Privacy Policy

Introduction

At Stratta ("we," "our," or "us"), we are committed to protecting your privacy and handling your data in a transparent and secure manner. This Privacy Policy explains how we collect, use, store, and protect your information when you use our revenue and growth planning platform.

Stratta is a platform that helps marketing, sales, and finance teams connect marketing spend to pipeline outcomes through integrations with advertising platforms, customer relationship management (CRM) systems, and other business tools.

Information We Collect

1. Account and Profile Information

• Name, email address, and company information provided during account creation
• Profile settings, preferences, and team roles within your organization
• Billing information including payment method details (processed by our secure payment providers)
• Authentication credentials and session information

2. Advertising Platform Data

When you connect your advertising accounts, we collect and process:

Google Ads Data:

• Campaign performance metrics (impressions, clicks, conversions, spend)
• Campaign structure (campaigns, ad groups, keywords, ads)
• Account information and hierarchy (manager accounts, sub-accounts)
• Quality scores, bid strategies, and optimization settings
• Historical performance data for analysis and forecasting
• Geographic and demographic targeting information

Facebook Ads Data:

• Ad account performance metrics (reach, impressions, clicks, conversions, spend)
• Campaign and ad set structure and settings
• Audience targeting information and custom audiences
• Creative performance data and relevance scores
• Pixel data and conversion tracking information
• Demographic and interest-based targeting insights

3. CRM and Sales Data

When you integrate CRM systems like HubSpot or Salesforce:

• Contact information and lead data
• Deal pipeline information (stages, values, close dates)
• Sales activity and interaction history
• Revenue attribution and conversion tracking
• Custom properties and fields configured in your CRM

4. Usage and Analytics Data

• Platform usage patterns and feature interactions
• Dashboard views, report generations, and data exports
• Session duration, page views, and navigation patterns
• Device information, browser type, and IP address
• Performance metrics and error logs for system optimization

5. Communication Data

• Support requests and correspondence
• Feedback, survey responses, and product suggestions
• Notification preferences and communication history

How We Use Your Information

1. Core Platform Services

• Aggregate and analyze campaign performance across advertising platforms
• Generate unified dashboards and reports showing ROI and attribution
• Provide forecasting and scenario planning based on historical data
• Execute automated optimization rules on your advertising campaigns
• Calculate pipeline metrics and revenue attribution
• Deliver insights and recommendations for budget allocation

2. Campaign Automation and Optimization

• Monitor campaign performance against your defined thresholds
• Automatically pause underperforming campaigns or ad groups
• Adjust budgets and bids based on performance rules you set
• Add negative keywords to improve campaign efficiency
• Shift budgets between platforms based on ROI performance

3. Account Management

• Authenticate and authorize access to your account
• Process billing and subscription management
• Provide customer support and technical assistance
• Send important account and service notifications

4. Product Improvement

• Analyze usage patterns to improve platform features
• Develop new capabilities and integrations
• Optimize platform performance and reliability
• Conduct research to enhance forecasting accuracy

Data Sharing and Third Parties

Service Providers

We work with trusted third-party service providers who help us operate our platform:

• Cloud Infrastructure: AWS, Google Cloud, or similar providers for secure data storage and processing
• Payment Processing: Stripe or similar services for secure billing transactions
• Analytics: Privacy-focused analytics tools to understand platform usage
• Communication: Email service providers for transactional emails and notifications
• Support: Customer support platforms for handling help requests

API Integrations

We integrate with platforms you authorize:

• Google Ads API: To read campaign data and execute optimization actions
• Facebook Marketing API: To access ad performance data and manage campaigns
• CRM APIs (HubSpot, Salesforce): To sync contact and deal information
• Other integrations: As you choose to connect additional marketing tools

Legal Requirements

We may disclose your information if required by law, court order, or government regulation, or to protect our rights, property, or safety, or that of our users or the public.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of that transaction. We will notify you of any such change in ownership or control.

Data Security

We implement comprehensive security measures to protect your data:

• Encryption: All data is encrypted in transit using TLS and at rest using AES-256
• Access Controls: Strict authentication and authorization for platform access
• API Security: Secure OAuth 2.0 flows for third-party integrations
• Infrastructure: SOC 2 Type II compliant cloud infrastructure
• Monitoring: 24/7 security monitoring and incident response
• Regular Audits: Periodic security assessments and penetration testing
• Employee Training: Security awareness training for all team members

While we implement industry-standard security measures, no system is completely secure. We continuously monitor and improve our security practices to protect your information.

Data Retention

We retain your information for different periods based on the type of data and business need:

• Account Data: Retained while your account is active and for 90 days after deletion
• Campaign Performance Data: Up to 3 years for historical analysis and forecasting
• CRM Data: Synchronized with your CRM retention policies
• Usage Analytics: Aggregated data retained for up to 2 years
• Support Communications: Up to 3 years for quality assurance
• Billing Records: As required by law (typically 7 years)

You can request deletion of your data at any time through your account settings or by contacting our support team.

Your Rights and Choices

Data Access and Control

• Access: View and download your data through your account dashboard
• Correction: Update or correct your account information and preferences
• Deletion: Request deletion of your account and associated data
• Export: Download your campaign data and reports in standard formats
• Portability: Transfer your data to another platform or service

Integration Controls

• Disconnect advertising accounts at any time through integrations settings
• Revoke API access permissions for connected platforms
• Control which campaigns and accounts are included in analysis
• Pause or disable automation rules without losing historical data

Communication Preferences

• Manage email notification preferences in your account settings
• Opt out of marketing communications while keeping service notifications
• Control the frequency and type of performance alerts you receive

GDPR Rights (EU Users)

If you are located in the European Union, you have additional rights under GDPR:

• Right to be informed about how your data is processed
• Right to access your personal data
• Right to rectification of inaccurate data
• Right to erasure ("right to be forgotten")
• Right to restrict processing
• Right to data portability
• Right to object to processing
• Rights related to automated decision-making

International Data Transfers

Our platform operates globally, and your data may be processed in countries other than where you are located. We ensure appropriate safeguards are in place for international data transfers:

• Standard Contractual Clauses (SCCs) for transfers outside the EU
• Adequacy decisions recognized by the European Commission
• Binding Corporate Rules for internal data transfers
• Industry-standard security measures regardless of data location

Children's Privacy

Stratta is designed for business use and is not intended for individuals under 16 years of age. We do not knowingly collect personal information from children under 16. If you believe we have collected information from a child under 16, please contact us immediately.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make changes:

• We will post the updated policy on our website with a new "Last Updated" date
• For material changes, we will notify you via email or prominent notice in our platform
• Your continued use of Stratta after changes take effect constitutes acceptance of the updated policy

Contact Us

If you have questions about this Privacy Policy or our data practices, please contact us: