PayloadAds

Legal

Privacy Policy

Effective date: 2026-06-29. Terms of Service.

Draft — pending final attorney review. The substance of this policy will not change in material ways: anonymous install id, bucketed signals, no prompts/code/paths, opt-in everything. A privacy attorney is reviewing language and jurisdiction-specific carve-outs before public launch. Email privacy@payloadads.com with questions or to exercise any of the rights in Section 7.

1. The short version

PayloadAds was built by developers for developers. We treat your privacy as table stakes, not as a feature. The CLI runs on your machine, generates an Ed25519 keypair locally (the private key never leaves the machine), and sends the smallest amount of information necessary to serve ads and pay you.

In one paragraph:

  • We send a random anonymous install id, the AI coding tool you're using, and bucketed signals (language, framework) — all opt-in toggleable.
  • We never send your prompts, your code, your file paths, your file contents, your hostname, your git remote, or your branch name.
  • You can disable any signal with payloadads optout <signal>, uninstall with payloadads uninstall, and request full deletion with one email.

2. What we collect

2.1 From your machine via the CLI

  • installId — a random 16-byte hex id generated at install time, stored in ~/.payloadads/config.json. Not tied to your email until you run payloadads login.
  • tool — which AI coding tool is rendering our status line (claude-code, codex, cursor, aider).
  • language — bucketed (e.g. python, javascript), inferred from files in the current directory (pyproject.toml, package.json, etc.). Never raw paths.
  • framework — bucketed (e.g. nextjs, django), inferred from dependency files.
  • intentoff by default. If you opt in, an on-device classifier produces a single tag (e.g. auth, payments) from your prompt. The prompt itself never leaves the machine; only the tag is sent.
  • impressions / clicks — ad id, timestamp, and signed receipt (Ed25519). Batched and shipped every 30 seconds.
  • audit responses — when our backend challenges a small random sample of impressions, the CLI re-displays the ad and returns a fresh signature confirming it ran in a real terminal.

2.2 From the website / dashboard

  • Your email address (only if you choose to claim earnings).
  • Standard request metadata (IP address, user-agent) retained for ≤30 days for abuse mitigation.
  • No third-party trackers, ad networks, or session replay tools.

2.3 From Stripe (publishers)

When you connect a Stripe Express account to receive payouts, Stripe collects identity verification information (name, address, date of birth, tax id, bank account) directly. PayloadAds does not receive or store this information — we only receive a Stripe account id and payout status. Stripe's privacy practices are governed by stripe.com/privacy.

2.4 From Stripe (advertisers)

When you fund a campaign, Stripe Checkout collects your payment method. PayloadAds receives a payment id and confirmation only — not the card number or full billing details.

3. What we never collect

The CLI does not send, log, or transmit:

  • The contents of any prompt you send to your AI coding tool.
  • Model responses or any other text the AI tool generates.
  • The contents of any file in your project.
  • Full file paths, the current working directory, or any sibling directory names.
  • Your hostname, git remote URL, branch name, or commit hash.
  • Environment variables, shell history, or process list.
  • Any keystrokes outside of the explicit click-tracking opt-in.

The CLI is open source. You can audit exactly what leaves your machine at github.com/payloadads/payloadads (see cli/src/lib/api.ts for the only file that talks to the network).

4. How we use what we collect

  • Serve ads — match the highest-eCPM eligible ad against your bucketed signals.
  • Pay you — credit verified impressions and clicks to your earnings balance; calculate weekly payouts.
  • Detect fraud — verify impression signatures, run random audits, identify scripted/automated traffic.
  • Improve the product — aggregate, anonymized usage trends (e.g. "Python publishers grew 12% MoM"). Never tied back to your install id externally.
  • Bill advertisers — sum verified delivery against pre-paid campaign budgets.

5. Who we share data with

We share data only with the following categories of recipients:

  • Stripe — payment processing (publishers + advertisers).
  • AWS — infrastructure provider (S3, CloudFront, Lambda, DynamoDB, SES). Data is encrypted at rest with KMS and in transit with TLS 1.2+.
  • Advertisers — aggregate delivery metrics only (impressions, clicks, eCPM by language/framework bucket). Never individual install ids, never PII.
  • Law enforcement — only when legally compelled by a valid subpoena, court order, or equivalent. We will challenge overbroad requests and notify affected users where the law permits.

We do not sell, rent, or otherwise commercialize personal data.

6. Retention

  • Install id + impressions/clicks: kept while your install is active. On deletion request, anonymized in impressions tables (id replaced with hash); audit logs retained for a maximum of 18 months for fraud-investigation purposes.
  • Email / Stripe account id: hard-deleted within 7 days of account deletion, subject to a 7-day grace period and any legal hold (e.g. ongoing fraud investigation).
  • Request metadata (IP / UA): 30 days.
  • Financial records: 7 years, as required by applicable tax law.

Full per-table behavior is documented in our account-deletion policy.

7. Your rights

Regardless of where you live, you can exercise the following rights by emailing privacy@payloadads.com from the address associated with your account:

  • Access — get a copy of the data we hold tied to your install or email.
  • Correction — fix inaccurate data.
  • Deletion — have your data deleted per Section 6.
  • Portability — receive your earnings and impression history in a machine-readable format (JSON or CSV).
  • Objection / restriction — limit how we process your data.
  • Withdraw consent — for any opt-in signal, at any time, via payloadads optout.

7.1 California residents (CCPA/CPRA)

You have the right to know what categories of personal information we collect and disclose, to request deletion, to correct inaccurate information, and to opt out of any "sale" or "sharing" of personal information. We do not sell or share personal information as those terms are defined under the CCPA. We will not discriminate against you for exercising any CCPA right.

7.2 EEA, UK, and Switzerland residents (GDPR/UK GDPR)

Our lawful bases for processing are: (a) performance of a contract for impression delivery and payouts; (b) legitimate interests for fraud detection and product improvement; and (c) consent for opt-in signals (intent classification, click tracking). You may lodge a complaint with your local data protection authority at any time, but we hope you'll email us first so we can fix the issue directly.

8. Security

  • All traffic is TLS 1.2+.
  • Data at rest is encrypted with AWS KMS-managed keys.
  • Ed25519 private keys are generated on your machine and stored at ~/.payloadads/key with mode 0600. They never leave your machine.
  • Backend access uses IAM role assumption, no long-lived credentials.
  • We do not store passwords; authentication is magic-link via email.

Report security issues to security@payloadads.com. We follow a coordinated disclosure process and will credit you publicly unless you ask otherwise.

9. Children

The Service is not directed to children under 18 and we do not knowingly collect data from anyone under that age. If you believe we have, email privacy@payloadads.com and we will delete promptly.

10. International data transfers

PayloadAds infrastructure runs in AWS us-east-1 (Northern Virginia). If you access the Service from outside the United States, your data will be transferred to and processed in the United States. Where required by EEA/UK law, we rely on the European Commission's Standard Contractual Clauses for such transfers.

11. Changes to this policy

We may update this policy from time to time. For material changes affecting how we use your data, we will provide at least 30 days' notice via email and the dashboard. Prior versions remain available on request.

12. Contact

Privacy questions, data requests, and complaints: privacy@payloadads.com.

Security reports: security@payloadads.com.

Postal address: To be filled when PayloadAds, Inc. is formally registered. Until then, please contact us by email.

Effective date: 2026-06-29. Previous versions available on request.