Privacy Policy

Consolync Privacy Policy

Effective Date: February 14, 2026
Last Updated: February 14, 2026

1. Introduction

Welcome to Consolync. We are a music advertising platform that helps artists and labels create and manage advertising campaigns on Meta platforms (Facebook and Instagram).

This Privacy Policy explains how Consolync ("we," "our," or "us") collects, uses, shares, and protects your personal information when you use our platform. By using Consolync, you agree to the practices described in this policy.

2. Information We Collect

2.1 Account Information

When you create a Consolync account, we collect:

  • Email address
  • Full name
  • Organization name (if applicable)
  • Password (encrypted and securely stored)
  • Profile information

2.2 Meta Platform Connections

When you connect your Facebook and Instagram accounts to Consolync:

  • Facebook Page IDs and names
  • Instagram Business Account IDs and usernames
  • Access tokens (encrypted and securely stored)
  • Page permissions and roles
  • Instagram account connection status

2.3 Campaign and Advertising Data

When you create advertising campaigns through our platform:

  • Campaign names, objectives, and budgets
  • Ad creative content (videos, images, thumbnails, ad copy)
  • Targeting preferences (age, gender, location, interests)
  • Destination URLs (e.g., Spotify track links)
  • Campaign performance metrics (impressions, clicks, conversions)
  • Scheduled campaign dates and times

2.4 Payment Information

When you make payments for advertising services:

  • Billing information (processed securely through Stripe)
  • Payment history and transaction records
  • Subscription plan details

Note: We do not directly store your credit card numbers. All payment processing is handled by our PCI-compliant payment processor, Stripe.

2.5 Usage Data

We automatically collect certain information about how you use our platform:

  • IP address
  • Browser type and version
  • Device information
  • Pages visited and features used
  • Time spent on the platform
  • Error logs and diagnostic data

2.6 Communications

  • Support ticket messages
  • Email correspondence with our team
  • Feedback and survey responses

3. How We Use Your Information

We use your information for the following purposes:

3.1 Service Delivery

  • Create, manage, and optimize your advertising campaigns on Meta platforms
  • Upload videos and images to Meta's advertising system
  • Generate automated thumbnails for video advertisements
  • Publish ads to your connected Facebook Pages and Instagram accounts
  • Track and report campaign performance metrics

3.2 Platform Operation

  • Authenticate your account and maintain security
  • Process payments and manage subscriptions
  • Provide customer support and respond to inquiries
  • Send service-related notifications (campaign approvals, rejections, billing)
  • Troubleshoot technical issues and improve platform performance

3.3 Communication

  • Send you important updates about our service
  • Notify you of new features and improvements
  • Provide marketing communications (with your consent)
  • Request feedback to improve our service

3.4 Analytics and Improvement

  • Analyze usage patterns to improve user experience
  • Develop new features and functionality
  • Conduct research and testing
  • Monitor platform security and prevent fraud

3.5 Legal Compliance

  • Comply with applicable laws and regulations
  • Respond to legal requests and prevent harm
  • Enforce our Terms of Service
  • Protect our rights and property

4. Meta Platform Integration

4.1 What We Access

When you authorize Consolync to connect with your Meta accounts, we access:

  • Your Facebook Pages (name, ID, access permissions)
  • Your Instagram Business/Creator accounts (username, ID)
  • The ability to create and manage ads on your behalf
  • Campaign performance data and insights

4.2 What We Do NOT Access

  • Your personal Facebook profile or posts
  • Your personal Instagram feed or stories
  • Direct messages or private conversations
  • Posts, comments, or content unrelated to advertising
  • Your friends list or follower information

4.3 How We Use Meta API

  • We use Meta's Marketing API to programmatically create advertising campaigns
  • Ads are created in our agency ad account but published to your Facebook Pages and Instagram accounts
  • We use System User tokens with minimum required permissions
  • All API communications are encrypted and secured

4.4 Revoking Access

You can revoke Consolync's access to your Meta accounts at any time by:

  • Disconnecting in your Consolync account settings, OR
  • Removing Consolync from your Meta Business Settings at business.facebook.com

5. Third-Party Services

We use the following trusted third-party services to operate our platform:

5.1 Meta (Facebook/Instagram)

5.2 Stripe

5.3 Supabase

  • Purpose: Secure data storage and authentication
  • Data Shared: All platform data (encrypted at rest)
  • Privacy Policy: https://supabase.com/privacy

5.4 Spotify

  • Purpose: Music streaming links (we only store URLs, no Spotify user data)
  • Data Shared: None (public track URLs only)

6. Data Security

We implement industry-standard security measures to protect your information:

  • Encryption: All data is encrypted in transit (SSL/TLS) and at rest (AES-256)
  • Authentication: Secure password hashing and multi-factor authentication support
  • Access Controls: Row-level security (RLS) ensures users can only access their own data
  • Token Management: All API tokens are encrypted and stored securely
  • Regular Audits: We conduct security assessments and vulnerability testing
  • Monitoring: 24/7 monitoring for suspicious activity

However, no method of transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

7. Data Retention

7.1 Active Accounts

We retain your data for as long as your account is active or as needed to provide our services.

