Zbang Zbang Google Ads audit Private search term analysis, account checks, and exports.
Create account Log in

App privacy policy

Zbang Google Ads Audit privacy policy

Last updated March 28, 2026

This policy applies to the Zbang Google Ads Audit app available at https://ads.zbang.ai/app-home. It explains what Google user data and Google Ads data the app accesses, how that data is used, and what controls users have.

What we collect

Google identity and Google Ads data

  • Basic Google account information returned during OAuth sign-in, including the user's Google subject ID, email address, and basic profile details.
  • Encrypted Google refresh tokens needed to maintain the user's Google Ads connection.
  • Google Ads account metadata and reporting/configuration data needed to generate audits, dashboards, and exportable recommendations.
  • This can include account, campaign, ad group, keyword, search term, asset, conversion, audience, Shopping, and product-feed data when available in the connected account.

OAuth scopes

Why the app requests each Google permission

openid

Used to confirm the identity of the Google account holder during sign-in and connection setup.

email

Used to associate the connected Google identity with the correct private workspace and display the connected account email.

profile

Used to read basic account profile information needed to verify the Google connection belongs to the signed-in user.

https://www.googleapis.com/auth/adwords

Required by the Google Ads API to list accessible Google Ads accounts and retrieve reporting, campaign, asset, conversion, and product-feed data for audits. Zbang uses this scope to read data needed for analysis and does not use it to create, edit, or delete campaigns.

Google Ads API access is provided through a single broad OAuth scope. Zbang uses that scope in a read-only way to analyze the user's data and does not use it to launch, edit, or remove campaigns.

How we use the data

  • Authenticate the user and associate a Google connection with the correct private workspace.
  • List accessible Google Ads accounts so the user can choose which account to audit.
  • Retrieve the Google Ads data needed to calculate account-health checks, recommendations, and supporting evidence tables.
  • Store generated dashboards and outputs for the retention period described in the app.

Roles and legal bases

  • Zbang generally acts as controller for account, authentication, workspace-administration, and security data processed in this app.
  • When a user asks Zbang to analyze a Google Ads account, Zbang may act as processor for customer advertising data, depending on the user's relationship with the advertiser.
  • Our legal bases can include performance of a contract, steps taken at the user's request before providing the service, legitimate interests for service security and reliability, and consent or explicit request where optional processing is triggered.

How we share data

  • We do not sell Google user data or Google Ads data.
  • We do not use Google Ads data for unrelated advertising.
  • We only share data with service providers needed to host, secure, and operate the app, and only to the extent required to provide the service.
  • If AI recommendations are enabled for a run, relevant analysis data may be sent to the configured AI provider solely to generate recommendations for that run.

International transfers

  • Some service providers used to host or operate the app may process data outside the EEA or UK.
  • Where such transfers occur, Zbang aims to rely on adequacy decisions, Standard Contractual Clauses, or other lawful transfer mechanisms, as applicable.

Retention, deletion, and user controls

  • Generated files and workspace artifacts are retained in the workspace database for up to 7 days before cleanup.
  • Users can disconnect their Google Ads connection from the app, which stops future Google Ads access.
  • Signed-in users can export their stored account data and request deletion from the in-app privacy and data page.
  • Users can stop using the app at any time and may request privacy assistance using the contact details below.

Security and compliance

  • Google refresh tokens are stored in encrypted form inside the app deployment.
  • Zbang applies access controls so audits and dashboards stay private to the user's account inside the app.
  • Zbang's use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

Your GDPR rights

  • You may have the right to access, correct, erase, restrict, or object to certain processing of your personal data.
  • You may have the right to data portability where GDPR applies.
  • You may also have the right to lodge a complaint with your local supervisory authority.