This Privacy Policy explains how Solvand Teknoloji Hizmetleri AŞ (“Solvand”, “we”, “us”), based in İstanbul, Türkiye, collects, uses, shares, and protects information when you use Solvand — an AI marketing autopilot that generates marketing strategies and creates, launches, and manages advertising campaigns on third-party platforms (such as Google Ads and Meta Ads) on your behalf.
1. Information we collect
We collect the following categories of information:
Account information: your name, email address, profile image, and a hashed password (or, if you sign in with Facebook or Google, the basic profile information those providers share with us).
Business profile: the website URL, brand assets, product descriptions, and other materials you provide so we can generate strategies and ad creatives for your business.
Payment information:a FastSpring account identifier and subscription status. We do not see or store full card numbers — FastSpring, our Merchant of Record, handles payment processing directly.
Ad platform connections: OAuth access and refresh tokens, ad account IDs, page IDs, pixel IDs, and conversion event identifiers for the Google Ads and Meta (Facebook and Instagram) Ads accounts you explicitly connect to Solvand.
Campaign data: the campaigns, ad sets, creatives, and performance metrics that Solvand creates and reads from the platforms you connect.
Conversation data: messages you exchange with the Solvand assistant in the app or via integrations such as Slack and Telegram.
Technical data: standard request logs (IP address, user agent, timestamps, error traces) used to operate and secure the service.
2. How we use information
We use the information above to:
provide and operate the Solvand service;
generate marketing strategies and ad creatives, and create, launch, and optimize campaigns on the ad accounts you connect;
send conversion events back to Meta and Google so your campaigns can be measured and optimized;
prevent abuse, debug issues, and protect Solvand and its users; and
comply with legal obligations.
3. Meta (Facebook and Instagram) data
Because Solvand integrates with Meta, the following specific disclosures apply to data we receive from or send to Meta:
We use Facebook Login to authenticate users who choose that sign-in option. We request only the minimum profile information needed to create your account.
We use the Meta Marketing API to create and manage advertising campaigns on the ad accounts and Facebook Pages you explicitly connect. We do not act on ad accounts you have not connected.
We use the Meta Conversions API (CAPI) to send conversion events from your website or app to Meta so that your campaigns can be measured and optimized. You control which events are sent.
We do not sell data we obtain from Meta and we do not use it to build profiles, retarget you across the internet, or advertise to you outside of the campaigns you run through your own connected accounts.
We keep Meta access tokens only while your connection is active. If you remove Solvand at facebook.com/settings, or disconnect Meta inside Solvand, your tokens are revoked and Meta-derived data is deleted per our retention rules below.
4. How we share information
We share information only with service providers that help us run Solvand, and only to the extent they need it. These include:
cloud hosting, database, and email-delivery providers;
FastSpring, our Merchant of Record, for payment processing, subscription management, invoicing, and tax compliance;
Google and Meta, when we send instructions or read data on the ad accounts you have connected;
large language model providers (such as OpenAI and Anthropic), to generate strategies and creative content from the materials you provide; and
legal or regulatory authorities, where we are required to disclose information by law.
We do not sell personal data, and we do not share it with advertisers or data brokers for their own purposes.
5. Data retention
We keep your account data and the business and campaign data associated with it for as long as your account is active. When you delete your account or disconnect a platform, we delete the relevant data within 30 days from our production systems, with encrypted backups expiring within a further 60 days. A small set of records (such as invoices) may be retained longer where required by tax, accounting, or other law.
6. Your rights
Depending on where you live, you may have the right to access, correct, export, restrict, or delete the personal data we hold about you, and to withdraw consent for processing that relies on consent. Users in Türkiye have these rights under the Law on the Protection of Personal Data (KVKK, Law No. 6698); users in the EU/UK have equivalent rights under the GDPR. To exercise any of these rights, see our Data Deletion Instructions or email support@solvand.com.
7. International transfers
Solvand operates from Türkiye and relies on cloud providers that may process data in other countries, including in the European Union and the United States. Where we transfer personal data outside your country, we rely on appropriate safeguards (such as Standard Contractual Clauses) offered by those providers.
8. Security
We use industry-standard technical and organizational measures — including encryption in transit, access controls, and audit logging — to protect your data. No system is perfectly secure, so we cannot guarantee absolute security; if we ever learn of a breach affecting your data, we will notify you as required by law.
9. Children
Solvand is a business tool intended for adults. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us data, contact us and we will delete it.
10. Changes to this policy
We may update this Privacy Policy from time to time. When we do, we will post the new version on this page and update the “Effective date” above. If the change is material, we will also notify you by email.