PRIVACY POLICY

Last Updated: April 30, 2026

1. Introduction

AdDogs, operated by Supermega Design LLC, a company registered in Ukraine (Registration No. 45836864) ("Company," "we," "us," or "our") respects your privacy and is committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our AI-powered advertisement generation platform available at addogs.ai (the "Service").

Please read this Privacy Policy carefully. By using our Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

2.1 Information You Provide

  • Account Information: Name, email address, and profile picture when you sign up via Google OAuth
  • Marketing Consent Records: Where you opt in to marketing communications, we record the timestamp, IP address, the version of consent text shown, and the source of the consent action (signup checkbox, in-app banner, preference center, or import). See Section 4.
  • Payment Information: Billing details processed through our payment provider, Creem (we do not store full payment card details)
  • User Content: Product images, reference advertisements, logos, and brand assets you upload to the Service
  • Communications: Information you provide when contacting our support team

2.2 Information Collected Automatically

  • Usage Data: Pages visited, features used, time spent on the Service, and interaction patterns
  • Device Information: Browser type, operating system, device type, and screen resolution
  • Log Data: IP address, access times, and referring URLs
  • Cookies and Tracking: See Section 8 for details on our cookie usage

2.3 AI-Generated Content

We store the advertisements generated through our AI system to provide our Service, allow you to access your generation history, and improve our platform.

3. How We Use Your Information

We use your information for the following purposes:

  • Provide the Service: Process your inputs and generate AI-powered advertisements
  • Account Management: Create and manage your account, process subscriptions and payments
  • Transactional Communication: Send service updates, security alerts, billing receipts, generation completion notices, and support messages. These are required to operate the Service.
  • Marketing Communication (with consent): Send a welcome series, lifecycle messages, our weekly newsletter, and product news. See Section 4.
  • Improvement: Analyze usage patterns to enhance and optimize our Service
  • Security: Detect and prevent fraud, abuse, and security threats
  • Legal Compliance: Comply with applicable laws and regulations

4. Marketing Communications

4.1 What We Send

In addition to the transactional messages required to operate the Service, we may send marketing communications, including:

  • A welcome series when you create an account
  • Lifecycle messages about features, tips, and your usage
  • A weekly newsletter and blog digest with ad teardowns and product news
  • Occasional product launches and announcements

We send marketing email only with your explicit consent. Consent is collected via an unchecked checkbox at signup, an in-app banner, or our preference center.

4.2 Legal Basis

For users in the European Economic Area, United Kingdom, or Switzerland, we rely on your explicit consent under GDPR Art. 6(1)(a). For users in Canada, we rely on express consent under CASL given at signup or in your account preferences. For users in California, we do not sell or share your personal information for third-party marketing purposes.

4.3 How to Opt Out

You can withdraw your consent at any time:

  • One-click unsubscribe: Every marketing email contains a one-click unsubscribe link compliant with RFC 8058.
  • Preference Center: Manage which categories you receive at addogs.ai/preferences.
  • Email: Write to privacy@addogs.ai with the subject line "Unsubscribe."

We honor unsubscribe requests within five (5) business days and target immediate processing.

Withdrawal of marketing consent does not affect transactional messages required to operate your account, nor the lawfulness of marketing email sent before your withdrawal.

4.4 Sub-Processor

We use Resend to deliver all email on our behalf — both transactional (verification codes, billing receipts, generation notices) and marketing (welcome series, lifecycle messages, newsletter). Resend processes your email address, name, and engagement metadata (opens, clicks, bounces) on our behalf and only on our instructions, under a Data Processing Agreement. See resend.com/legal/dpa.

4.5 Marketing Data Retention

We retain your email address for marketing purposes until you unsubscribe or delete your account. After you opt out, we keep your email on a suppression list to prevent accidental future contact. Suppression list entries are not deleted — deleting them would create a risk of re-contact in the future.

4.6 Consent Audit

We maintain an immutable audit log of every marketing-consent action (grant, withdrawal, preference change), including timestamp, IP address, the consent text version shown, and the source of the action. This log is retained for as long as your account exists plus the period required to demonstrate compliance.

5. AI Training and Your Data

We do not use your personal inputs or generated outputs to train our AI models unless you explicitly opt in. Your uploaded images, brand assets, and generated advertisements remain private to your account.

