Skip to content

Privacy Policy

Version 3.1, April 14, 2026

1. Introduction

Welcome to Wevion. This Privacy Policy explains how Strion Inc. ("we", "us", or "our") collects, uses, and discloses your information when you use our ad management SaaS platform ("Service"). This policy should be read in conjunction with our Terms of Service, Cookie Policy, Data Processing Addendum, and Acceptable Use Policy. By using the Service, you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

We may collect several different types of information for various purposes to provide and improve our Service to you. The types of information we collect include:

  • Personal and Account Information: When you register for an account, we collect information that can be used to identify you, such as your name, email address, company name, and payment information. This is provided by you directly or through our authentication provider, Logto.
  • Service Data: We collect information you provide when you use the Service, including campaign data, advertising content, and performance metrics that you connect to our platform.
  • Usage and Technical Data: We automatically collect information about how you access and use the Service. This includes your IP address, browser type, device information, operating system, and information about your activity on the Service, such as features you use and pages you visit.

3. Lawful Basis for Processing

We process your personal data based on one or more of the following lawful bases: your consent, the necessity to perform a contract with you, compliance with a legal obligation, or our legitimate interests, such as improving and securing our Service.

4. How We Use Your Information

We use the information we collect for various purposes, including to:

  • Provide, operate, and maintain our Service;
  • Improve, personalize, and expand our Service;
  • Understand and analyze how you use our Service;
  • Develop new products, services, features, and functionality;
  • Communicate with you, either directly or through one of our partners, including for customer service, to provide you with updates and other information relating to the Service, and for marketing and promotional purposes;
  • Process your transactions;
  • Find and prevent fraud.

5. Data from Third-Party APIs

To provide our Service, we use APIs from third-party platforms such as Meta (Facebook), Google, and TikTok. When you connect your accounts from these platforms to Wevion, you authorize us to collect and process data made available through their APIs, in accordance with their respective terms and privacy policies. This data may include ad campaign performance, audience information, and creative assets. Our use of this data is strictly limited to providing and improving the Wevion Service.

6. Third-Party Platform API Data (Google, Meta, TikTok)

When you connect your advertising accounts to Wevion, our Service accesses data from third-party advertising platforms through their official APIs, including Google Ads API, Meta Marketing API, and TikTok Marketing API. This section describes in detail how we handle data obtained through these APIs.

6.1 Data We Access

Through the Google Ads API, Meta Marketing API, and TikTok Marketing API, we access and process the following categories of data on your behalf:

  • Account information: ad account IDs, names, currency, timezone, and status.
  • Campaign structure: campaigns, ad groups/ad sets, and ads, including their names, status, budgets, schedules, and targeting settings.
  • Performance metrics: impressions, clicks, spend, conversions, CTR, CPC, CPM, ROAS, and other aggregated advertising metrics.
  • Creative assets: ad creative content such as images, videos, headlines, descriptions, and call-to-action elements.
  • Conversion data: conversion actions, conversion values, and attribution data.
  • User profile basics: email address, name, and profile picture associated with the connected account (via OAuth userinfo endpoints).

We do not access personal data of individual end users who viewed or interacted with your ads. We only process aggregated campaign performance data and metadata.

6.2 How We Use This Data

Data obtained through these APIs is used exclusively to provide the features of the Wevion Service, specifically:

  • Displaying your advertising performance in the Wevion dashboard.
  • Enabling campaign management features (creating, editing, pausing campaigns and creatives).
  • Running automated rules you configure.
  • Generating reports, insights, and recommendations.
  • Synchronizing changes between Wevion and the advertising platforms.

We do not use this data to:

  • Serve advertisements of our own.
  • Train AI/ML models that are not directly tied to features you use.
  • Sell, rent, or transfer it to third parties for advertising or data brokerage purposes.
  • Determine creditworthiness or for any lending purposes.
  • Any purpose unrelated to the explicit functionality of the Wevion Service.

6.3 Google API Services User Data Policy — Limited Use

Wevion's use and transfer of information received from Google APIs adhere to the Google API Services User Data Policy, including the Limited Use requirements. You can read Google's policy at https://developers.google.com/terms/api-services-user-data-policy. Specifically:

  • We only use Google user data to provide or improve user-facing features that are prominent in the Wevion application.
  • We do not transfer Google user data except as necessary to provide or improve these features, to comply with applicable law, or as part of a merger, acquisition, or sale of assets with user notification.
  • We do not use Google user data for serving advertisements.
  • We do not allow humans to read Google user data unless we have the user's affirmative agreement for specific messages, it is necessary for security purposes (such as investigating abuse), to comply with applicable law, or for our internal operations when the data has been aggregated and anonymized.

6.4 Data Storage and Retention

  • Storage location: Data retrieved from third-party ad platform APIs is stored on Amazon Web Services servers located in the EU (Ireland) region.
  • Encryption: Data is encrypted in transit using TLS 1.2 or higher and encrypted at rest using AES-256.
  • Access tokens: OAuth access tokens and refresh tokens are stored encrypted and are used only to make authorized API calls on your behalf.
  • Retention: We retain advertising data for as long as your Wevion account is active and you maintain the connection to the respective platform. Historical data is retained for up to 37 months to enable year-over-year reporting. When you disconnect a platform or delete your Wevion account, we delete the associated access tokens immediately and the associated advertising data within 30 days, unless we are required by law to retain it.

6.5 Your Control and Data Deletion

You can at any time:

  • Disconnect a platform: Go to Settings → Integrations and disconnect Google, Meta, or TikTok. This immediately revokes Wevion's access tokens and stops any further data collection from that platform.
  • Revoke access directly: You can also revoke Wevion's access at any time directly from your Google Account permissions page (https://myaccount.google.com/permissions), your Meta Business Settings, or your TikTok Ads Manager.
  • Request data deletion: You can request full deletion of your Wevion account and all associated data (including data retrieved from third-party APIs) by emailing info@wevion.ai. We will process deletion requests within 30 days.

6.6 Data Sharing

We do not share data retrieved from Google Ads API, Meta Marketing API, or TikTok Marketing API with any third party, except:

  • With sub-processors strictly necessary to provide the Service (AWS for hosting and infrastructure providers), under data processing agreements.
  • When required by law, court order, or valid legal process.
  • With your explicit consent.

We never sell, rent, or monetize your advertising data.

7. AI Processing & Machine Learning

Our Service utilizes artificial intelligence and machine learning features, including technology from providers like Anthropic, to analyze data and provide recommendations. By using these features, you acknowledge that the processing is automated. While we strive for accuracy, AI-generated outputs may occasionally be inaccurate or incomplete, and you should independently verify any information upon which you rely.

8. Data Storage & Security

We implement reasonable and appropriate technical and organizational measures to protect the security of your personal information. We store your data on secure servers provided by Amazon Web Services in the EU (Ireland) region. However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure, and we cannot guarantee its absolute security.

9. Data Retention

We will retain your personal information only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your information to the extent necessary to provide our Service, comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

10. Sub-Processors & Third-Party Services

We use various third-party service providers, or sub-processors, to help us provide our Service. These include providers for hosting, billing, authentication, and analytics. We maintain a current list of our sub-processors on our website. You can view the list at /sub-processors.

11. International Data Transfers

Your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. For transfers of personal data from the European Economic Area (EEA), the UK, and Switzerland, we rely on the Standard Contractual Clauses (SCCs) and other appropriate legal mechanisms to ensure your data is protected.

12. Cookies & Analytics

We use cookies and similar tracking technologies to track the activity on our Service and hold certain information. For more detailed information about the cookies we use, please see our Cookie Policy.

13. Your Rights (GDPR)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights, subject to applicable law. We aim to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data. Your rights include:

  • The right to access, update or delete the information we have on you.
  • The right of rectification.
  • The right to object.
  • The right of restriction.
  • The right to data portability.
  • The right to withdraw consent.

14. California Privacy Rights (CCPA/CPRA)

Under the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), California residents have specific rights regarding their personal information. We do not sell your personal information. You have the right to request information about our collection, use, and disclosure of your personal information over the prior 12 months, and the right to ask that we delete your personal information.

15. Automated Decision-Making

Our Service may use automated decision-making, including profiling, to provide and optimize our features. For example, our AI may analyze campaign data to provide performance recommendations. We take steps to safeguard your rights and ensure that such processing is fair and transparent.

16. Children's Privacy

Our Service is not intended for use by anyone under the age of 18 ("Children"). We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your Child has provided us with Personal Data, please contact us. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

17. Data Protection Contact

For any questions or concerns regarding your data protection, you may contact our privacy team at info@wevion.ai.

18. Changes to This Policy

We may update our Privacy Policy from time to time. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "effective date" at the top. For non-material changes, we reserve the right to make updates without direct notification. You are advised to review this Privacy Policy periodically for any changes.

19. Contact Us

If you have any questions about this Privacy Policy, please contact us at:

Strion Inc.

490 Post St, Ste 500, San Francisco, CA 94102, USA

Email: info@wevion.ai