🇪🇺 GDPR Compliant — Based in Frankfurt, Germany

Privacy Policy for Facebook Authorization

Your privacy matters to us. This Privacy Policy explains how TREMO GmbH ("TREMO," "we," "us," or "our"), with registered office at Neue Mainzer Straße 75, 60311 Frankfurt am Main, Germany, collects, uses, and protects your personal information when you authorize TREMO to connect to your Facebook Ads accounts. We are committed to transparency and handling your data responsibly in full compliance with the EU General Data Protection Regulation (GDPR) and the German Federal Data Protection Act (BDSG).

        🔐 Our Promise: We will never post on your behalf, modify your campaigns, or share your personal information with third parties. Your data is used exclusively to provide unified analytics between Facebook Ads and your CRM.
      

1. What Information Do We Collect During Authorization?

When you connect your Facebook account to TREMO, you grant us permission to access specific data from your Facebook Business assets. We only request the minimum permissions necessary to provide our service. Here's what we access and why:

Facebook Permissions We Request

ads_read

ads_management

read_insights

business_management

public_profile

pages_show_list

pages_read_engagement

ads_read & ads_management (read-only): Allows TREMO to view your ad accounts, campaigns, ad sets, and ads. We use this to display performance metrics, spend data, and audience insights. We never create, edit, or delete ads — this is read-only access.

read_insights: Provides access to detailed analytics including impressions, clicks, conversions, and cost data. This is essential for calculating ROI and matching ad performance with CRM sales data.

business_management: If you manage multiple ad accounts through Facebook Business Manager, this permission allows us to list and access all ad accounts associated with your business. You can choose which specific accounts to connect.

public_profile & pages_show_list: Used to verify your identity and display your business name within the TREMO dashboard. We do not access personal profile information beyond your name and email.

pages_read_engagement: Optional permission used if you want to track engagement metrics from your Facebook Pages. This helps correlate organic and paid performance.

2. How Do We Use Your Data?

We use the information collected from Facebook exclusively to:

Provide Unified Analytics: Combine Facebook Ads spend and performance data with your CRM sales data to give you a complete view of marketing ROI.
Generate Reports: Create custom dashboards showing campaign performance, cost per lead, conversion rates, and revenue attribution.
Improve Your Experience: Analyze aggregated usage patterns to enhance our platform features and user interface.
Customer Support: Troubleshoot issues related to data synchronization and account connectivity.

        📊 What We DON'T Do:
        ❌ Never post content to your Facebook Page or profile
❌ Never modify, create, or delete your ad campaigns
❌ Never share your data with third parties for advertising
❌ Never sell your personal information
❌ Never access your private messages or friend list

      

3. Data Storage & Security

Your Facebook Ads data is stored on secure servers located in Frankfurt, Germany (EU). We implement industry-standard security measures:

Encryption: All data is encrypted in transit (TLS 1.3) and at rest (AES-256).
Access Controls: Only authorized TREMO employees can access your data, and only for support or maintenance purposes.
OAuth 2.0: We use secure OAuth 2.0 authentication — we never see or store your Facebook password.
Regular Audits: Our security practices are reviewed regularly to ensure compliance with GDPR and industry standards.

4. How Long Do We Keep Your Data?

We retain your Facebook Ads data for as long as your TREMO account is active. If you disconnect your Facebook account or delete your TREMO account:

We immediately stop collecting new data from Facebook.
Your existing data is deleted within 30 days, unless legal obligations require longer retention.
You can request immediate deletion by contacting [email protected].

You can also revoke TREMO's access at any time directly from your Facebook Settings → Business Integrations.

5. Sharing Your Information

We never sell, rent, or trade your personal information. We only share data in limited circumstances:

With Your CRM: To match Facebook Ads data with sales data, we process information within your connected CRM system according to your settings.
Service Providers: Trusted third parties that help us operate (hosting, analytics) are bound by strict confidentiality agreements and may only process data for purposes specified by TREMO.
Legal Compliance: If required by law, court order, or to protect our rights, we may disclose information (e.g., to respond to a GDPR request).

6. Your Rights Under GDPR

As a company based in Germany, we fully comply with the GDPR. You have the following rights:

Right to Access: Request a copy of all personal data we hold about you.
Right to Rectification: Correct any inaccurate or incomplete information.
Right to Erasure ("Right to be Forgotten"): Request deletion of your data.
Right to Restrict Processing: Limit how we use your data.
Right to Data Portability: Receive your data in a structured format.
Right to Object: Object to processing based on legitimate interests.
Right to Withdraw Consent: Revoke Facebook authorization at any time.

To exercise these rights, email us at [email protected]. We will respond within 30 days. You also have the right to lodge a complaint with the Hessian Commissioner for Data Protection and Freedom of Information in Germany.

7. Revoking Access

You can disconnect TREMO from your Facebook account at any time:

Via TREMO Dashboard: Go to Settings → Connected Accounts → Disconnect Facebook.
Via Facebook: Go to Settings & Privacy → Settings → Business Integrations → Remove TREMO.

Once disconnected, we will stop collecting data and delete existing Facebook data within 30 days.

8. Children's Privacy

Our services are not intended for individuals under the age of 16. We do not knowingly collect personal information from children. If we become aware that a child has provided us with personal data, we will delete it immediately.

9. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be notified via email or a prominent notice on our website. The "Last updated" date will always be displayed at the top of this page.

10. Contact Us

If you have any questions about this Privacy Policy, our data practices, or wish to exercise your rights:

Email (Privacy): [email protected]
Email (Support): [email protected]
Data Protection Officer: [email protected]
Mail: TREMO GmbH, Neue Mainzer Straße 75, 60311 Frankfurt am Main, Germany
Phone: +49 69 1234 5678

        📌 Summary: TREMO requests only the Facebook permissions needed to show you ad analytics and connect them with your CRM. We operate with read-only access, never post on your behalf, and fully comply with GDPR. Your data is stored securely in Frankfurt, Germany. You have full control and can revoke access anytime.
      

By authorizing TREMO to connect to your Facebook account, you acknowledge that you have read and understood this Privacy Policy and agree to the collection and use of your information as described herein.