Skip to main content
Certified Google Partner
Gradari
Legal

Privacy Policy

We believe you have the right to know exactly how your information is used. This policy explains everything plainly, without the legalese.

Last updated:

No data selling

We never sell your personal information to third parties.

Secure by default

All data is encrypted in transit and at rest.

Full transparency

You can request, correct, or delete your data at any time.

Information We Collect

Gradari collects information to provide and improve our services, communicate with you, and fulfil our obligations as your advertising partner. We collect information in three ways:

Information you provide directly

  • Contact and inquiry data name, business email, phone number, company name, and any message you submit through our contact forms or strategy call booking pages.
  • Client account data billing details, campaign goals, creative assets, and communications exchanged during the engagement.
  • CRM and ad platform credentials access tokens or read-level integrations you authorise us to connect as part of our managed service.

Information collected automatically

  • Usage data pages visited, time spent, referring URLs, and device/browser information collected via analytics tools.
  • IP address used to infer approximate location for analytics and fraud prevention. We do not store precise geolocation.
  • Cookies and tracking pixels see the Cookies & Tracking section below.

Information from third parties

  • Ad platform reports performance data from Google Ads, Meta Ads Manager, and LinkedIn Campaign Manager shared as part of campaign management.
  • CRM data lead and customer records you share with us to train conversion signals on your ad accounts.

How We Use Your Information

We use the information we collect to:

  • Respond to inquiries and schedule strategy calls.
  • Onboard you as a client and deliver paid advertising management services.
  • Connect CRM data to ad platforms for conversion optimisation only with your explicit authorisation.
  • Communicate account updates, reports, and strategic recommendations.
  • Send marketing emails about our services, industry insights, and case studies (you can unsubscribe at any time).
  • Improve our website, service offering, and internal processes.
  • Comply with legal obligations and prevent fraud or abuse of our systems.

We will never use your data for purposes materially different from those listed above without obtaining your prior consent.

Sharing Your Information

We do not sell your personal information. We share your information only in the following limited circumstances:

  • Service providers vendors who help us operate our business (email delivery, CRM, analytics, billing) and who are contractually bound to keep data confidential and use it only for agreed purposes.
  • Ad platforms Google, Meta, and LinkedIn receive data you authorise us to upload (e.g., customer lists for Custom Audiences) solely to run your campaigns.
  • Legal requirements if required by law, court order, or to protect the rights, property, or safety of Gradari, our clients, or the public.
  • Business transfers if Gradari is acquired or merges with another entity, your information may be transferred as part of that transaction, subject to equivalent privacy protections.

Cookies & Tracking

Gradari and our analytics partners use cookies and similar tracking technologies on our website. Here's what we use and why:

CategoryPurposeExamples
EssentialCore site functionality cannot be disabled.Session tokens, CSRF protection
AnalyticsUnderstand how visitors interact with our site.Google Analytics 4
MarketingMeasure ad effectiveness and retarget visitors.Google Ads tag, Meta Pixel, LinkedIn Insight Tag
PreferencesRemember user settings between visits.Language, cookie consent state

You can manage or withdraw cookie consent via the cookie preferences banner on our site, or by adjusting your browser settings. Note that disabling non-essential cookies may affect certain features.

Advertising Partners

As a paid advertising agency, we work directly within Google Ads, Meta Ads Manager, and LinkedIn Campaign Manager on behalf of clients. When managing your campaigns, we may upload hashed customer data to these platforms to build Custom Audiences or train conversion models. This data:

  • Is hashed (irreversibly scrambled) before upload, where the platform supports it.
  • Is used only for the specific campaign purpose you authorise.
  • Is governed by the platform's own Terms of Service and Data Processing Agreements, which we accept on your behalf during onboarding.

We encourage you to review the privacy policies of these platforms: Google, Meta, and LinkedIn each publish detailed policies governing how audience data is processed.

Data Retention

We keep your data only as long as necessary:

  • Enquiry data retained for 24 months from last contact, or until you ask us to delete it.
  • Client data retained for the duration of the engagement plus 36 months for compliance and audit purposes.
  • Analytics data aggregated, anonymised data is retained indefinitely; user-level data is retained for 14 months per Google Analytics defaults.
  • Billing records retained for 7 years as required by tax law.

When retention periods expire, data is securely deleted or anonymised so it can no longer be linked to you.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

  • Access request a copy of the personal data we hold about you.
  • Correction ask us to correct inaccurate or incomplete data.
  • Deletion request that we erase your personal data, subject to legal retention requirements.
  • Portability receive your data in a structured, machine-readable format.
  • Objection object to processing based on legitimate interests, including direct marketing.
  • Restriction ask us to pause processing while a dispute is resolved.
  • Withdraw consent where processing is based on consent, you may withdraw it at any time without affecting prior processing.

To exercise any of these rights, email us at privacy@gradari.com. We will respond within 30 days.

Security

We take the security of your data seriously. Our measures include:

  • TLS/SSL encryption for all data in transit.
  • Role-based access controls only team members who need your data to perform their job can access it.
  • Regular security reviews of our tooling and third-party service providers.
  • Two-factor authentication enforced across all internal accounts with access to client data.

No method of transmission over the internet is 100% secure. If you believe your data has been compromised, please contact us immediately at privacy@gradari.com.

Children's Privacy

Our services are directed exclusively at businesses and professionals. We do not knowingly collect personal information from anyone under 18 years of age. If you believe a minor has submitted information to us, please contact us and we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. When we do, we will update the "Last updated" date at the top of this page. Material changes will be communicated via email to active clients. Your continued use of our website or services after changes take effect constitutes acceptance of the updated policy.

Contact Us

If you have any questions about this Privacy Policy or how we handle your personal data, please get in touch:

Gradari Privacy Team

privacy@gradari.com

We respond to all privacy enquiries within one business day. For general questions, you can also use our contact form.

Ready to grow?

Questions about how we handle your data?

We're happy to walk you through our practices before you work with us. No pressure just clarity.

See the FrameworkEmail privacy team