Privacy Policy for Adova
Last updated: May 20, 2026
This Privacy Policy explains how Adova (operated by MEDIA1 LLC) collects, uses, stores, and shares data when you use the Adova platform, including our web app, API endpoints, and connected integrations.
1. Scope
This policy applies to:
Adova web application and authenticated workspace features
Adova API endpoints (including tracking and lead ingestion endpoints)
Connected integrations (Meta/Facebook, Telegram)
2. Data We Collect
2.1 Account and identity data
Name
Email address
Password hash
Role and workspace relationship (team owner, team member)
Profile/avatar images (if uploaded)
Timezone and currency preferences
2.2 Session and security data
Session token (in
session_tokenHTTP-only cookie)Session metadata (user agent, IP address, session timestamps, revocations)
Login/logout and session revocation events
2.3 Workspace and operational data
Team, team owner, and team member management data
Domains, offers, affiliate network settings, status mappings
Notifications and in-app preferences
Uploaded media and documents used for ad operations
2.4 Advertising and attribution data
When you use Adova tracking and lead workflows, data may include:
Click data: click ID, campaign/adset/ad IDs, pixel ID, URL/referrer, IP, user agent, geolocation fields, language,
fbclid,fbp,fbc, UTM parameters, timestampsLead data: name, phone, email, city, address, status, notes, payout/currency, geo, tracking IDs, IP, user agent, click linkage
2.5 Meta/Facebook integration data
When you connect Meta/Facebook accounts, Adova processes:
Facebook profile/account IDs and names
Access tokens (stored encrypted at REST)
Billing details, current spend, and payment thresholds
Business Manager structures and roles
Ad account, campaign, ad set, ad, pixel, page, and business metadata
Page IDs, names, and profile pictures
Public post content and engagement metrics (likes, shares)
Page comment data used for moderation workflows
2.6 Telegram integration data
Telegram account ID, username, linked status
Telegram group chat ID/title (if group is connected)
Short-lived verification codes and rate-limit counters
2.7 Billing, subscription, and payment data
License and pricing selections
Payment/order identifiers and payment state
Customer metadata required by payment providers (for example IP address, referrer domain, customer email where applicable)
Card account and transaction metadata for card features
Card details for authorized users (for example last4, and where requested, sensitive fields such as PAN/CVV)
2.8 Technical and diagnostics data
Error and performance telemetry (including Sentry, where configured)
Application logs for operations, debugging, abuse prevention, and security monitoring
3. How We Use Data
We use data to:
Create and manage user accounts and workspace access
Authenticate users and secure sessions
Operate campaign management, tracking, and lead workflows
Sync and manage connected Meta/Facebook assets
Provide Telegram notifications and verification
Process licensing, subscriptions, and payment status
Deliver card and transaction features
Detect abuse, troubleshoot incidents, and improve reliability
Comply with legal and contractual obligations
We do not sell personal data.
4. Integrations and Third-Party Processing
Depending on features you enable, Adova uses third-party services that may process relevant data:
Meta/Facebook APIs (ads/page/comment/pixel workflows)
Telegram Bot API
GatewayCrypto (subscription/license payments)
Cloudflare (storage/security)
Pusher (real-time notifications)
Sentry (error/performance monitoring, where configured)
ExchangeRate-API (currency conversion rates)
These providers process data according to their own terms and privacy policies.
5. Cookies and Similar Technologies
Adova uses a secure session cookie (session_token) for authentication and account access control. This cookie is HTTP-only and is not intended for third-party advertising tracking.
6. Security Measures
We apply reasonable technical and organizational safeguards, including:
HTTPS in transit
Encrypted storage of sensitive third-party tokens (for example Meta access tokens)
Password hashing
Role-based access controls
Session revocation mechanisms
7. Data Retention
Retention depends on data type and business/security needs. Examples from current implementation include:
Session cookies: up to about 24 hours unless revoked earlier
Click and ad-copy history data: typically up to 30 days in specific flows
Short-lived verification/rate-limit keys: usually seconds to minutes
Notification lists
Account, license, payment, and operational records: retained while account is active and as required for legal, security, and accounting purposes
Some records may persist in backups/logs for a limited period.
8. Data Sharing Inside Your Workspace
Data is visible to authorized users according to role and permissions (team owners, team members, and explicitly shared assets).
9. International Data Transfers
Adova and its subprocessors may process data in different countries. By using Adova, you understand that data may be transferred and processed outside your local jurisdiction, subject to applicable safeguards and provider controls.
10. Your Controls and Rights
You can:
Update account/profile data in app settings
Disconnect Meta/Facebook integrations in-app and via Facebook App Integrations
Unlink Telegram in app or via bot commands
Request account/data deletion by contacting support
Depending on your location, you may have rights to access, correct, delete, or object to certain processing.
11. Data Deletion Requests
For account-level deletion requests, contact: support@adova.io
We will process deletion requests within a reasonable timeframe, subject to legal, fraud-prevention, security, and accounting retention requirements.
12. Children's Privacy
Adova is intended for business users and is not directed to children under 18. We do not knowingly collect personal information from children.
13. Policy Updates
We may update this Privacy Policy to reflect product, legal, or operational changes. Updated versions will be published with a new "Last updated" date.
14. Contact
Privacy and data requests: support@adova.io





