Last updated: January 30, 2026

Privacy Policy

How we collect, use, and protect your personal information.

1

Introduction

Eurekana Sp. z o.o. ("Incade", "we", "us", or "our") operates the Incade platform, an ad spend decision engine that helps businesses optimize their advertising investments. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our services.

By accessing or using Incade, you agree to this Privacy Policy. If you do not agree, please discontinue use of our services immediately.

2

Information We Collect

2.1 Information You Provide

  • • Account information (name, email, company details)
  • • Payment information (processed securely by Stripe)
  • • Communication preferences and settings

2.2 Advertising Platform Data

When you connect your advertising accounts (Meta, Google Ads, TikTok, LinkedIn, Snapchat), we collect:

  • • Campaign performance metrics (spend, impressions, clicks, conversions)
  • • Account structure data (campaigns, ad sets, ads)
  • • Historical performance data for analysis

2.3 Revenue Data

When you connect revenue sources (Shopify, Stripe), we collect transaction and revenue data to calculate accurate ROAS and attribution.

2.4 Usage Data

  • • Log data (IP address, browser type, access times)
  • • Device information
  • • Analytics on feature usage and interactions
3

How We Use Your Information

We use collected information to:

  • • Provide and maintain our decision engine services
  • • Generate weekly recommendations and insights
  • • Process payments and manage subscriptions
  • • Send important service updates and alerts
  • • Improve our algorithms and platform features
  • • Comply with legal obligations
  • • Prevent fraud and ensure platform security
4

Data Sharing and Disclosure

We do not sell your personal information. We may share data with:

4.1 Service Providers

  • • Stripe (payment processing)
  • • Cloud infrastructure providers (data hosting)
  • • Email service providers (transactional emails)

4.2 Legal Requirements

We may disclose information when required by law, court order, or to protect our rights and safety.

4.3 Business Transfers

In case of merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity.

5

Data Security

We implement industry-standard security measures including:

  • • Encryption of data in transit (TLS/SSL) and at rest
  • • Regular security audits and vulnerability assessments
  • • Access controls and authentication requirements
  • • Secure data centers with physical security

However, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

6

Your Rights (GDPR)

Under GDPR and applicable data protection laws, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Restriction: Limit how we process your data
  • Portability: Receive your data in a portable format
  • Object: Object to processing based on legitimate interests
  • Withdraw Consent: Revoke consent for data processing

To exercise these rights, contact us at our contact page.

7

Data Retention

We retain your data for as long as your account is active or as needed to provide services. After account deletion, we retain certain data for legal compliance (typically 7 years for financial records) and then securely delete it. You can request early deletion by contacting support.

8

International Data Transfers

Your data may be transferred to and processed in countries outside your residence. We ensure adequate protection through Standard Contractual Clauses (SCCs) and other lawful transfer mechanisms approved by the European Commission.

9

Cookies and Tracking

We use cookies and similar technologies for:

  • • Essential functionality (authentication, security)
  • • Analytics (understanding usage patterns)
  • • Preferences (remembering your settings)

You can control cookies through your browser settings or via our Cookie Policy.

10

Children's Privacy

Incade is not intended for users under 18 years of age. We do not knowingly collect data from children.

11

Changes to This Policy

We may update this Privacy Policy periodically. We will notify you of significant changes via email or platform notification. Continued use after changes constitutes acceptance.

12

Job Applicant Data

When you apply for a position through our Careers page, we collect the following personal data:

  • • Name, email address, and phone number
  • • LinkedIn profile URL (if provided)
  • • Location (city and country)
  • • Years of experience
  • • Cover letter (if provided)
  • • Resume (PDF file)

12.1 Purpose

This data is collected and processed solely for recruitment purposes — to evaluate your application and communicate with you about the hiring process.

12.2 Retention

By default, your application data is retained for 12 months from the date of submission. If you explicitly consent, we may retain your data for up to 24 months to consider you for future opportunities. After the retention period, your data is automatically and permanently deleted.

12.3 Your Rights

You may request access to, correction of, or deletion of your applicant data at any time by contacting us. Upon receiving a valid deletion request, we will permanently remove all your personal data from our systems, including your resume file, and confirm the deletion. A record of the deletion event (without personal data) will be retained for legal compliance.

12.4 Data Controller

Your data is processed by Eurekana Sp. z o.o., Warsaw, Poland, acting as the data controller for recruitment purposes.

13

Contact Us

For privacy inquiries, data requests, or concerns, please Contact Privacy Team.

Privacy questions or data requests?

Our privacy team is here to help with any data requests, GDPR inquiries, or privacy concerns.

Contact Privacy Team