Privacy policy

Last updated: 30 March 2026
Effective date: 1 May 2026



This Privacy Policy explains how AdSigner (“AdSigner”, “Company”, “we”, “us”, “our”) collects, uses, processes, and protects personal data when you access or use the AdSigner website, applications, APIs, and related services (collectively, the “Service”).

This Privacy Policy forms part of the Terms and Conditions governing the use of the Service. Capitalized terms used but not defined in this Privacy Policy have the meaning given to them in the Terms and Conditions.

If there is any conflict between this Privacy Policy and the Data Processing Agreement (“DPA”) regarding the processing of personal data on behalf of Customers, the DPA shall prevail.

1. Data Controller

The data controller responsible for the processing of personal data under this Privacy Policy is:

AdSigner
Erpium d.o.o.
Beograjska ulica 4
1000 Ljubljana
Slovenia
Email: terms@adsigner.com

Where AdSigner processes personal data on behalf of a Customer through the Service, the Customer acts as the data controller and the Company acts as the data processor, as further described in the DPA.

2. Scope of This Policy

This Privacy Policy applies to personal data processed in connection with:

  • the AdSigner website;
  • the AdSigner SaaS platform;
  • Accounts, Users, and Organizations within the Service;
  • API access and integrations;
  • support communications;
  • billing, invoicing, and payment processing;
  • marketing communications; and
  • analytics, logging, and security monitoring.

This Privacy Policy does not apply to third-party services, websites, or platforms that may integrate with or be accessed through the Service. Such third parties act as independent controllers.

3. Categories of Personal Data We Collect

We may collect and process the following categories of personal data:

3.1 Account and Registration Data

When an Account is created, we may collect:

  • name;
  • email address;
  • organization name;
  • account credentials (stored in a hashed or otherwise protected form);
  • user role and permissions.

3.2 Billing and Payment Data

When a Customer places an order or subscribes to Products, we may process:

  • billing name;
  • billing address;
  • telephone number;
  • tax identification number or VAT number; and
  • payment-related information.

Payment card processing is performed by third-party payment providers. The Company does not store full payment card details.

3.3 Service Usage and Technical Data

When the Service is accessed or used, we may collect:

  • IP address;
  • device, browser, and operating system information;
  • timestamps and log data;
  • Service usage events;
  • configuration changes;
  • API usage data; and
  • security and access logs.

This data is used to operate, secure, maintain, and improve the Service.

3.4 Customer Data

Customers may submit or otherwise process data within the Service (“Customer Data”), which may include personal data such as:

  • user details;
  • organizational and directory data;
  • configuration data;
  • communication or campaign content; and
  • other data determined by the Customer.

The Customer determines the purposes and means of such processing and is responsible for its lawfulness.

3.5 Communications Data

If you contact us or interact with support, we may process:

  • contact details;
  • communication content;
  • support requests; and
  • diagnostic or troubleshooting data.

3.6 Marketing Data

Where permitted by applicable law, we may process:

  • email address;
  • telephone number;
  • marketing preferences; and
  • interaction data (e.g., opens, clicks).

You may opt out of marketing communications at any time.

4. Cookies and Tracking Technologies

We use cookies and similar technologies to:

  • operate and secure the Service;
  • authenticate users;
  • remember preferences;
  • analyze usage and performance; and
  • improve functionality.

Cookies may include:

  • strictly necessary cookies;
  • security cookies;
  • preference cookies; and
  • analytics cookies (subject to consent where required).

Where required by applicable law, non-essential cookies are used only with prior consent.

Users can manage cookie preferences through browser settings or consent tools. Disabling cookies may affect Service functionality.

5. Purposes of Processing

We process personal data for the following purposes:

  • to provide, operate, and maintain the Service;
  • to create and manage Accounts and Organizations;
  • to process Orders, Subscriptions, billing, and payments;
  • to provide Support Services;
  • to communicate service-related notices and updates;
  • to ensure security and prevent fraud, abuse, or misuse;
  • to monitor and improve the Service;
  • to enforce contractual rights;
  • to comply with legal obligations; and
  • to send marketing communications where permitted by law.

Where applicable data protection law, including GDPR, applies, we process personal data on one or more of the following legal bases:

Performance of a contract

  • providing the Service;
  • account management;
  • processing Orders and Subscriptions;
  • billing and payments.

Legitimate interests

  • ensuring security and preventing fraud or abuse;
  • improving and developing the Service;
  • internal analytics and system monitoring;
  • enforcing contractual rights.

Consent

  • marketing communications, where required;
  • non-essential cookies.

Legal obligation

  • compliance with applicable laws;
  • responding to lawful requests from authorities.

Where processing is based on legitimate interests, we take appropriate steps to ensure that such interests are not overridden by the rights and freedoms of data subjects.

7. Data Sharing and Recipients

We may share personal data with:

  • hosting and infrastructure providers;
  • cloud service providers;
  • payment service providers;
  • analytics and monitoring providers;
  • communication and email service providers;
  • customer support tools;
  • security and fraud prevention providers;
  • professional advisers; and
  • competent authorities where legally required.

Where third parties process personal data on our behalf, they are subject to appropriate contractual obligations and data protection safeguards.

We do not sell personal data.

8. International Data Transfers

Where personal data is transferred outside the European Economic Area (EEA), such transfers are carried out in accordance with applicable data protection law.

Where required, we implement appropriate safeguards for such transfers, which may include adequacy decisions, approved transfer mechanisms, or other legally recognized safeguards.

Additional details may be provided in the DPA or upon request, where applicable.

10. Security Measures

We implement appropriate technical and organizational measures designed to protect personal data, including:

  • encryption in transit;
  • access controls;
  • authentication mechanisms;
  • logging and monitoring;
  • restricted internal access; and
  • regular security assessments.

However, no system can be guaranteed to be fully secure.

11. Data Subject Rights

Subject to applicable data protection law, individuals may have the right to:

  • access their personal data;
  • rectify inaccurate or incomplete personal data;
  • request deletion of personal data;
  • request restriction of processing;
  • object to certain processing activities;
  • request data portability;
  • withdraw consent at any time where processing is based on consent; and
  • not be subject to certain decisions based solely on automated processing, where applicable.

Requests may be submitted to: terms@adsigner.com

We may require identity verification before fulfilling requests.

Where we act as a processor on behalf of a Customer, requests should generally be directed to the relevant Customer, who acts as the controller.

12. Customer Responsibilities

Customers are responsible for:

  • ensuring lawful processing of personal data;
  • determining the applicable legal basis for processing;
  • providing appropriate privacy notices;
  • obtaining required consents where applicable; and
  • complying with applicable data protection laws.

Where acting as a processor, the Company processes personal data only in accordance with the Customer’s instructions as defined in the DPA.

13. Children’s Data

The Service is not intended for individuals under the age of 18. The Company does not knowingly collect personal data from children.

14. Changes to This Privacy Policy

We may update this Privacy Policy from time to time.

Material changes will be communicated through the Service or other appropriate means.

15. Contact

For questions or requests:

AdSigner
https://www.adsigner.com
terms@adsigner.com

Erpium d.o.o.
Beograjska ulica 4
1000 Ljubljana
EU – Slovenia
VAT: SI 83851976

Ready to start?

Try for free

info@adsigner.com

© All rights reserved, AdSigner, 2026

Contact

Please drop us a line

If you need any additional information or would like to book an individual demonstration, please do not hesitate to contact us at info@adsigner.com .