KLAYR AI

Privacy Policy

Last updated: May 22, 2026

KlayrAI provides read-only Meta Ads diagnostics, insights, and manual recommendations. This policy explains how we collect, use, store, and protect account, Meta Ads, billing, and product usage data.

Data Controller

KlayrAI is operated as Klayr AI, status: Projet individuel. Contact: [email protected].

1. Data We Collect

  • Account information such as name, email address, authentication provider, and workspace membership.
  • Google profile information when you choose Google Sign-In.
  • Read-only Meta Ads data such as ad account metadata, campaigns, spend, impressions, clicks, conversions, purchase value, ROAS, CPA, CTR, CPC, CPM, sync timestamps, and country breakdowns when available.
  • Onboarding profile answers such as industry, offer, conversion goal, spend range, KPI, geography, tracking setup, creative cadence, and risk timeline.
  • Billing data handled by Stripe, including customer, subscription, price, invoice, and payment status identifiers.
  • Product usage data such as diagnostics, recommendations, action plans, reports, settings, device/browser metadata, and security logs.

2. How We Use Data

  • Authenticate users and maintain workspace access.
  • Sync and display Meta Ads performance metrics.
  • Generate Klayr Agent diagnostics, evidence summaries, and manual action plans.
  • Operate Stripe billing, plan limits, invoices, and subscription access.
  • Improve reliability, security, support, and product quality.

3. Read-Only Meta Access

KlayrAI requests read-only Meta permissions needed to inspect ad account data. KlayrAI does not create, edit, pause, publish, or delete campaigns, budgets, audiences, ads, pixels, or assets through Meta APIs.

4. AI and Diagnostics

Klayr Agent receives only the business context and Meta Ads evidence needed for diagnostics. Encrypted tokens, platform secrets, and raw credentials are never sent to the model.

5. Sharing

We do not sell personal data. We use infrastructure and service providers such as Firebase, Supabase, Vercel, Stripe, PostHog, Resend, and AI model providers to operate the service under appropriate security controls.

6. Security and Retention

Tokens are encrypted at rest. Access is workspace-scoped. We retain data while your account or workspace is active, as needed for legal, security, billing, and audit obligations, or until deletion is requested and completed.

7. Your Rights

You can request access, correction, deletion, or export of your data by contacting [email protected].