7.2 Deleted Accounts

When you delete your account:

  • Personal information is deleted within 30 days
  • Campaign data may be retained for up to 90 days for legal compliance
  • Financial records are retained for 7 years as required by law
  • Anonymized usage data may be retained indefinitely for analytics

7.3 Inactive Accounts

Accounts inactive for more than 2 years may be automatically deleted after email notification.

8. Data Sharing and Disclosure

8.1 We Do NOT Sell Your Data

We do not sell, rent, or trade your personal information to third parties.

8.2 Service Providers

We share data with trusted service providers who help us operate our platform (Stripe, Supabase, Meta). These providers are contractually obligated to protect your data.

8.3 Legal Requirements

We may disclose your information if required by law, court order, or government request, or to:

  • Comply with legal obligations
  • Protect our rights and property
  • Prevent fraud or security threats
  • Protect the safety of our users

8.4 Business Transfers

If Consolync is acquired or merged with another company, your information may be transferred to the new owner.

9. Your Rights and Choices

9.1 Access and Correction

You have the right to:

  • Access your personal information
  • Update or correct inaccurate data
  • Download a copy of your data
  • Request a detailed report of data we hold about you

How to exercise: Email privacy@consolync.com or use your account settings.

9.2 Deletion

You have the right to request deletion of your personal information.

How to exercise:

Note: Some data may be retained for legal compliance as described in Section 7.

9.3 Opt-Out of Marketing

You can opt-out of promotional emails by:

  • Clicking "Unsubscribe" in any marketing email
  • Updating preferences in your account settings

You will still receive service-related emails (billing, campaign notifications, security alerts).

9.4 Revoke Meta Permissions

You can disconnect your Meta accounts at any time through:

  • Consolync account settings → Integrations, OR
  • Meta Business Settings → Partners

9.5 Do Not Track

Our platform does not currently respond to "Do Not Track" browser signals.

10. Regional Privacy Rights

10.1 European Economic Area (GDPR)

If you are located in the EEA, you have additional rights under GDPR:

  • Right to data portability
  • Right to object to processing
  • Right to restrict processing
  • Right to withdraw consent
  • Right to lodge a complaint with supervisory authorities

Legal Basis for Processing:

  • Contract performance (to provide our services)
  • Legitimate interests (platform improvement, security)
  • Consent (marketing communications, cookies)

10.2 California (CCPA/CPRA)

If you are a California resident, you have the right to:

  • Know what personal information we collect and how we use it
  • Request deletion of your personal information
  • Opt-out of sale of personal information (we do not sell data)
  • Non-discrimination for exercising your rights

To exercise your rights: Email privacy@consolync.com

10.3 Other Jurisdictions

We comply with applicable privacy laws in all jurisdictions where we operate.

11. Children's Privacy

Consolync is not intended for users under 18 years of age. We do not knowingly collect information from children under 18.

If we become aware that we have collected data from a child under 18, we will delete it immediately.

If you believe a child under 18 has provided us with information, please contact us at privacy@consolync.com.

12. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Maintain your login session
  • Remember your preferences
  • Analyze platform usage
  • Improve user experience

Types of Cookies We Use:

  • Essential Cookies: Required for platform functionality (cannot be disabled)
  • Analytics Cookies: Track usage patterns (can be disabled)
  • Preference Cookies: Remember your settings (can be disabled)

You can control cookies through your browser settings. Disabling cookies may limit platform functionality.

13. International Data Transfers

Your information may be transferred to and processed in countries other than your own. We ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) for EU data transfers
  • Compliance with applicable data protection laws
  • Encryption and security measures during transfer

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect:

  • Changes in our practices
  • Legal requirements
  • New features or services

How We Notify You:

  • Updated "Last Updated" date at the top of this policy
  • Email notification for material changes
  • In-app notification when you log in

Your continued use of Consolync after changes constitutes acceptance of the updated policy.

15. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or your data:

Email: privacy@consolync.com
Website: https://consolync.com
Mailing Address: [Your business address]

Response Time: We will respond to privacy requests within 30 days.

16. Data Protection Officer

For users in the European Economic Area:

DPO Contact: dpo@consolync.com

17. Supervisory Authority

If you are located in the EEA and believe we have not addressed your privacy concerns, you have the right to lodge a complaint with your local data protection authority.

By using Consolync, you acknowledge that you have read and understood this Privacy Policy.

Last Updated: February 14, 2026
Version: 1.0