Privacy Statement

Last updated: November 27, 2025

1. Introduction

Cart Sync, owned and operated by Cord Trading Group Pvt Ltd (“Cart Sync”, “we”, “our”, or “us”), is committed to safeguarding your privacy and ensuring a transparent experience when you use our websites, applications, and optimization services.

This Privacy Statement describes how we collect, use, disclose, and protect Personal Data when you interact with our services, including our Facebook Pixel enhancement tools, optimization systems, and analytics dashboards.

2. What Is Personal Data?

“Personal Data” refers to any information that can reasonably be used to identify an individual, either directly or indirectly. Examples include:

  • Name, email address, billing address, or phone number
  • Login or authentication credentials
  • Identifiers such as IP address, device IDs, or user agent details
  • Hashed customer data (e.g., hashed email) used for ad attribution
  • Advertising account identifiers or campaign data linked to an individual’s account

If we link other data with your Personal Data, we treat the combined information as Personal Data.

3. Data We Collect

We may collect the following types of Personal Data depending on how you use our services:

  • Account Information: Your name, email address, business details, subscription information, and billing data.
  • Ad Account Data: When you connect your Meta Ads Manager, we access campaign structure, performance data, and optimization metrics through the Meta Marketing API.
  • Pixel & Server-Side Event Data: Our integrations collect server-side signals such as IP address, user agent, page events, and hashed customer identifiers to improve attribution and match quality.
  • Website & System Data: Device details, browser type, timestamps, and usage logs related to your interaction with our applications.

4. How We Use Personal Data

Cart Sync uses Personal Data for legitimate business purposes, including:

  • Enhancing event match quality and improving Meta advertising performance
  • Automating bid strategies, pausing inefficient ad sets, and optimizing delivery
  • Providing performance dashboards, analytics, and actionable insights
  • Managing user accounts and facilitating authentication
  • Ensuring the security, integrity, and proper functioning of our services
  • Communicating service updates, alerts, or required administrative notices

5. How We Share Personal Data

We may disclose Personal Data under the following limited circumstances:

  • Service Providers: Trusted vendors who support hosting, analytics, payments, infrastructure, or API integrations. All providers are contractually required to safeguard your data.
  • Meta Platforms: Enriched event data is transmitted to Meta strictly for improving ad attribution and performance.
  • Legal Requirements: When disclosure is required to comply with applicable laws, regulations, or lawful requests.
  • Business Transfers: In the event of a merger, acquisition, or restructuring, your data may be transferred as part of the transaction.
  • Aggregated or Anonymized Data: We may share non-identifiable, de-identified datasets for analytics or research.

6. Data Security

We apply reasonable and appropriate technical and organizational measures to secure Personal Data. This includes:

  • Industry-standard encryption (TLS/SSL) for data in transit
  • Encrypted storage of OAuth tokens, API keys, and authentication credentials
  • Role-based access controls and audit logging
  • Routine monitoring for unauthorized access or anomalies

7. Data Retention

We retain Personal Data only for as long as necessary to fulfill the purposes outlined in this Privacy Statement, comply with our legal obligations, resolve disputes, and enforce agreements. When data is no longer needed, we securely delete, anonymize, or remove it.

8. Your Rights and Choices

Depending on your location and applicable laws, you may have the right to:

  • Request access to the Personal Data we hold about you
  • Request corrections or updates to inaccurate information
  • Request deletion of your Personal Data
  • Opt out of specific data processing or communication preferences

To exercise any of these rights, please contact us using the details below.

9. Children’s Privacy

Cart Sync does not knowingly collect Personal Data from children under the age of 16. If you believe a child has provided us with Personal Data, please contact us and we will take appropriate action to remove the data.

10. International Data Transfers

As part of providing our services, Personal Data may be transferred to and processed in countries outside your jurisdiction. Where required, we implement appropriate safeguards such as contractual clauses or encryption to protect your information.

11. Changes to This Privacy Statement

We may update this Privacy Statement periodically. When we do, we revise the “Last updated” date above. Continued use of our services constitutes acceptance of the updated policy.

12. Contact Us

If you have questions or concerns regarding this Privacy Statement or our data practices, please contact us at:

privacy@cartsync.org
Cord Trading Group Pvt Ltd