How do I get started?

Sign up for free, connect your Meta ad accounts, and share a live dashboard link with your clients. It takes less than 5 minutes.

Can I connect all my ad accounts?

For the MVP we currently only support Meta – that’s Facebook and Instagram. Over time we’ll add more platforms like Google, YouTube, and TikTok. For the MVP launch, Meta (Facebook and Instagram) is the only option.

Can my clients accidentally break something?

No. Client access is read-only via a dedicated link. They can only view the dashboard and can’t change any settings or data. If needed, we can regenerate the link at any time or pause it, so you stay in full control.

Can I add my agency’s branding (White Label)?

Yes. You can add your agency logo right away at no extra cost, and set your own brand colors. Your clients see your branding, not ours.

Privacy Policy

Last updated: February 2025

1. Data Controller

The data controller under GDPR is OneDash (KulturShift LLC). Address: KulturShift LLC, 30 N Gould St, STE R, Sheridan, WY 82801, USA. Contact hello@onedash.live.

2. Data We Collect

Account data: When registering and using your OneDash account (agency login), we collect via our provider Clerk your email address, name, and organization data. These data are required for contract performance and account management.
Usage data: We store which clients you create, which language you choose, and the magic links and metadata associated with your account. Ad data (Meta/Instagram Ads) are processed in our database (Supabase) on our behalf to populate the client dashboard.
Meta Ads connection (OAuth): To display metrics in the magic-link dashboard, you connect a Meta Ad account (Facebook/Instagram Ads) per client. The connection is made via Meta's OAuth service: you are redirected to Meta (Facebook) and authorize access there. We store the access tokens transmitted by Meta in encrypted form and use them solely to retrieve and display aggregated ad data (e.g. spend, reach, clicks).
Google Ads connection (OAuth): If you connect a Google Ads account per client, the connection is made via Google's OAuth service. You are redirected to Google and authorize access there. Access tokens are stored by us in encrypted form and used only to retrieve and display aggregated ad data.
Conversion API: Per client, a custom Conversion API URL can be provided through which you or your systems send us conversions, lead or revenue data (e.g. amount, currency, timestamp). We store these data in our database and display them in the client dashboard (e.g. for ROAS, funnel). Transmission is server-side via the URL we provide; personal data of end users are not sent to us.
AI Insights (xAI/Grok): For the "AI Insights" feature, only aggregated metrics (no personal data, no campaign names) are transmitted to xAI to generate short texts and next steps. See section 6 for details.
Payment data: Billing is handled by our payment provider. Card and payment data are not stored by us but processed exclusively by the payment provider. We receive customer ID, subscription status, and billing address (if provided).
Email communication: Sending of transactional emails (e.g. magic-link delivery, waitlist, demo requests) is handled via Resend. Email addresses and content are processed accordingly.
Analytics: We use PostHog to analyze application usage (e.g. page views, usage events) to improve the product. Collection can be limited in settings; personal data are minimized.

3. Purpose and Legal Basis

We process your data to provide the OneDash service (contract performance), for billing (contract, legal retention), to fulfill legal obligations, and on the basis of legitimate interests (operational security, product improvement). Use of Clerk, Supabase, the payment provider, Resend, PostHog, and xAI is governed by data processing agreements or contractual or legal necessity.

4. Retention Period

We retain personal data only as long as necessary for service provision, billing, and legal retention periods. After termination or deletion of the account, data are deleted or anonymized promptly, unless legal retention obligations apply.

5. Recipients and Third Parties

We use the following services (each with data processing agreements or in compliance with data protection requirements):

Clerk – Authentication and account management (USA; Standard Contractual Clauses)
Supabase – Database and storage (EU possible)
Meta (Facebook) – OAuth for Meta Ad account connection; you are redirected to Meta for authorization (provider’s privacy policy).
Google – OAuth for Google Ads account connection (if used); you are redirected to Google for authorization (provider’s privacy policy).
Payment provider (MoR) – Payment processing (EU; Standard Contractual Clauses)
Resend – Email delivery
PostHog – Analytics (EU possible)
xAI (Grok) – exclusively for AI Insights; only aggregated ad metrics are transmitted, no personal data (see section 6).

6. AI Insights (xAI/Grok)

For the "AI Insights" feature in the client dashboard, only aggregated ad metrics (e.g. spend, reach, clicks, conversions, revenue) per client and period are transmitted to xAI—no names, email addresses, or other personal data. The purpose is to generate short texts and concrete next steps. The response is stored in our database and displayed in the magic-link dashboard. As an agency, you should inform your clients in your own privacy policy about the use of AI for insights.

7. Cookies and Technology

We use technically necessary cookies and similar technologies for the operation of the application and authentication. We optionally use analytics (PostHog). You can configure your browser to restrict or reject cookies; some features may be limited as a result.

8. Your Rights

You have the right to access, rectification, deletion, restriction of processing, data portability, and to object to processing where the legal conditions are met. You may lodge a complaint with a supervisory authority (e.g. in your EU member state). For all requests please use hello@onedash.live.

9. Changes

We may update this privacy policy as needed (e.g. for new features or legal requirements). The current version is always available on this page; we will notify you appropriately of material changes.

← Back to home