Privacy Policy
Effective: May 21, 2026 · Last updated: May 21, 2026
This policy describes how Pasify Brands LLP processes personal data when you use Supertrack. It is designed to meet Meta app review requirements, the DPDP Act 2023 (India), and common international privacy frameworks.
Changelog: initial publication May 21, 2026; see the date above for the latest revision.
Pasify Brands LLP ("we", "us") operates Supertrack, a Meta ads analytics service for Indian advertisers and agencies. Registered address: Mumbai, Maharashtra, India.
Grievance Officer (DPDP Act 2023): Aaditya Dokania, reachable at privacy@trysupertrack.com. We will acknowledge grievances within 7 days and aim to resolve them within 30 days.
Supertrack is not affiliated with, endorsed by, or sponsored by Meta Platforms, Inc. or Facebook.
All user data, including Meta ad creatives (images and videos) and performance metrics, is stored in Supabase's ap-south-1 (Mumbai) region unless otherwise stated in this policy.
For ad creative content, you (the advertiser) remain the owner. Pasify Brands LLP acts as a Data Fiduciary for account data you provide directly and as a Data Processor for Meta-sourced advertising data processed on your instructions under the DPDP Act 2023 and, where applicable, as a Processor under GDPR.
Lawful bases: performance of our contract with you; your explicit consent at Meta OAuth connection time; and compliance with legal obligations.
We also store your account email and profile name from Supabase Auth for identification, workspace invitations, and notifications. This is separate from Meta OAuth scopes.
Ad creative assets (images, thumbnails, and videos) and their performance metrics are downloaded from Meta and persisted in our Supabase database and Storage buckets in the India region. Retention: for the duration of your active subscription and up to 90 days after cancellation or Meta disconnect, unless you request earlier deletion via /data-deletion.
| Permission | Data collected | Why we use it | Retention | Who can access |
|---|---|---|---|---|
| ads_read | Ad account IDs, campaigns, ad sets, ads, spend, impressions, clicks, conversions, ROAS-related metrics, and creative metadata references. | Power performance dashboards, reports, alerts, and historical trend analysis. | Active subscription plus 90 days after cancellation or disconnect, unless deleted earlier. | Workspace members with access to the connected ad account; Pasify Brands LLP operations staff with audited admin access only when required for support. |
| business_management | Business Portfolio IDs, owned ad accounts, and asset connection metadata needed during onboarding. | Let you select and connect the correct Business Portfolio and ad accounts during setup. | While the Meta connection is active, plus 90 days after disconnect unless deleted earlier. | Workspace owners/admins during onboarding; stored connection records visible to authorized workspace members. |
| pages_show_list | Facebook Page IDs, names, and association with connected ad accounts where applicable. | Display which Pages are linked to your ads and support Page-level context in reporting. | While connected, plus 90 days after disconnect unless deleted earlier. | Authorized workspace members with access to the workspace. |
- Supabase — application database, authentication, and file storage (ap-south-1 (Mumbai)).
- Meta Platforms — source of advertising and Page data via the Marketing API; Meta may process data globally under its own terms.
- Resend — transactional email (invitations, alerts) when enabled for your workspace.
- Dodo Payments — subscription billing and invoices when billing is enabled (payment card and billing details are handled by Dodo Payments under their privacy policy; we do not use Stripe).
- We do not sell personal data. We do not use Google Analytics or PostHog on the marketing site at this time; if that changes, we will update our Cookie Policy.
- Encryption in transit: TLS 1.2+ for all client and API traffic.
- Encryption at rest: Supabase-managed AES-256 for database and storage.
- Access controls: workspace-scoped Row Level Security (RLS) in Supabase; role-based access in the application.
- Meta access tokens stored encrypted; disconnecting Meta revokes future API access from our app.
- Internal access limited to personnel with a need-to-know basis for support and security.
Primary storage and processing of your Supertrack workspace data occurs in India (Supabase ap-south-1).
Meta, Resend, and Dodo Payments (when you subscribe) may process data outside India under their respective terms. Where required, we rely on contractual safeguards and your consent at connection or checkout time.
We use strictly necessary cookies for Supabase authentication sessions on app.trysupertrack.com. See our Cookie Policy at /cookies for details.
Submit requests via https://app.trysupertrack.com/settings (Account → Delete my data) or our Data Deletion page. We respond within 30 days.
- Access and obtain a copy of your personal data.
- Correct inaccurate data.
- Erase data (subject to legal retention exceptions).
- Data portability where technically feasible.
- Withdraw consent for Meta connection (disconnect in app or remove the app in Facebook Settings).
- Nominate another individual to exercise rights on your behalf (DPDP Act 2023).
- CCPA/CPRA rights for California residents where applicable (know, delete, opt-out of sale — we do not sell data).
Supertrack is not intended for anyone under 18. We do not knowingly collect data from minors. If you believe a minor has provided data, contact privacy@trysupertrack.com and we will delete it.
If a personal data breach is likely to affect your rights, we will notify affected users and, where required under the DPDP Act 2023, the Data Protection Board of India, without undue delay and in line with applicable law.
We may update this policy. Material changes will be reflected by updating the "Last updated" date above. Continued use after changes constitutes acceptance where permitted by law.
Privacy & data requests: privacy@trysupertrack.com
General contact: hello@trysupertrack.com
Address: Mumbai, Maharashtra, India