Built so your ad data stays your ad data.
We handle marketing data for hundreds of businesses. Here's exactly how we protect it.
Encryption in transit and at rest
All traffic is encrypted with TLS 1.3. All data at rest is encrypted with AES-256.
OAuth tokens encrypted, never logged
Google and Microsoft OAuth tokens are stored encrypted in our database and never written to application logs.
Read-only API scopes
We request read-only scopes on every connected ad platform. We cannot create, modify, pause, or delete anything in your ad accounts.
Row-level security
Every database query is scoped to your workspace through Supabase row-level security policies. One customer's data is never reachable from another customer's session.
No card data on our servers
All payments are processed by Stripe (PCI DSS Level 1 certified). We never see or store credit card numbers.
Responsible disclosure
Found a vulnerability? Email admin@getpaidlens.com and we'll respond within 48 hours. We don't pursue legal action against good-faith researchers.