Privacy Policy

Last updated: February 28, 2026

1. Introduction

DashVoard ("we", "our", or "the Service") is a marketing analytics and reporting platform operated by Margarit Ibiza LLC, a limited liability company registered in the United States. This Privacy Policy explains how we collect, use, store, share, and protect your data, including data obtained through Google APIs and other third-party integrations.

By using DashVoard, you agree to the practices described in this Privacy Policy. Our use and transfer of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

2. Data Accessed

DashVoard accesses the following types of data from Google services and other third-party platforms, with your explicit authorization:

Google Analytics (GA4)

  • Website traffic metrics: sessions, users, pageviews
  • Audience demographics and behavior data
  • Conversion and event tracking data
  • Average session duration, bounce rate

Google Search Console

  • Search performance data: clicks, impressions, CTR, average position
  • Search queries and page-level performance

Google Ads

  • Campaign performance metrics: impressions, clicks, conversions
  • Cost data: spend, CPC, CPL, ROAS
  • Ad group and keyword performance
  • Account-level settings (currency, account name)

Meta (Facebook/Instagram)

  • Ad account metrics: spend, reach, impressions, leads
  • Instagram business profile metrics: followers, engagement, reach
  • Post-level performance data

LinkedIn

  • Company page metrics: followers, impressions, engagement
  • Post-level statistics

ActiveCampaign

  • Contact counts and email campaign metrics
  • Pipeline/deal data: stage counts, values, statuses

Account Information

  • Your email address and display name (for authentication)
  • Connected account names and identifiers

3. Data Usage

We use the data we access exclusively for the following purposes:

  • Generating marketing reports and dashboards: We aggregate and display your marketing metrics in visual reports and dashboards that you create and configure.
  • Populating template variables: Your data is used to fill dynamic variables in report templates (e.g., showing your ad spend, clicks, or follower count).
  • Caching for performance: We temporarily cache metrics data to reduce API calls and improve loading times.
  • Token refresh: We use OAuth refresh tokens to maintain your authorized connections without requiring you to re-authenticate.

We do not use your Google user data for:

  • Advertising or ad targeting
  • Selling or licensing to third parties
  • Training AI or machine learning models
  • Any purpose other than providing the DashVoard service to you

4. Data Sharing

We do not sell, rent, trade, or share your Google user data or any other personal data with third parties, except in the following limited circumstances:

  • Service infrastructure: Your data is stored in Google Cloud Firestore (part of Firebase) as our database provider. Google acts as a data processor under their standard terms of service.
  • Public dashboards (your choice): If you choose to create a public dashboard with a shareable link, the rendered report (with your metrics populated) will be visible to anyone with that link. You control which templates and data are made public.
  • Legal requirements: We may disclose data if required by law, legal process, or government request.

We do not share raw API data, access tokens, or credentials with any third party.

5. Data Storage & Protection

We implement the following security measures to protect your data:

  • Encryption at rest: All sensitive credentials (API keys, OAuth tokens) are encrypted using AES-256-GCM encryption before storage. Encryption keys are stored separately from the encrypted data.
  • Encryption in transit: All data transmitted between your browser and our servers uses HTTPS/TLS encryption.
  • OAuth 2.0: We use industry-standard OAuth 2.0 for all Google API connections. We never see or store your Google password.
  • Firebase Security Rules: Database access is controlled by Firestore security rules that ensure users can only access their own projects and data.
  • Minimal scope requests: We only request the minimum OAuth scopes necessary to provide the analytics features you use.
  • Server-side processing: All API calls to Google services are made server-side. Your tokens are never exposed to the browser.

6. Data Retention & Deletion

Retention

  • Cached metrics: Temporarily cached for up to 24 hours to improve performance, then automatically refreshed or deleted.
  • OAuth tokens: Stored as long as your connection is active. Tokens are deleted when you disconnect a service.
  • Report templates: Stored until you delete them.
  • Account data: Stored as long as your account is active.

Deletion

You can delete your data at any time through the following methods:

  • Disconnect a service: Remove any connected platform (Google Analytics, Google Ads, Search Console, etc.) from your project settings. This immediately deletes the stored tokens and cached data for that connection.
  • Delete a project: Deleting a project removes all associated connections, templates, cached metrics, and configuration data.
  • Delete your account: Contact us at privacy@dashvoard.com to request complete deletion of your account and all associated data. We will process your request within 30 days.
  • Revoke access: You can also revoke DashVoard's access to your Google account at any time through your Google Account permissions page.

7. Google API Services Compliance

DashVoard's use and transfer to any other app of information received from Google APIs will adhere to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:

  • We only use Google user data to provide and improve DashVoard's user-facing features.
  • We do not transfer Google user data to third parties except as necessary to provide the service, comply with law, or as part of a merger/acquisition with user notice.
  • We do not use Google user data for serving advertisements.
  • We do not allow humans to read Google user data unless we have your affirmative consent, it is necessary for security purposes, to comply with law, or the data is aggregated and anonymized.

8. LinkedIn Integration

When you connect your LinkedIn account, you authorize DashVoard to:

  • Access your company page metrics and statistics
  • Read post-level engagement data
  • Obtain follower information (with your permission)

We will not post on your behalf or modify your LinkedIn content without your explicit authorization.

9. Cookies & Local Storage

DashVoard uses:

  • Authentication cookies: To maintain your login session.
  • Preference cookies: To store your language and theme preferences.

We do not use tracking cookies or third-party analytics cookies.

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by updating the "Last updated" date at the top of this page. Your continued use of DashVoard after changes are posted constitutes your acceptance of the updated policy.

11. Contact Us

If you have any questions about this Privacy Policy, your data, or wish to exercise your data rights, please contact us:

Last updated: February 28, 2026

© 2026 DashVoard by Margarit Ibiza LLC. All rights reserved.