← Back to home

Your GDPR Rights

Last updated: March 19, 2026

Under the General Data Protection Regulation (GDPR), you have specific rights regarding your personal data. AdsDetective is committed to respecting and facilitating these rights.

Your Rights

Right of Access (Art. 15)

Request a copy of all personal data we hold about you, including uploaded ad images, analysis results, and account information.

Right to Rectification (Art. 16)

Request correction of any inaccurate or incomplete personal data we hold about you.

Right to Erasure (Art. 17)

Request deletion of your personal data. This includes your account, uploaded images, analysis history, and all associated data.

Right to Restriction (Art. 18)

Request that we restrict the processing of your personal data in certain circumstances.

Right to Data Portability (Art. 20)

Receive your personal data in a structured, commonly used, machine-readable format (JSON).

Right to Object (Art. 21)

Object to the processing of your personal data for certain purposes, including processing based on legitimate interest.

Right to Withdraw Consent (Art. 7)

Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.

How to Exercise Your Rights

To exercise any of these rights, contact us:

Please include your account email address and specify which right you wish to exercise. We will respond within 30 days as required by GDPR.

Data We Process

  • Account data: Email, name, profile picture (from auth provider)
  • Ad creatives: Screenshots you upload for analysis
  • Analysis results: AI-generated scores, reports, rewrite suggestions
  • Usage data: Number of analyses, feature usage, timestamps
  • Technical data: IP address, browser type, device information
  • Billing data: Subscription status, payment history (via Creem)

Data Retention

  • Uploaded images: Retained while your account is active, deleted within 90 days of account deletion
  • Analysis results: Retained while your account is active + 30 days after deletion
  • Account data: Retained while active + 30 days after deletion request
  • Billing records: 5 years (Polish tax law requirement)

Backup retention: For disaster recovery purposes, your data may persist in encrypted database backups for up to 90 days after deletion from the live system. Backups are stored securely in Cloudflare R2 (EU jurisdiction) and are only accessed in the event of a system failure (GDPR Art. 17(3)(e)).

Automated Decision-Making

Our AI analysis is automated processing that generates scores and recommendations. This processing is not used for decisions with legal or significant effects on you — it provides informational analysis of ad creatives only. All AI outputs are clearly labeled as AI-generated.

Supervisory Authority

If you believe your data protection rights have been violated, you have the right to lodge a complaint with your local supervisory authority. Our lead authority is:

Urząd Ochrony Danych Osobowych (UODO)
ul. Stawki 2, 00-193 Warszawa, Poland
uodo.gov.pl

Contact

Data Controller: Adam Perliński
NIP: PL9552557691
Email: [email protected]

See also: Privacy Policy | Terms of Service