izeme

Legal

Privacy Policy

How Izeme collects, uses and protects personal data.

Last updated:

1

Data controller

Legal name
IZEME Platform, S.L.
Trade name
Izeme
Tax ID (CIF)
B88969076
Registered office
Alcalá de Henares, Madrid, España
Website
https://www.izeme.io
2

Purpose of processing

Izeme processes personal data for the following purposes, always linked to providing and improving its services:

  • Manage contact forms and commercial inquiries.
  • Handle support requests and incidents.
  • Operate automation workflows and platform processes.
  • Manage user accounts and service access.
  • Improve performance, usability and platform evolution.
  • Analytics, metrics and usage measurement.
  • Send communications related to the contracted or requested service.
  • Manage authorized OAuth integrations: Google Ads API, Meta Marketing API, TikTok Marketing API and Google Calendar API.
3

Categories of data

Depending on use of the website and platform, Izeme may collect:

  • Name and surname.
  • Email address.
  • Phone number.
  • Real estate agency or organization name.
  • Information submitted through forms.
  • Technical navigation and usage data.
  • Cookies and similar technologies.
  • IP address and device/browser data.
  • OAuth integration data: Google Ads, Meta Ads, TikTok Ads and Google Calendar (as connected by the user).
5

Retention

Personal data is retained for as long as necessary to fulfill the purpose for which it was collected, manage the user relationship and meet applicable legal obligations.

Once those purposes and obligations are fulfilled, data is securely deleted or anonymized, unless it must remain blocked by legal requirement. See also the «Data deletion and retention» section.

6

Recipients and processors

Izeme may use technology and operational providers acting as processors or service providers necessary to operate the platform, including:

  • Hosting and secure cloud infrastructure.
  • Automation and workflow orchestration tools.
  • CRM and commercial management systems.
  • Analytics and measurement platforms.
  • Messaging and communications services.
  • Lead capture and form tools.
  • Email and notification providers.

These providers process data under Izeme's instructions and apply appropriate security and confidentiality measures.

8

Integration with Meta Marketing API

Data controller for this integration: IZEME Platform, S.L. (admin@izeme.io). Izeme allows connecting Meta advertising accounts (Facebook and Instagram Ads) via OAuth so agencies manage campaigns from one dashboard.

Processing purposes:

  • Manage campaigns, ad sets and creatives on Meta.
  • View performance metrics (reach, clicks, leads, cost).
  • Unify advertising analytics with other capture channels.

Access method: OAuth 2.0 — the user signs in and authorizes permissions on Meta.

Read operations (within granted permissions):

  • Ad account identifiers, campaigns and ad sets.
  • Status, budgets, dates and campaign settings.
  • Aggregated performance metrics and insights.

Write operations (only when the user authorizes the relevant OAuth scopes):

  • Create or modify campaigns and ad sets (depending on permissions).
  • Adjust budgets and statuses when authorized on Meta.

Categories of data processed (examples):

  • Ad account IDs, campaign data and aggregated metrics.

Legal basis: contract performance and the user's explicit consent through the provider OAuth flow. Retention: while the integration remains active and for applicable legal periods. Sharing: data is not sold; only necessary technical subprocessors (hosting, databases, secure cloud infrastructure) under contract.

Revoking access: Disconnect in app.izeme.io → Integrations, or revoke the app in Meta Business Settings.

Additional technical documentation: Product · Integrations.

9

Integration with TikTok Marketing API

Data controller for this integration: IZEME Platform, S.L. (admin@izeme.io). Izeme integrates TikTok Ads via OAuth so users manage TikTok campaigns from the platform.

Processing purposes:

  • Manage TikTok Ads campaigns and creatives.
  • View performance and cost metrics.
  • Coordinate multi-channel capture (Google, Meta, TikTok) from Izeme.

Access method: OAuth 2.0 — authorization on TikTok for Business.

Read operations (within granted permissions):

  • Advertiser accounts, campaigns, ad groups and metrics.

Write operations (only when the user authorizes the relevant OAuth scopes):

  • Modify campaigns and budgets per granted scopes.

Categories of data processed (examples):

  • Advertiser and campaign identifiers, aggregated metrics.

Legal basis: contract performance and the user's explicit consent through the provider OAuth flow. Retention: while the integration remains active and for applicable legal periods. Sharing: data is not sold; only necessary technical subprocessors (hosting, databases, secure cloud infrastructure) under contract.

Revoking access: Disconnect in app.izeme.io or revoke access in TikTok for Business.

Additional technical documentation: Product · Integrations.

10

Integration with Google Calendar API

Data controller for this integration: IZEME Platform, S.L. (admin@izeme.io). Izeme may sync the user's Google Calendar to schedule commercial visits and check availability after explicit OAuth authorization.

