Privacy Policy

Margentr is operated as a sole proprietorship registered in Indonesia. The data controller responsible for processing your personal data under this Policy is the operator of Margentr, reachable at the contact address in Section 12.

We collect the following categories of data when you use the Service:

• Account data you provide directly: email address, username, password (hashed), country of residence (Indonesia or Malaysia), preferred display language.
• Authentication data: session tokens (HTTP-only cookies) used to keep you signed in.
• Billing data: subscription tier, trial status, payment timestamps and amounts. Card numbers and payment instruments are NEVER stored on Margentr servers — these are handled exclusively by our payment processor Midtrans.
• Shopee Affiliate data you upload: commission reports, click reports, conversion records, and the Sub IDs / Tag Links you have used. This data is uploaded by you in CSV form or sourced from files you provide.
• Meta Ads data fetched via the Meta Marketing API (only after you explicitly grant OAuth authorization): ad account list, campaign names and IDs, ad set names and IDs, ad names and IDs, daily spend / clicks / impressions / reach insights, budget configuration.
• Operational logs: HTTP request logs, audit trail of key actions (login, payment, data import, account changes), and error traces.

When you connect a Facebook account via "Connect Meta", Margentr requests two OAuth permissions:

• `ads_read` — required to read aggregate advertising metrics (spend, clicks, impressions, reach, frequency, CPC, CPM) for each ad in the ad accounts you have access to. Used to calculate ROI alongside your Shopee commission data.
• `business_management` — required to enumerate the ad accounts your Facebook user has access to under your Business Manager. Used during the initial connection flow so you can select which ad accounts to sync.
• We do NOT request `pages_*`, `publish_*`, `email`, `user_*`, or any other permission. We never post to Facebook, never read your messages, never read your friends list, and never access content unrelated to your advertising data.
• Your Meta long-lived access token is encrypted at rest using AES-256-GCM with versioned encryption keys before being written to our database.
• You can revoke Margentr's access at any time from your Facebook Settings > Apps and Websites, OR from within Margentr at Settings > Meta Connection > Disconnect. Disconnect immediately stops all sync and prevents any further API calls.

We process the data listed above ONLY for the following purposes:

• Display dashboards, reports, and analytics so you can evaluate the profitability of your Shopee affiliate marketing combined with your Meta Ads spend.
• Provide authenticated access to your private workspace.
• Process subscription payments via Midtrans and email payment receipts.
• Respond to support requests and incident reports.
• Improve the Service through aggregated, de-identified usage analytics.
• Comply with applicable Indonesian / Malaysian law and lawful requests from authorities.

All data is stored in a single PostgreSQL database hosted on a Hostinger virtual private server located in Kuala Lumpur, Malaysia. Daily encrypted backups are taken and stored on Cloudflare R2 object storage.

Security measures include: AES-256-GCM encryption for OAuth tokens at rest, bcrypt password hashing, HTTPS-only transport, HTTP-only session cookies, server-side per-owner data isolation enforced at the query layer, and a read-only Postgres role used for any operator browsing of production data.

We DO NOT sell, rent, or otherwise share your personal data with third parties for marketing purposes.

We share data only with the following processors, each strictly limited to the data necessary to perform their function:

• Hostinger (Malaysia) — hosting infrastructure for the application server and database.
• Cloudflare (United States) — DNS, CDN edge, DDoS protection, encrypted backup storage (R2).
• Midtrans (Indonesia) — payment processing. We share only the data necessary to charge your subscription (email, amount, currency, internal subscription ID). We never share Shopee or Meta data with Midtrans.
• Meta Platforms (United States / Ireland) — when you connect via OAuth, your authentication and ad data flows from Meta's servers to ours. We do not send your data BACK to Meta beyond the standard token-refresh flow.

We retain your data for as long as your account is active. When you delete your account or request data deletion (see Section 9), all your data is removed from our primary database within 30 days. Encrypted backups containing your data continue to exist in our backup rotation for up to 90 days, after which they are overwritten in the normal cycle.

Subject to applicable data protection law (UU PDP in Indonesia; PDPA in Malaysia), you have the right to:

• Access — request a copy of the personal data we hold about you.
• Rectification — correct inaccurate or incomplete data.
• Erasure — request deletion of your data (see Section 9 for procedure).
• Restriction — limit how we process your data while a dispute is resolved.
• Withdraw consent — disconnect Meta OAuth, opt out of email digests, or cancel your subscription at any time.
• Lodge a complaint — contact the relevant data protection authority in your country if you believe your rights have been violated.

Two paths are available:

• Self-service — sign in to Margentr, navigate to Settings → Account, and use the "Delete Account" control. This triggers a cascading deletion of all your data across our systems.
• By email — send a request to admin@margentr.com with the subject "Data Deletion Request" and the email address registered with your account. We will confirm receipt within 5 business days and complete deletion within 30 days.
• For full procedure see our Data Deletion page at https://margentr.com/data-deletion.

We use only first-party cookies that are essential for the Service to function:

• Session cookie (HTTP-only) — keeps you signed in.
• CSRF protection cookie — prevents cross-site request forgery on form submissions.
• Locale preference cookie — remembers your language choice (Indonesian / English).
• Scope cookies — remember which Shopee account / Meta ad account you have selected as the active view inside the app.

The Service is not directed at children under 17. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us so we can delete it.

For privacy questions, data access requests, or to report a concern, contact us at admin@margentr.com. We aim to respond within 5 business days.

We may update this Policy from time to time. The Effective Date and Last Updated dates above always reflect the current version. Material changes (e.g., new categories of data collected, new processors, changes to retention) will be announced via in-app notification or email at least 14 days before they take effect.