1. Who we are
Northsignal is operated remotely as a cloud-only business under the name Northsignal. We do not maintain a public postal office. For any question about this policy, contact hr.yushishthira@gmail.com.
Northsignal is a multi-tenant tool for advertising agencies and in-house marketing teams (the "operator") to connect their clients' Meta Business Manager and analyze ad spend, campaign performance, and lead-form submissions. If you reached this page because an operator connected your business, the operator is the data controller and Northsignal is a processor acting on their instructions.
2. What this product does
Northsignal joins a Meta ad account with the operator's own database, turning weekly performance reports into a five-minute conversation. Practically, that means we call the Meta Graph API on the operator's behalf to read ad-account performance and to retrieve leads from Facebook Lead Forms that an end user has submitted.
3. Data we collect
- Google account email and profile — used only for sign-in. We do not request Gmail or any other Google scope beyond basic profile.
- Meta access token — either a Facebook Login user token or a long-lived System User token pasted from Business Manager. Encrypted at rest with AES-256-GCM, stored server-side only, and never exposed to the browser.
- Cached snapshot of your Meta Ad Accounts list and Facebook Pages list (id, name, status) captured at the moment of connection so the dashboard can render quickly.
- Per-Page access tokens — encrypted with the same AES-256-GCM key, used only to fetch Lead Form submissions for the Pages you have connected.
- Lead form submissions retrieved from Meta on demand to display in the dashboard. We do not export or share them with third parties.
- Audit log — connect and disconnect events tied to the operator user, used for support and security investigations.
- Optional analytics database connection string — if the operator chooses to connect their own analytics database, the connection string is encrypted at rest and we proxy read-only queries through it. We do not warehouse the data returned.
4. Data we do not collect
- Passwords. We never see your Meta or Google password — both connections go through OAuth.
- Payment information.
- Browsing history outside the product.
- Friend lists, post content, messages, or any other Meta data beyond the permissions you grant:
ads_read,leads_retrieval,pages_show_list,pages_read_engagement, andpages_manage_metadata.
5. Why we process this data
- To render the dashboard the operator logs in to see.
- To recover leads that Meta accepted but never made it into the operator's CRM.
- To run our diagnostic rules engine against ad-account performance.
- To investigate abuse, debug bugs, and answer support tickets.
6. Legal basis (GDPR / UK GDPR)
For operator account data (sign-in email, audit log) we rely on legitimate interest in providing and securing the service. For data accessed inside a connected client's Meta Business, we act as a processor on behalf of the operator, whose lawful basis with their own end users is a combination of contract (delivering marketing services) and consent (granted at the Meta OAuth step when permissions are approved).
7. Storage, encryption, and processors
All access tokens and connection strings are encrypted at rest with AES-256-GCM. The encryption key lives in a managed secret store and is never written to disk in plaintext. Tokens never leave the server — the browser only ever sees opaque connection IDs.
The product is served by the following sub-processors:
- Vercel — application hosting and edge delivery. Region:
bom1(Mumbai). - Supabase — Postgres database and Supabase Vault for at-rest encryption. Region:
ap-south-1(Mumbai). - Anthropic — Claude is the LLM that powers the in-product chat. Prompts and tool-call results are sent to Anthropic with zero-retention enabled where contractually available.
- Meta Platforms, Inc. — Graph API calls and the data-deletion callback are made directly to Meta.
8. How long we keep it
- Ad-insight cache — up to 60 days, after which it is recomputed on the next dashboard load.
- Access tokens (Meta, per-Page, analytics DB) — until the operator clicks Disconnect, until Meta posts a data-deletion webhook, or until the operator deletes their account. Whichever comes first.
- Audit log — 12 months, then automatically purged.
- Lead-form submissions — fetched on demand and not warehoused. Cached copies expire within 24 hours.
9. Your rights
If you are an end user whose data sits inside a Northsignal-connected Meta Business, you have the right to:
- Access the data we hold about you.
- Rectify it if it is wrong.
- Erase it — see the steps at /data-deletion.
- Receive it in a portable format.
- Object to processing.
- Lodge a complaint with your local supervisory authority.
To exercise any of these rights, email hr.yushishthira@gmail.com from the address on file. We will respond within 30 days.
10. Cookies
Northsignal sets one cookie: an httpOnly, Secure, SameSite=Lax JWT used to keep you signed in. We do not use analytics cookies, advertising cookies, or third-party tracking pixels.
11. Children
Northsignal is a business tool and is not directed at anyone under 16. We do not knowingly collect data from children.
12. Changes to this policy
If we make a material change, we will notify operators via an in-app banner and an email to the address you signed in with, at least 14 days before the change takes effect.
13. Contact
Privacy questions: hr.yushishthira@gmail.com.