Processing purposes:

  • Schedule visits and avoid appointment conflicts.
  • Show commercial availability in the CRM.

Access method: OAuth 2.0 — calendar permissions on Google.

Read operations (within granted permissions):

  • Events, availability and calendar metadata within granted scopes.

Write operations (only when the user authorizes the relevant OAuth scopes):

  • Create or update events authorized by the user.

Categories of data processed (examples):

  • Event titles, times and availability — no email or other Google services.

Legal basis: contract performance and the user's explicit consent through the provider OAuth flow. Retention: while the integration remains active and for applicable legal periods. Sharing: data is not sold; only necessary technical subprocessors (hosting, databases, secure cloud infrastructure) under contract.

Revoking access: Disconnect in app.izeme.io or revoke access from the Google account.

Additional technical documentation: Product · Integrations.

11

Compliance and responsible API usage

Izeme accesses third-party data only when a user voluntarily connects an integration and approves the provider's OAuth permissions (Google, Meta, TikTok or other authorized providers).

  • APIs and OAuth permissions are used exclusively to deliver the platform features requested by the user (advertising management, analytics, commercial calendar and service-related automations).
  • Izeme does not use data obtained through these integrations for purposes unrelated to the contracted service.
  • Integrations operate under permissions granted by the user at each provider; Izeme cannot access data outside the authorized OAuth scopes.
  • Users retain ownership and control of their advertising accounts (Google Ads, Meta, TikTok) and Google calendars; Izeme acts as an authorized management tool, not the account owner.

This policy supports compliance reviews for Google OAuth, Google Ads API, Meta Marketing API, TikTok Developer and other legitimate provider integrations.

12

Google user data and limited use

Izeme's use of information received from Google APIs complies with the Google API Services User Data Policy, including the Limited Use requirements.

Izeme expressly confirms that it does NOT engage in the following activities with Google user data obtained through Google APIs (including Google Ads API and Google Calendar API):

  • Sell Google user data to third parties.
  • Use Google user data for personalized advertising or remarketing unrelated to providing the Izeme service to the user who authorized the integration.
  • Use Google user data to train general-purpose artificial intelligence or machine learning models.
  • Use Google user data for data brokerage.
  • Transfer Google user data to third parties for advertising purposes unrelated to the functionality requested by the user in Izeme.

Google data is limited to the purposes described in the integration sections of this policy, protected with appropriate security measures, and shared only with technical subprocessors strictly necessary to operate the platform, under contractual confidentiality and data protection obligations.

13

Data deletion and retention

Users may request deletion of their personal data or account closure by contacting Izeme at admin@izeme.io, subject to applicable legal retention obligations.

  • When an OAuth integration is disconnected in app.izeme.io, Izeme revokes and deletes the associated access and refresh tokens from our systems, to the extent technically permitted by the provider.
  • Data synchronized from external providers is deleted or anonymized when no longer required for the service purpose, except where legal blocking applies.
  • After service termination, Izeme applies proportionate retention periods and secure deletion or anonymization procedures.

To revoke permissions without deleting an Izeme account, users may use provider controls (e.g. Google → Security → Third-party access) or disconnect the integration within the application.

14

Your rights

Under applicable law (including GDPR where relevant), you may exercise the following rights:

  • Access to your personal data.
  • Rectification of inaccurate or incomplete data.
  • Erasure where applicable.
  • Objection to processing where legally provided.
  • Restriction of processing.
  • Data portability where applicable.
  • Withdrawal of consent, without retroactive effect.

To exercise these rights, contact Izeme at: admin@izeme.io

15

Security

Izeme implements technical and organizational measures designed to protect personal information and integration tokens against unauthorized access, loss, alteration or improper disclosure, proportionate to risk and data sensitivity.

  • Encrypted communications via HTTPS/TLS between browsers, applications and Izeme services.
  • OAuth 2.0 authentication for integrations, with explicit user consent on the provider screen.
  • Encrypted storage of OAuth access and refresh tokens where infrastructure permits, with rotation and revocation upon disconnection.
  • Role-based access controls and least-privilege principles for authorized personnel and internal systems.
  • Secure cloud infrastructure, backups and operational monitoring of production environments.
  • Revocable third-party integrations at any time from Izeme or the provider's security settings.

These measures are reviewed periodically as the platform and API provider requirements evolve. For additional operational detail, see our Security page.

16

Cookies

This website may use first-party and third-party cookies to ensure service operation, remember preferences, measure performance and improve browsing experience.

You may manage or reject certain cookies via the consent panel or your browser settings. For details, see our Cookie Policy.

17

Changes

Izeme may update this Privacy Policy to reflect legal changes, API provider requirements or platform developments.

Material changes will be communicated by reasonable means and the last updated date on this page will be revised accordingly.

18

Contact

For privacy, OAuth integrations, data deletion or compliance inquiries: admin@izeme.io