Privacy Policy

Last updated: February 2026

1. Introduction

Luxia ("we", "our", or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Meta Ads intelligence platform.

By using Luxia, you agree to the collection and use of information in accordance with this policy. If you do not agree, please do not use our services.

2. What Data We Collect

2.1 Account Information

When you create an account or use Luxia, we collect:

  • Basic Profile: Name, email address, and profile information from your Meta account
  • Authentication Data: OAuth tokens and refresh tokens (we never store passwords)
  • Communication: Support requests and feedback you provide

2.2 Meta Platform Data

When you connect your Meta account to Luxia via OAuth, we access and process:

  • Meta Account Identifiers: User ID, Business ID, and associated account information
  • Ad Account IDs: Identifiers for ad accounts you grant access to
  • Page IDs: Facebook Page identifiers linked to your ad accounts
  • Catalog IDs: Product catalog identifiers (if catalog_management permission is granted)
  • Ad Insights Metrics: Campaign performance data including spend, impressions, clicks, conversions, ROAS, and other advertising metrics
  • Campaign Structure: Campaign names, ad set configurations, and ad creative metadata
  • Audience Insights: Demographic and device performance breakdowns (when available)

2.3 Usage Data

We automatically collect certain information about your use of Luxia:

  • Device Information: Device type, operating system, browser type and version
  • Usage Patterns: Pages visited, features used, time spent, and interaction patterns
  • Technical Data: IP address, session data, and error logs for security and troubleshooting

3. Why We Collect This Data

We collect and process your data for the following purposes:

3.1 Core Service Delivery

  • Analyze your Meta Ads campaign performance and generate diagnostic reports
  • Identify optimization opportunities and performance issues
  • Provide actionable recommendations based on your advertising data
  • Create dashboards and visualizations of your ad performance
  • Detect trends and anomalies in your campaign data

3.2 Optional Ad Management Features

If you grant ads_management or catalog_management permissions, we may:

  • Execute changes to campaigns, ad sets, or ads based on your explicit actions
  • Manage product catalogs or create product sets based on your instructions
  • Automate routine optimization tasks you configure

3.3 Service Improvement

  • Understand how users interact with Luxia to improve usability
  • Identify and fix technical issues and bugs
  • Develop new features and enhance existing functionality
  • Optimize platform performance and reliability

3.4 Communication and Support

  • Respond to your support requests and questions
  • Send service-related notifications and updates
  • Notify you about changes to our policies or services
  • Provide product updates and educational content (with your consent)

4. How We Use Your Data

Your data is used exclusively to deliver Luxia's core services:

  • Performance Analytics: We analyze your ad metrics to generate insights, diagnostics, and recommendations
  • Report Generation: We create reports and dashboards displaying your campaign performance
  • Trend Detection: We identify patterns and anomalies in your advertising data
  • Optimization Recommendations: We provide actionable suggestions based on proven business rules

We do not use your data for advertising purposes, and we do not share your advertising data with third parties for their marketing purposes.

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

Luxia does not sell, rent, or trade your personal information or advertising data to third parties.

5.2 Service Processors

We may share limited data with trusted service providers who assist in delivering our services:

  • Cloud Infrastructure: Hosting providers for secure data storage and processing
  • Authentication Services: OAuth providers (Meta) for secure login
  • Analytics Tools: Aggregated usage analytics to improve our platform

All processors are contractually bound to protect your data and use it only for the purposes we specify.

5.3 Legal Requirements

We may disclose your information when required by law, such as:

  • Compliance with legal obligations, court orders, or government requests
  • Protection of our rights, property, or safety, or that of our users
  • Investigation of fraud, security issues, or violations of our terms

6. Data Retention

We retain your data for the following periods:

  • Account Data: Retained until you delete your account or request data deletion
  • Ad Performance Data: Retained for up to 24 months for historical analysis and reporting
  • OAuth Tokens: Retained until you disconnect your Meta account or revoke access
  • Backup Data: Retained for up to 90 days for disaster recovery purposes

After account deletion, all associated data is permanently removed within 30 days. For detailed deletion instructions, see our Data Deletion page.

7. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS/SSL protocols
  • Encryption at Rest: Data stored in our databases is encrypted using industry-standard encryption
  • Secure Token Storage: OAuth tokens are encrypted and stored securely, never in plain text
  • Access Controls: Access to your data is restricted to authorized personnel only
  • Regular Audits: We conduct regular security audits and vulnerability assessments

While we strive to protect your data, no method of transmission or storage is 100% secure. We cannot guarantee absolute security.

8. Your Rights and Choices

8.1 Access and Portability

You have the right to:

  • Access your personal data stored in our systems
  • Request a copy of your data in a portable format
  • Receive information about how your data is used

8.2 Data Deletion

You have the right to:

  • Request deletion of your account and associated data
  • Revoke OAuth access and have all tokens removed
  • Receive confirmation of deletion

To exercise these rights, visit our Data Deletion page or contact us at [email protected].

8.3 Disconnect Your Account

You can disconnect your Meta account at any time through your Luxia account settings. This will revoke all OAuth permissions and stop data collection immediately.

9. Compliance with Meta Platform Policies

Luxia complies with Meta's Platform Terms and Developer Policies:

  • We request only the permissions necessary to deliver our services
  • We do not use your data for advertising or marketing purposes
  • We do not share your data with third parties for their marketing purposes
  • We respect your privacy choices and provide clear data deletion options
  • We maintain secure storage and handling of all OAuth tokens and user data

10. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by:

  • Posting the updated policy on this page with a new "Last Updated" date
  • Sending you an email notification (if you have an active account)
  • Displaying a prominent notice within the Luxia platform

Your continued use of Luxia after any changes indicates your acceptance of the updated policy.

11. Contact Us

If you have questions about this Privacy Policy or how we handle your data, please contact us:

For data deletion requests, please visit our Data Deletion Instructions page.