Adi ("Adi," "we," "us," or "our") operates the platform available at hiadi.co (the "Service"). This Privacy Policy explains what information we collect, how we use it, and the choices you have. By using the Service you agree to the practices described here.
When you register we collect your name, email address, and a hashed password. We never store plaintext passwords.
To connect your Meta or Google Ads accounts you authorize us through each platform's official OAuth flow. We store only the resulting access tokens — encrypted at rest with AES-256-GCM — and never your platform username or password. You can revoke access at any time from your settings or directly from the platform.
Once connected, Adi retrieves campaign, ad set, and ad-level performance metrics (impressions, clicks, spend, conversions, ROAS, etc.) on your behalf. This data belongs to you; we process it solely to provide the Service.
During onboarding you may provide your business name, industry, target customer description, primary growth goal, and average deal value. This context is used to personalise AI analysis and recommendations.
We collect standard server logs (IP address, browser/device type, pages visited, timestamps) and product analytics events through PostHog to understand how the Service is used and to improve it. We do not sell this data.
Billing is handled by Stripe. We never see or store full card numbers. We retain your Stripe customer ID and subscription status to manage your plan.
We do not use your advertising data to train general AI models, sell to third parties, or share with other Adi customers.
Adi uses large language models to generate insights and recommendations from your data. Your ad performance data and business context may be sent to the following sub-processors as part of that analysis:
| Sub-processor | Purpose | Location |
|---|---|---|
| Anthropic (Claude) | AI reasoning & recommendations | USA |
| Google (Gemini) | Image & video analysis | USA |
| Neon | Database hosting | USA |
| Vercel | Application hosting & CDN | USA / Global |
| Stripe | Payment processing | USA |
| Resend | Transactional email | USA |
| PostHog | Product analytics | USA / EU |
| Sentry | Error monitoring | USA |
| Upstash | Rate limiting | USA / Global |
Each sub-processor is bound by data processing agreements consistent with applicable privacy law.
We retain your account data for as long as your account is active. Ad performance data is retained for up to 24 months to support trend analysis. When you delete your account we delete or anonymise your personal data within 30 days, except where we are required to retain it for legal or tax purposes.
We use industry-standard safeguards: TLS in transit, AES-256-GCM for stored platform tokens, bcrypt for passwords, and role-based access controls. No system is perfectly secure. We will notify affected users of a confirmed breach as required by law.
Depending on where you live, you may have the right to:
To exercise any right, email us at privacy@hiadi.co. We will respond within 30 days.
We use a single session cookie to keep you logged in. We use PostHog's first-party analytics cookie to understand product usage. We do not use advertising or tracking cookies and do not participate in cross-site tracking.
The Service is not directed to children under 16. We do not knowingly collect personal data from children. If you believe a child has provided us data, please contact us and we will delete it promptly.
Adi is operated from Israel and the United States. If you are located in the EU/EEA, your data may be transferred to and processed in countries that do not provide the same level of protection as your home jurisdiction. We rely on Standard Contractual Clauses and sub-processor DPAs for such transfers.
We may update this policy from time to time. We will notify registered users by email at least 14 days before material changes take effect. Continued use of the Service after the effective date constitutes acceptance.
Questions, requests, or complaints about this policy:
privacy@hiadi.co