Privacy Policy
Last updated: 9 June 2026
RoasGuard ("we", "us") helps advertisers optimize Google Shopping and Performance Max campaigns. This policy explains what we collect, how we use it, and the rights you have. It is a plain-English summary and should be reviewed alongside our Terms.
What we access
When you connect an account, you authorize RoasGuard to access only what it needs:
- Google account — your name and email, for sign-in.
- Google Ads — product performance metrics and the ability to manage campaign listing groups (to delist products you choose).
- Google Merchant Center — your products and the ability to set custom labels or exclude products within the feed label(s) you select.
- Shopify (optional) — order line items, to compute per-product units sold and revenue. We request
read_ordersonly.
How we store it
OAuth refresh tokens and Shopify access tokens are encrypted at rest(AES-256-GCM) before being written to our database, which is access-restricted to the application service account. We never expose raw tokens to the browser. We do not sell your data or use it to train models.
How we use it
- To show your product performance dashboard.
- To evaluate the rules you create and take the actions you configure (exclude, relabel, or delist) — only within the scope you authorize.
- To run your enabled rules automatically on a daily schedule.
Google API Services — Limited Use
RoasGuard's use and transfer of information received from Google APIs to any other app adheres to the Google API Services User Data Policy, including the Limited Use requirements. Data obtained through Google Ads and Google Merchant Center is used only to provide and improve the user-facing features in RoasGuard (your performance dashboard and the rules you run). We do not sell this data, use it for advertising, or transfer it to third parties except as needed to operate the service or to comply with the law, and we do not allow humans to read it except with your explicit consent, for security/abuse investigations, or where required by law.
Scope & control
RoasGuard only acts on the feed label(s) and campaigns you select. Every automated action is recorded in your activity log. You can disconnect any integration at any time, which stops all access.
Data retention & deletion
We keep your connection and rule data while your account is active. You may request deletion of your account and all associated tokens, rules, and logs by emailing hello@roasguard.io; we remove it promptly.
Subprocessors
We host on Google Cloud (Cloud Run, Firestore, Secret Manager). We call the Google Ads API, Google Merchant Center Content API, and Shopify Admin API on your behalf using the authorizations you grant.
Contact
Questions about this policy? Email hello@roasguard.io.