AdCreate
Back to Home
Privacy Policy

Privacy Policy

Last updated: February 2026

Introduction

AdCreate ("we," "us," or "our"), operated by Generative AI Teknoloji Anonim Sirketi, provides an AI-powered ad and video creation platform at adcreate.com (the "Service"). This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our Service.

By accessing or using AdCreate, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our practices, please do not use the Service.

Data We Collect

We collect the following categories of personal data:

Account Information

  • Name, email address, and password when you create an account
  • Profile information you choose to provide (company name, role, avatar)
  • Authentication data from third-party sign-in providers (Google, Apple)

Usage Data

  • Pages visited, features used, and actions taken within the Service
  • Device information (browser type, operating system, screen resolution)
  • IP address and approximate geographic location
  • Referring URLs and search terms used to find AdCreate

Content Data

  • Images, videos, text prompts, and other media you upload or create
  • Brand assets including logos, color palettes, and fonts
  • Generated ad creatives, videos, and associated project data

Payment Data

  • Billing name and address
  • Payment method details (processed securely by Stripe; we do not store full card numbers)
  • Transaction history and subscription status

How We Use Your Data

We use your personal data for the following purposes:

  • Providing, maintaining, and improving the Service
  • Processing AI-powered video and ad generation requests
  • Managing your account, subscriptions, and credit balances
  • Sending transactional emails (account verification, password resets, billing receipts)
  • Analyzing usage patterns to improve features and user experience
  • Detecting and preventing fraud, abuse, and security incidents
  • Complying with legal obligations and enforcing our Terms of Service

We process your data based on the following legal bases under GDPR: performance of our contract with you, your consent (where applicable), our legitimate interests in operating and improving the Service, and compliance with legal obligations.

Third-Party Services

AdCreate integrates with third-party AI providers and services to deliver core functionality. When you use these features, certain data (such as text prompts and uploaded media) may be transmitted to:

  • Google DeepMind (Veo) -- for AI video generation from text and image prompts
  • OpenAI (Sora) -- for AI video generation and editing capabilities
  • HeyGen -- for AI-powered talking avatar and lip-sync video creation
  • Google (Gemini) -- for AI text generation, content analysis, ad copywriting, multimodal AI analysis, and video understanding
  • Stripe -- for secure payment processing (PCI-DSS compliant)
  • Supabase -- for authentication and database services
  • Google Analytics -- for anonymized website usage analytics
  • Meta (Facebook) Pixel -- for advertising measurement (with your consent)

Each third-party provider processes data according to their own privacy policies. We encourage you to review those policies. We only share the minimum data necessary to provide the requested functionality.

Cookies and Tracking Technologies

We use cookies and similar technologies to operate the Service, remember your preferences, and analyze usage. For a detailed breakdown of the cookies we use and how to manage your preferences, please see our Cookie Policy.

Data Retention

We retain your personal data for as long as your account is active or as needed to provide the Service. If you delete your account, we will remove your personal data within 30 days, except where retention is required by law (for example, billing records may be retained for up to 7 years for tax compliance). Generated content and project files are deleted within 30 days of account termination.

Data Security

We implement industry-standard security measures to protect your data, including encryption in transit (TLS 1.2+), encryption at rest, secure authentication with row-level security policies, and regular security audits. While no system is completely secure, we are committed to protecting your personal information and promptly addressing any security incidents.

International Data Transfers

Your data may be processed in countries outside your country of residence, including the United States and the European Economic Area. When we transfer data internationally, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission or other legally recognized transfer mechanisms to ensure your data is protected.

Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access -- request a copy of the personal data we hold about you
  • Rectification -- request correction of inaccurate or incomplete data
  • Erasure -- request deletion of your personal data ("right to be forgotten")
  • Restriction -- request that we limit how we process your data
  • Portability -- receive your data in a structured, machine-readable format
  • Objection -- object to processing based on legitimate interests or direct marketing
  • Withdraw Consent -- withdraw consent at any time where processing is consent-based
  • Lodge a Complaint -- file a complaint with your local data protection authority

To exercise any of these rights, please contact us at hello@adcreate.com. We will respond to your request within 30 days.

GDPR Compliance

If you are located in the European Economic Area (EEA), United Kingdom, or Switzerland, we process your data in compliance with the General Data Protection Regulation (GDPR). Our data controller is Generative AI Teknoloji Anonim Sirketi. We process personal data only when we have a valid legal basis, provide clear information about how we use your data, and implement appropriate technical and organizational safeguards.

Children's Privacy

AdCreate is not intended for children under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child under 16, we will take steps to delete it promptly. If you believe a child has provided us with personal data, please contact us at hello@adcreate.com.

Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. We will notify you of material changes by posting the updated policy on this page and updating the "Last updated" date. For significant changes, we may also send you a notification via email or an in-app banner.

Contact Us

If you have questions or concerns about this Privacy Policy or our data practices, please contact us at hello@adcreate.com or hello@adcreate.com.