This Privacy Policy describes how Ad Core One, as Data Controller, collects, uses, processes, and protects personal data in accordance with EU Regulation 2016/679 (GDPR) and applicable national laws.
Following the signing of advertising consultancy or management agreements, we collect and process the following categories of personal data:
- Personal and identification data (name, surname, email, phone number, VAT number, etc.);
- Login and administrative data related to advertising accounts (e.g., Google Ads, Meta Ads);
- Economic and financial data limited to the management of advertising budgets;
- Performance and insights related to advertising campaigns.
No special categories of data (Art. 9 GDPR) or judicial data are processed.
Personal data is processed for the following purposes:
- Provision of advertising consultancy and campaign management services;
- Fulfillment of contractual and pre-contractual obligations;
- Legal, tax, and administrative compliance;
- Performance analysis and campaign optimization;
- Operational, service, or administrative communications.
The legal basis for processing includes:
- Contract execution (Art. 6.1.b GDPR);
- Compliance with legal obligations (Art. 6.1.c GDPR);
- The legitimate interest of the Controller (Art. 6.1.f GDPR).
Data is processed lawfully, fairly, and transparently, using electronic and automated systems, with appropriate technical and organizational measures to ensure security, accuracy, and confidentiality.
Data is not sold or disclosed to third parties. Access is permitted only to:
- Authorized and trained internal personnel;
- External consultants and collaborators bound by confidentiality agreements;
- Third parties (e.g., technical providers, advertising platforms) only for campaign management purposes and in compliance with applicable laws.
Where required, such third parties are appointed as Data Processors (Art. 28 GDPR).
Data is retained for the duration of the contractual relationship and, thereafter, for the time required to comply with legal obligations and safeguard rights, not exceeding 10 years from contract termination.
If personal data is transferred to non-EU countries, such transfer will only occur to entities ensuring an adequate level of data protection, in accordance with Articles 44 ff. GDPR, using Standard Contractual Clauses or other recognized safeguards.
Users may exercise the following rights:
. Access to data (Art. 15 GDPR);
- Rectification (Art. 16 GDPR);
- Erasure ("right to be forgotten" – Art. 17 GDPR);
- Restriction of processing (Art. 18 GDPR);
- Data portability (Art. 20 GDPR);Objection to processing (Art. 21 GDPR);
- Lodge a complaint with the Data Protection Authority.
Ad Core One implements advanced technical and organizational security measures to prevent unauthorized access, disclosure, alteration, or destruction of data.All customer information—including financial data, marketing strategies, and campaign metrics—is treated as strictly confidential and is never disclosed or used beyond the agreed contractual purposes.
This Privacy Policy may be updated due to regulatory changes or internal adjustments. Users will be promptly informed of any material changes.
For any questions or to exercise your rights, please contact us at:📧 info@adcoreone.com
