Data controller
Surya Marketing s.r.o., Company ID 23240253, registered office Korunní 2569/108, Vinohrady, 10100 Prague 10, Czech Republic. Data Protection Officer: info@suryatool.io.
What data we process
- App user data: email, name, role, job title. Purpose: providing the service and communication.
- OAuth tokens: encrypted access to Google Ads, Sklik, Meta Ads. Purpose: reading and (with your approval) writing to ad accounts.
- Ad account data: campaigns, keywords, search terms, performance metrics. Purpose: analysis and report generation.
- Audit log: history of all actions, approvals, executions. Purpose: forensic reconstruction, rollback.
Retention
Active account: for the duration of the agreement. After termination: within 30 days (GDPR Article 17). Audit log: 24 months after termination (statutory accounting requirement).
Subprocessors (Article 28)
- Cloudflare — DNS, CDN. Frankfurt, EU.
- Railway — application and database hosting. Frankfurt, EU.
- Anthropic — AI inference (Claude). Zero retention, no training.
- OpenAI — embeddings (vector search). No full reports.
- Resend — transactional email. Frankfurt, EU.
Your rights
You have the right to access, correction, erasure, restriction of processing, portability, objection, and complaint to ÚOOÚ (Czech DPA). Send requests to info@suryatool.io, response within 30 days.