We may use anonymized, aggregated usage data (stripped of all personally identifiable information) to improve our AI systems and Service functionality.

6. Data Sharing and Disclosure

We do not sell your personal information. We may share your data with:

  • Service Providers: Third parties who assist in operating our Service, including:
    • Creem (payment processing)
    • Google (authentication)
    • Amazon Web Services (cloud hosting and storage)
    • Vercel (website hosting)
    • Resend (transactional and marketing email delivery)
    • AI service providers (for image generation)
  • Legal Requirements: When required by law, court order, or government request
  • Business Transfers: In connection with a merger, acquisition, or sale of assets
  • Protection of Rights: To protect our rights, privacy, safety, or property

7. Data Retention

We retain your data for as long as your account is active or as needed to provide the Service. Specifically:

  • Account Data: Retained until account deletion, plus 30 days for backup recovery
  • Generated Content: Retained until account deletion or manual deletion by you
  • Usage Logs: Retained for 12 months for analytics and security purposes
  • Payment Records: Retained for 7 years for tax and legal compliance
  • Marketing Suppression List: Retained indefinitely (see Section 4.5)
  • Marketing Consent Audit Log: Retained while account is active plus the period required to demonstrate compliance (see Section 4.6)

Upon account deletion, we will delete or anonymize your personal data within 30 days, except where retention is required by law.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • Essential Cookies: Required for authentication, security, and basic functionality
  • Analytics Cookies: Help us understand how users interact with our Service (via Vercel Analytics)
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling essential cookies may affect Service functionality.

9. Data Security

We implement industry-standard security measures to protect your data:

  • Encryption of data in transit (TLS/SSL) and at rest
  • Secure authentication via OAuth 2.0
  • Regular security assessments and monitoring
  • Access controls and employee training
  • Secure cloud infrastructure (AWS, Vercel)

While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

10. Your Rights (GDPR - European Users)

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, you have the following rights under GDPR:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your personal data
  • Restriction: Request limitation of processing
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests
  • Withdraw Consent: Withdraw consent at any time where processing is based on consent (including marketing consent — see Section 4.3)

Legal Basis for Processing: We process your data based on: (a) contract performance (to provide the Service), (b) legitimate interests (to improve and secure the Service), and (c) consent (for marketing communications and other optional features).

To exercise these rights, contact us at hey@addogs.ai. You also have the right to lodge a complaint with your local data protection authority.

11. Your Rights (CCPA - California Residents)

If you are a California resident, you have the following rights under the California Consumer Privacy Act (CCPA/CPRA):

  • Right to Know: Request information about the categories and specific pieces of personal information we collect
  • Right to Delete: Request deletion of your personal information
  • Right to Correct: Request correction of inaccurate personal information
  • Right to Opt-Out: Opt out of the "sale" or "sharing" of personal information (we do not sell your data)
  • Right to Non-Discrimination: We will not discriminate against you for exercising your rights

Categories of Information Collected: Identifiers (name, email), commercial information (subscription history), internet activity (usage data), and user-generated content.

To exercise your rights, email us at hey@addogs.ai with the subject "CCPA Request."

12. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence, including the United States. These countries may have different data protection laws.

For transfers from the EEA/UK, we rely on Standard Contractual Clauses approved by the European Commission and other lawful transfer mechanisms (including the EU-US Data Privacy Framework where applicable) to ensure adequate protection of your data.

13. Children's Privacy

Our Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you believe we have collected data from a child, please contact us immediately at hey@addogs.ai, and we will delete the information.

14. Third-Party Links

Our Service may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

15. Updates to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by:

  • Updating the "Last Updated" date at the top of this policy
  • Sending an email notification for significant changes
  • Displaying a notice within the Service

Your continued use of the Service after any changes constitutes acceptance of the updated policy.

16. Contact Us

If you have questions about this Privacy Policy or wish to exercise your data rights, please contact us:

Company: Supermega Design LLC
Registration No: 45836864 (Ukraine)
Address: Sichovykh Striltsiv St, 23A, Kyiv, 04053, Ukraine
Email: hey@addogs.ai
Privacy Email: privacy@addogs.ai
Website: addogs.ai

We will respond to your request within 30 days (or sooner if required by applicable law).