Privacy Policy

Google Ads Management Platform (GAMP) & GAMP Autofix Chrome Extension — Last updated: May 2025 — Operated by FRST Media

1. Overview

GAMP (Google Ads Management Platform) is an internal web application and Chrome browser extension built and operated exclusively for FRST Media staff. It provides bulk management of Google Ads accounts via the Google Ads API, covering Responsive Search Ads (RSA), Responsive Display Ads (RDA), display banners, image assets, automation rules, and cross-account health monitoring.

This policy covers both the GAMP web application at gamp.duy.nl and the GAMP Autofix Chrome extension.

2. Who this applies to

GAMP is a private, internal tool. Access is restricted to authenticated FRST Media employees. The Chrome extension is distributed privately and is not publicly listed on the Chrome Web Store. No data from end users of FRST Media's advertising clients is processed.

3. Data we collect and store

3a. User account data (web app)

When you log in via Google OAuth 2.0, GAMP stores the following in its internal database, associated with your session:

Google account email address
Display name
Profile picture URL
Google OAuth refresh token (used to maintain API access)

This data is used solely to authenticate you and to make Google Ads API calls on your behalf.

3b. Google Ads account configuration

GAMP stores per-account configuration that you provide:

Google Ads customer IDs linked to your user account
Google Ads UI deep-link parameters (ocid, __u, __c) — used to generate direct links into the Google Ads interface

3c. Google Ads data (fetched from the API, not permanently stored)

When you scan an account, GAMP fetches the following data from the Google Ads API and holds it in memory for your session only:

Responsive Search Ads (RSA): ad names, headlines, descriptions, approval status, policy topics
Responsive Display Ads (RDA): ad names, image asset resource names, approval status, policy topics, usage statistics
Display banners (IMAGE_AD, HTML5_UPLOAD_AD): ad names, image URLs, dimensions, approval status, policy topics
Image assets: asset names, URLs, dimensions, approval status, policy topics, RDA usage counts
Campaign and ad group names, IDs, and statuses

This data is not written to the database. It is loaded per scan and discarded when you navigate away or reload.

3d. Change history

When you post changes to Google Ads (e.g. remove a banner, update RSA headlines, delete an RDA), a log entry is written to the internal database recording: the type of action, affected ad/asset names, account ID, timestamp, and the user who performed it. This is used for auditing purposes only.

4. How data is used

Data	Purpose
Google OAuth credentials	Authenticate API calls to Google Ads on your behalf
Email / name / picture	Display your identity in the UI; associate history log entries with a user
Ad / asset data from Google Ads API	Display flagged content in the GAMP UI for review and bulk management
Deep-link parameters (ocid, __u, __c)	Generate clickable links from GAMP directly into the Google Ads editor
Change history log	Audit trail of which changes were made, by whom, and when
Automation rules & pipelines	Stored rule definitions used to auto-flag or act on ads meeting certain criteria

5. GAMP Autofix Chrome Extension

The GAMP Autofix extension bridges the GAMP web app with the Google Ads browser UI. It operates as follows:

On ads.google.com: reads the page DOM to locate ad asset sections and clicks UI controls (e.g. "Remove assets with issues") to automate actions that are not available via the public Google Ads API. No page content is stored or transmitted.
On gamp.duy.nl: reads a list of selected flagged RDA IDs written to localStorage by the GAMP web app. This stays within the browser and is never sent to a third party.
chrome.storage.local: used to persist the list of RDA IDs selected for auto-fix between page navigations within a session.

The extension does not collect, transmit, or share any data with third parties. It does not track browsing activity outside ads.google.com and gamp.duy.nl.

6. Data sharing

GAMP does not sell, rent, or share any data with third parties. The only external service GAMP communicates with is the Google Ads API (googleapis.com), which is required to read and update your ad account data. This communication is governed by Google's own privacy policy and terms of service.

7. Data retention

Session-scanned ad data: held in browser memory only, not persisted.
User profile & OAuth tokens: retained for as long as the user account is active. Deleted upon request.
Change history logs: retained indefinitely for auditing. Can be deleted upon request.
Account configuration (ocid / deep-link params): retained until the user resets them via the UI or requests deletion.

8. Security

GAMP is served over HTTPS. OAuth tokens are stored server-side and are never exposed to the browser. Access to the application requires Google OAuth authentication. The server is hosted on a private VPS with restricted SSH access.

9. Your rights

As a FRST Media employee using this internal tool, you can request deletion of your stored user data (profile, tokens, account configuration, history) at any time by contacting the administrator.

10. Contact

For questions or data deletion requests, contact: xdn3000@gmail.com