Privacy Policy

Effective date: June 23, 2025
Website: www.epiminds.com
Owner: Epiminds AB
Contact: info@epiminds.com

Table of Contents

1. Summary

2. Owner and Data Controller

3. Types of Data Collected

4. Mode and Place of Processing the Data

5. The Purposes of Processing

6. Detailed Information on the Processing of Personal Data

7. Cookie Policy

8. Users in the European Union

9. Additional Information About Data Collection and Processing

10. Definitions and Legal References

11. How Can We Help?

1. Summary

Data We Collect Automatically

When you visit www.epiminds.com, we automatically collect:

• Trackers

• Usage Data

How We Use the Data

We use this data for:

• Registration and authentication

• Service provision and improvement

Trusted Third Parties

• Google LLC

2. Owner and Data Controller

Epiminds AB
Franstorpsvägen 27
17266, Stockholm, Sweden
Email: elias@epiminds.com

3. Types of Data Collected

• Trackers

• Usage Data

• Google Ads data

Data may be:

• Provided voluntarily by the user

• Collected automatically through usage

Unless otherwise noted, all data requested by this application is mandatory. Failure to provide it may make it impossible to provide the service.

Cookies and trackers may also be used — see our Cookie Policy for details.

Users are responsible for third-party data they share through this application.

4. Mode and Place of Processing the Data

Methods of Processing

• Secure systems and IT tools

• Internal personnel and authorized third parties (e.g., hosting, IT support)

Place

• Processed at the Owner’s main office and other necessary locations

Retention Time

• Stored as long as required by purpose or legal obligation

• Deleted once retention period expires

5. The Purposes of Processing

We process personal data to:

• Provide our services

• Fulfill legal obligations

• Handle enforcement requests

• Detect malicious or fraudulent behavior

• Enable registration and authentication

• Provide ad campaign management and analytics (via Google Ads API)

6. Detailed Information on the Processing of Personal Data

Registration and Authentication

This helps us identify users and offer dedicated services. We may use third-party providers such as:

Google OAuth

• Company: Google LLC

• Location: United States / Europe

• Data Processed: Trackers and additional data

• Data Received: name, email, profile picture, ID token

• Use: user authentication only

Google Ads API Access

• When you connect your Google Ads account, we request the following scope:

https://www.googleapis.com/auth/adwords

• This lets us on your behalf fetch and manage:

  • Campaigns, ad groups, keywords, budgets, performance metrics

  • Conversion data and billing summaries

• Why we access Google Ads data?

  • To provide campaign reporting and optimization tools

  • To execute actions (e.g. pausing/activating campaigns) you explicitly initiate

• Data Sharing & Disclosure

  • We share your Google Ads data only with:

    • Internally with our support team—but only when you explicitly request assistance

  • With our closed-source AI model providers for insights and optimizations, always under strict confidentiality and data-protection agreements

We never sell or rent this data.

Data Protection Measures

- All Google tokens and profile data are encrypted at rest (AES-256) and in transit (TLS 1.2+).

- Access to production data is limited to authorized personnel via least-privilege IAM roles.

7. Cookie Policy

This application uses Trackers.
See our full [Cookie Policy] for more.

8. Further Information for Users in the European Union

Legal Basis of Processing

We process data if:

• Consent has been given

• It is necessary for a contract

• Legal obligations require it

• It serves public interest or legitimate interest

Contact the Owner for clarification on legal bases for processing.

Data Retention

• Retained as long as necessary for the stated purpose

• Longer retention is possible with user consent or legal requirements

9. The Rights of Users (GDPR)

Users may exercise the following rights:

• Withdraw consent

• Object to processing

• Access their data

• Rectify inaccurate data

• Restrict data processing

• Request deletion ("right to be forgotten")

• Data portability

• Lodge a complaint with a data protection authority

Right to Object

Users may object to processing done in public interest or legitimate interest.
Users can always object to direct marketing.

Exercising Rights

Contact us via the details provided.
All requests are free and will be handled within one month.

10. Additional Information About Data Collection and Processing

Legal Action

We may use your personal data in legal cases or upon authority request.

System Logs and Maintenance

We may collect logs and technical data for maintenance and security.

More Information

Users may request additional info on services or data collection at any time.

11. Changes to this Privacy Policy

We may update this policy.
Users will be notified via this page or other means where feasible.
We may request new consent if legally required.

12. Definitions and Legal References

• Personal Data: Identifiable information about a person

• Usage Data: Automatically collected technical data

• User: The individual using the application

• Data Subject: The person the data refers to

• Data Processor: Processes data on behalf of the Data Controller

• Data Controller: Determines how and why personal data is processed

• Service: The website and related offerings

• EU: Includes all member states of the European Union and EEA

• Cookies & Trackers: Technologies that store and access information on a user’s device

13. How Can We Help?

What You Can Do

• Request access to your data

• Ask for corrections

• Request deletion

• Request data transfer to another provider

In Case of Issues

We strive to provide a smooth experience. If any issue arises, please contact us.

Contact Us

Website: www.epiminds.com
Company: Epiminds AB
Email: info@epiminds.com