Data & security

What data we hold

Neurad works with the campaign structure and performance data of our own Google Ads accounts: campaigns, ad groups, keywords, ads, budgets, and the usual performance metrics (impressions, clicks, cost, conversions). We do not hold personal data about consumers, and we do not collect data from anyone outside our own accounts.

Credentials

OAuth 2.0 refresh credentials and our developer token are stored as secrets in our infrastructure — never in source control, never on a public page.
The adwords scope is the only Google scope we request.
Credentials are scoped to our own manager account and rotated when an operator leaves the desk.

Access control

Only the handful of employees who operate the desk can sign in.
Write actions require a second person's approval (see Operations).
A plain change log records who changed what, and when, on which account.

Where it runs

The desk runs on infrastructure we control, over HTTPS. Reporting reads are cached briefly to stay within our API operation budget; we keep only what the team needs to make the next decision.

Retention

Performance snapshots are kept for trend analysis and pruned on a rolling basis. Drafts that are never published expire from the queue. We retain no data for any party other than ourselves.

Neurad is not a product offered to third parties; there are no external user accounts, no customer data, and no data sharing. The only data in the system is our own advertising data.

Few people, fewer secrets, narrow access.

What data we hold

Credentials

Access control

Where it runs

Retention