top of page

read our
Privacyy policy

Last Updated: 2025-03-15

Your privacy is of utmost importance to us. This Privacy Policy outlines how we collect, process, and protect your personal data when you use our services.

1. Introduction

1.1 Scope: This policy applies to all data collected via our website, services, client campaigns, and third-party platforms (e.g., Facebook Ads Manager).
1.2 Controller: Acord Sales acts as a data controller for client and website visitor data and as a data processor for client-supplied customer data.
1.3 Compliance Framework: Aligns with GDPR (EU) and Facebook’s Business Tools Terms, Meta’s Supplemental Terms, and Platform Requirements.

 

2. Information We Collect

2.1 Directly Provided Data

  • Client Data: Full name, business email, phone number, job title, billing address, tax ID, payment details.

  • Prospect Data: Information submitted via contact forms, demo requests, or sales calls.

  • Client Customer Data: Email lists, demographic data, purchase histories, or CRM data provided by clients for campaigns.

2.2 Automatically Collected Data

  • Technical Data: IP address, device ID, browser type, operating system, geolocation.

  • Behavioral Data: Pages visited, time spent, clickstream data, referral URLs.

  • Ad Performance Data: Impressions, clicks, conversions, cost-per-click (CPC), ROAS (tracked via Facebook Pixel, Google Analytics, etc.).

  • Other: It’s not limited to the data stated before, more data could be gathered

2.3 Third-Party Data

  • Platform Data: Data from Facebook, Instagram, LinkedIn Ads (e.g., engagement metrics, audience insights).

  • Publicly Available Data: Social media profiles, business directories, or government registries (used for B2B prospecting).

 

3. Purposes of Processing & Legal Bases

3.1 Purposes

  • Service Delivery: Executing and optimizing paid ad campaigns (e.g., Facebook/Instagram Ads).

  • Audience Building: Creating Custom Audiences, Lookalike Audiences, or Segmentations via hashed/aggregated data.

  • Analytics: Campaign attribution, A/B testing, and ROI analysis.

  • Communication: Sending invoices, campaign reports, or marketing emails (with opt-out).

  • Legal Compliance: Fraud prevention, tax reporting, and responding to data subject requests.

3.2 Legal Bases (GDPR)

  • Contractual Necessity: Processing required to fulfill client agreements.

  • Legitimate Interest: Campaign analytics, direct marketing (B2B), and network security.

  • Consent: For cookies, email marketing, or sensitive data (e.g., health information in niche campaigns).

  • Legal Obligation: Responding to subpoenas or CCPA deletion requests.

 

4. Data Sharing & Third-Party Disclosures

4.1 Categories of Recipients

  • Clients: Campaign performance reports containing aggregated/anonymized data.

  • Advertising Platforms: Facebook/Meta, Google Ads, LinkedIn, TikTok (for ad placement and analytics).

  • Service Providers: Are mainly but limited to: Wix, Loopia, Notion, Zapier

  • Legal Authorities: Upon valid legal request (e.g., court order).

4.2 Facebook/Meta-Specific Sharing

  • Custom Audiences: Hashed customer data (SHA-256) uploaded to Facebook Ads Manager.

  • Advanced Matching: Use of Facebook Pixel to associate website activity with Facebook user IDs.

  • Data Processing Terms: Compliance with Meta’s Data Processing Terms and Commercial Terms.

 

5. Cookies & Tracking Technologies

5.1 Cookies

  • Our Website uses cookies and similar tracking technologies to enhance user experience.

  • We implement industry-standard security measures to protect all data. 

  • Despite our efforts, no data transmission over the internet can be guaranteed to be 100% secure.

 

5.2 Consent Management

  • Cookie Banner: You may disable cookies through your browser settings, but doing so may affect the Website’s functionality.

 

6. Data Retention

6.1 Retention Periods

  • Client Data: 7 years post-contract termination (tax/legal compliance).

  • Prospect Data: 2 years from last engagement (legitimate interest window).

  • Facebook Pixel Data: 180 days (aligned with Meta’s default event retention).

  • Backups: Encrypted backups retained for 90 days.

6.2 Deletion Protocols

  • Automated Deletion: Inactive user data purged quarterly.

  • Client Requests: Data deleted within 30 days of verified request.

 

7. Your Rights

7.1 Global Rights Summary

  • Request access to your personal data.

  • Request correction or deletion of inaccurate or unnecessary data.

  • Withdraw consent for data processing (where applicable).

  • Request data portability if technically feasible.

  • Lodge a complaint with a relevant data protection authority.

 

8. Children’s Privacy

  • Age Threshold: No services directed to users under 18.

 

9. Policy Updates

  • Notice: Material changes will be posted below

 

10. Facebook/Meta-Specific Compliance

  • Transparency: Disclose use of Offline Event Tracking, Conversions API, and Advanced Matching.

  • User Consent: Obtain explicit consent for Facebook Pixel tracking (via cookie banner).

  • Data Minimization: Only share data necessary for campaign objectives (e.g., excludes sensitive info).

  • Opt-Out: Direct users to Meta Ad Preferences and Ad Settings.

 

11. Dispute Resolution

  • Mediation: EU users may lodge complaints with their local DPA.

  • Jurisdiction: Governed by laws of Sweden

 

12. Contact Information

13. Additional Disclosures

    • Sensitive Data: We do not collect racial, health, or biometric data unless explicitly required (with separate consent).

bottom of page