during ad generation
  • User Preferences: Extension settings stored locally
  • Authentication Token: Secure session token for backend API access

What We Store on Our Servers

  • User Account: Email, name, profile picture, Google ID, subscription plan, usage statistics
  • Usage Metrics: Number of ads generated (for plan limit enforcement)
  • Payment Information: Managed securely by Stripe (we never see your card details)
  • Generated Content: URLs to generated ad images stored in cloud storage

What We Do NOT Collect or Store

  • Your uploaded product images (processed in memory only, never saved)
  • Browsing history
  • Cookies or tracking data beyond authentication

4. How Your Data is Used

  1. Account Information: Used for authentication and subscription management
  2. Product Images: Sent to our secure backend, processed by Google's Gemini API, then immediately discarded
  3. Generated Ads: Stored in cloud storage and displayed in your dashboard
  4. Usage Statistics: Track your monthly/daily generation limits based on your plan
  5. YouTube Integration: Upload and manage videos on your YouTube channel as described above

5. Third-Party Services

Google OAuth

We use Google OAuth for secure sign-in. Google provides us with your email, name, and profile picture. This is governed by Google's Privacy Policy.

Google Gemini API

When you generate an ad, the following data is sent to Google's Gemini API via our secure backend:

  • Your product image (base64 encoded)
  • The reference ad image (base64 encoded)
  • Our server-side API key (your personal API key is NOT required)

This data is processed according to Google's Privacy Policy and Gemini API Terms.

Stripe

Payment processing is handled by Stripe. We never see or store your credit card information. Stripe's privacy practices are governed by Stripe's Privacy Policy.

Facebook Ads Library

The extension operates on facebook.com/ads/library pages but does NOT:

  • Collect your Facebook data
  • Access your Facebook account
  • Track your browsing on Facebook

6. Data Security

  • API keys and tokens are stored using secure encryption
  • All API communications use HTTPS/TLS encryption
  • Database access is protected with Row Level Security (RLS) policies
  • Sensitive data is encrypted at rest in our database
  • OAuth tokens are stored securely and never exposed in client-side code

7. Your Rights

You have complete control over your Google user data and all personal data:

  • Access: You can view all your account data through your dashboard
  • Delete: You can delete your account or disconnect YouTube at any time
  • Export: Contact us to request a copy of your data
  • Revoke Access: You can revoke Google OAuth permissions through your Google Account settings

8. Changes to This Policy

We may update this privacy policy to reflect changes in our practices or for legal, operational, or regulatory reasons. If we make material changes to how we use Google user data, we will:

  • Update the "Last Updated" date at the top of this policy
  • Notify you via email if you have an account with us
  • Display a prominent notice in our application

Continued use of our service after changes constitutes acceptance of the updated policy.

9. Terms of Service

By using NanoAds, you agree to our Terms of Service.

10. Compliance

This application complies with:

  • Google API Services User Data Policy
  • YouTube API Terms of Service
  • Chrome Web Store Developer Program Policies
  • GDPR (General Data Protection Regulation)
  • CCPA (California Consumer Privacy Act)

11. Contact

For privacy questions, concerns, or to request deletion of your Google user data, please contact us at team@ddtechsolution.com

© 2025 NanoAds. All rights reserved.