Privacy Policy
Last updated: May 28, 2026
1. Who we are
agentplanners is operated by the team at agentplanners.com. We provide a multi-agent automation platform for advertising and marketing operations. This privacy policy describes how we collect, use, store, and disclose personal information when you use our website and product.
Questions? Reach us at hi@agentplanners.com.
2. What we collect
- Account information: email, name, organization name, and any profile fields you choose to provide (via Clerk authentication).
- Connected ad-platform data: when you connect Google Ads or other integrations, we read account metadata (customer ids, campaign names, performance metrics) and any data your goals require us to query.
- Goals, plans, and tool outputs: the prompts you submit, the plans our orchestrator generates, the results of any tool calls (GAQL, BigQuery, sandbox), and the message history of each task.
- Audit logs: actor, timestamp, resource, and outcome of every mutation executed via the platform.
- Operational telemetry: standard server logs, error reports, and aggregate usage counts. We do not sell or use this data for advertising.
3. Google API services & OAuth scopes
agentplanners's use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.
We request the following Google OAuth scopes. We only request a scope when you connect the corresponding integration; you may revoke access at any time at myaccount.google.com/permissions.
| Google product | Scope | Why we need it |
|---|---|---|
Google Ads Live | https://www.googleapis.com/auth/adwords | Read campaign / ad-group / ad / keyword / asset metadata + performance metrics; execute approved mutations (create campaigns, adjust budgets / bids / status, add negatives, upload assets, run experiments, etc.). The single scope that drives the core product. |
Google Ads Manager (MCC) Live | https://www.googleapis.com/auth/adwords | Same scope as Google Ads — used to enumerate manager-child relationships via customer_client and to run bulk operations across an MCC's children (one approval, fanned out). |
Google Analytics 4 (GA4) Planned | https://www.googleapis.com/auth/analytics.readonly | Read GA4 reports (sessions, users, conversions, traffic sources, top pages) so the agent can cross-reference site behavior with Google Ads performance. Read-only. |
Google Search Console Planned | https://www.googleapis.com/auth/webmasters.readonly | Read Search Console performance (queries, pages, impressions, clicks, CTR) for organic-vs-paid analysis and to surface organic queries worth bidding on. Read-only. |
Google Sheets Planned | https://www.googleapis.com/auth/spreadsheets | Read user-provided sheets used as analysis inputs (e.g. keyword lists, target lists) and write reports / dashboards into sheets the user explicitly creates or selects. |
Google Drive Planned | https://www.googleapis.com/auth/drive.file | Per-file access — strictly the files the user creates or opens with agentplanners. We use the drive.file scope (NOT full drive read) so we can only touch files explicitly shared with our app. Used for report exports + creative assets. |
BigQuery Live | https://www.googleapis.com/auth/bigquery | Query datasets the user connects (via service-account JSON or OAuth) for analytics that joins ad data with first-party data marts. Reads only by default; writes only when the user explicitly authorises a destination table. |
Google AdSense Planned | https://www.googleapis.com/auth/adsense.readonly | Read AdSense earnings + report data to surface monetization signals alongside ad-spend optimization (publisher use case). Read-only. |
Display & Video 360 Planned | https://www.googleapis.com/auth/display-video | Read DV360 insertion-order / line-item performance and execute approved mutations on DV360 entities (for advertisers running both Google Ads and DV360 from one console). |
Display & Video 360 — Bid Manager Planned | https://www.googleapis.com/auth/doubleclickbidmanager | Read DV360 reports via the Bid Manager API for cross-platform performance digests. Read-only on the reporting endpoints. |
OpenID Connect (sign-in) Live | openid email profile | Standard identity scopes used when a user signs in or links a Google account. We read the email + basic profile only to identify the user; no data is requested via these scopes beyond what Google sends in the ID token. |
Limited use: data accessed through these scopes is used solely to provide and improve user-facing features of agentplanners (e.g. running the analyses, mutations, and reports you request). We do NOT use this data for advertising, do NOT transfer it to third parties except as necessary to provide the service (e.g. our hosting provider Vercel, database provider MongoDB Atlas, LLM providers used to plan your tasks), do NOT use it to train or improve generalized AI models, and do NOT allow humans to read the data except (a) with your explicit consent, (b) for security purposes, (c) to comply with applicable law, or (d) in aggregated / anonymized form for internal operations.
4. How we use the information
- To run the agent workflows you ask for — query metrics, propose changes, execute approved mutations against connected accounts.
- To produce reports, charts, and audit records that you can view, share, or export.
- To send transactional emails (approval requests, failure alerts) via Resend.
- To improve product reliability through error monitoring (logs do not include account-data payloads beyond what's needed to diagnose).
- To enforce our Terms of Use and protect the platform against abuse, fraud, or security threats.
5. Where data is stored & sub-processors
- Authentication: Clerk
- Hosting + Workflow runtime: Vercel
- Database: MongoDB Atlas
- File storage: Vercel Blob
- LLM providers: Vercel AI Gateway (routes to providers such as Anthropic, Google, OpenAI). Prompts include the goal + relevant context from your connected accounts; responses are stored against your task.
- Sandbox: Vercel Sandbox (Python execution for analysis / charts)
- Email: Resend (transactional emails only)
- Search: Perplexity (via AI Gateway) and searchapi.io for web lookups when a task requires them
6. Retention & deletion
Account, task, message, audit, and integration records are retained for the duration of your account. Disconnecting an integration revokes our access and stops further data collection from that source; previously collected data remains on your account until you delete it.
You can delete individual tasks, audit entries, and assets through the product. To delete your account and all associated data, email hi@agentplanners.com and we will action your request within 30 days.
7. Your rights
Depending on your jurisdiction (e.g. GDPR for EU residents, CCPA for California residents), you may have the right to access, correct, port, restrict, or delete your personal information, and to object to certain processing. Submit requests to hi@agentplanners.com and we will respond within the timeline mandated by applicable law.
8. Security
We use industry-standard practices: TLS in transit, AES at rest where supported, encrypted storage of OAuth refresh tokens, secrets never logged, and strict allow-listing of redirect URIs in our Google Cloud project. No system is impenetrable — please use a unique password and 2FA on your account.
9. Children
agentplanners is not directed to children under 16, and we do not knowingly collect personal information from children.
10. International users
By using the service you consent to your information being transferred to and processed in the United States and other countries where our service providers operate.
11. Changes to this policy
We may update this policy from time to time. Material changes will be announced via email to the address on file or via an in-app banner. The "Last updated" date at the top reflects the current version.
12. Contact
For privacy questions, complaints, or data-subject requests: hi@agentplanners.com.