Skip To Content

Privacy policy

1. SCOPE OF THIS POLICY

This Privacy Policy describes how Lightning Ads ("Lightning Ads," "we," "our," or "us") collects, uses, shares, and protects personal information when you:

  • Visit our website (lightningads.com) or any sub-domains;
  • Use our advertising platform, dashboards, or analytics tools;
  • Interact with our customer support, email communications, or social media;
  • Participate in promotions, surveys, or beta programs.

This Policy applies globally. Additional region-specific disclosures are outlined in Section 8. By using our services, you acknowledge that you have read and understood this Policy.

2. INFORMATION WE COLLECT

We collect the following categories of data:

Category Examples Source Sensitive?
Identifiers Name, email, phone, business name, IP address You / Automated No
Commercial Info Ad spend, transaction history, campaign performance You / Platform No
Internet/Device Data Browser type, OS, referral URL, cookie IDs Automated No
Geolocation Approximate location (IP-based) Automated Potentially
Promotions & Surveys Contest entries, feedback responses You No
Usage Analytics Click-through rates, impressions, session data Automated No
Marketing & Ad IDs Google Ads ID, Meta Pixel Automated No
Payment Tokens Stripe token, last 4 digits of card Stripe No
Support Records Emails, chat logs, call recordings You May contain sensitive

We do not collect biometric data, facial recognition data, or personal information from children under 16 (EEA/UK) or 13 (U.S.).

3. HOW & WHY WE USE PERSONAL DATA

Purpose Data Categories Lawful Basis (GDPR) CPRA Purpose
Account creation & authentication Identifiers Contract (Art 6(1)(b)) "Account Services"
Ad campaign management Identifiers, Commercial Info Contract (Art 6(1)(b)) "Processing Transactions"
Analytics & optimization Usage Analytics, Device Data Legitimate Interest (Art 6(1)(f)) "Debugging"
Marketing communications Identifiers Consent (Art 6(1)(a)) "Marketing"
Promotions & surveys Promotions & Survey Data Consent (Art 6(1)(a)) "Marketing"
Interest-based ads Ad IDs, Device Data Consent (Art 6(1)(a)) "Cross-context advertising" (opt-out)
Payment processing Payment Tokens Legal Obligation (Art 6(1)(c)) "Payment Processing"
Fraud prevention Identifiers, Device Data Legitimate Interest "Security & Integrity"

4. RETENTION OF PERSONAL DATA

We retain data only as long as necessary:

  • Account & billing records – 7 years after closure
  • Payment tokens – 7 years (tax/audit compliance)
  • Usage analytics – 26 months
  • Support tickets – 3 years
  • Advertising cookies – As per expiry in Section 5

5. COOKIES & TRACKING TECHNOLOGIES

5.1 Cookie Categories:

  • Essential – Required for site functionality (e.g., login sessions)
  • Functional – Preferences (e.g., language settings)
  • Analytics – Performance tracking (Google Analytics)
  • Advertising – Personalized ads (Google Ads, Meta Pixel)

5.2 Cookie Inventory

Name Provider Category Purpose Expiry
_ga, _gid Google Analytics Analytics Visitor tracking 2 years / 24h
_gcl_au Google Ads Advertising Ad click tracking 3 months
fb_pixel Meta Advertising Ad targeting 90 days
session_id Lightning Ads Essential User session Session
lang_pref Lightning Ads Functional Language setting 1 year

You can manage cookies via browser settings or our Cookie Settings link in the footer.

6. SHARING OF PERSONAL DATA

We do not sell personal data but may share it for advertising (CPRA opt-out available).

Disclosures include:

  • Service Providers (Google Cloud, Stripe, Twilio) under DPAs
  • Third-party integrations (e.g., Meta, Google Ads)
  • Legal authorities (if required)
  • Business successors (mergers/acquisitions)

All international transfers use SCCs (EU) or equivalent safeguards.

7. INTERNATIONAL DATA TRANSFERS

Data is primarily stored in the U.S. Transfers outside the EEA/UK rely on:

  • Standard Contractual Clauses (SCCs)
  • Adequacy decisions (where applicable)
  • Consent (for specific cases)

8. YOUR PRIVACY RIGHTS

8.1 EU/UK (GDPR) Rights

  • Access, correct, delete, or restrict data
  • Object to processing
  • Data portability
  • Withdraw consent

How to exercise:

  • Dashboard: Settings → "Download My Data"
  • Email: privacy@lightningads.com
  • Opt-out of marketing: Unsubscribe link in emails

8.2 California (CPRA) Rights

  • Know, delete, correct, or opt-out of sharing
  • Non-discrimination

How to exercise:

We respond within 30 days (GDPR) or 45 days (CPRA).

9. SECURITY MEASURES

  • TLS 1.3 encryption (in transit)
  • AES-256 encryption (at rest)
  • MFA & role-based access for employees
  • Regular security audits

10. ANTI-PHISHING REMINDER

We never ask for passwords or payment details via email/SMS. Report suspicious messages to security@lightningads.com.

11. CHILDREN’S PRIVACY

Not intended for users under 16 (EEA/UK) or 13 (U.S.).

12. BREACH NOTIFICATION

In case of a data breach, we notify authorities within 72 hours (GDPR) and affected users promptly.

13. POLICY UPDATES

Changes will be notified via email or website banner 30 days in advance.

14. CONTACT US

Data Controller : Lightning Ads

Address : 101 West Big Beaver Ave, Floor 14 Troy, MI 48084

Email : privacy@lightningads.com

Phone : +1 844-888-5438

15. GLOSSARY

  • "Personal Data" = Identifiable information
  • "Processing" = Any data operation
  • "Service Provider" = Third-party data processor
  • "Sell/Share" = As defined by CPRA