Privacy Policy
Last Updated: January 23, 2026
1. Introduction
This Privacy Policy describes how LCLA Media Pty Ltd (trading as Automa Solutions) handles information when you use our Meta Ads Management MCP (Model Context Protocol) Server. Our registered business address is 2 Bowra Cl, Bangor, NSW, Australia.
Automa Solutions provides an MCP server that acts as an intermediary bridge between AI clients (such as Claude, ChatGPT, or other LLM applications) and the Meta Marketing API. We enable users to manage their Meta advertising campaigns through natural language commands.
Key Principle: We do not store, retain, or process any of your Meta advertising data. All data flows directly between Meta's servers and your AI client in real-time.
2. Information We Access (But Do Not Store)
When you authenticate with Meta through our MCP server, we facilitate access to the following types of data from your Meta advertising account:
Campaign Information: Campaign names, IDs, statuses, objectives, and structures
Ad Set Data: Targeting parameters, budgets, schedules, optimization goals, bid strategies
Ad Creative Content: Ad text, images, videos, headlines, descriptions, call-to-action buttons
Performance Metrics: Impressions, clicks, reach, spend, conversions, cost-per-result, return on ad spend
Account Settings: Ad account identifiers, currency settings, time zones, payment information visibility
Audience Information: Targeting configurations, custom audience names (not individual user data)
Important: This data is retrieved on-demand and passed directly to your AI client. We function purely as a conduit—no advertising data is stored on our servers, logged, or retained after the request completes.
3. How Your Data Flows Through Our Service
3.1 Real-Time Bridge Architecture
When you issue a command through your AI client (e.g., "What is my most profitable ad?"), the following occurs:
Your AI client sends the request to our MCP server
Our server authenticates with Meta using your access token
We make the necessary API call to Meta Marketing API
Meta returns the requested data directly to our server
We immediately forward this data to your AI client
No data is stored, logged, or retained at any point in this process
3.2 User Confirmation Requirements
All actions that modify your Meta advertising campaigns (creating campaigns, editing budgets, pausing ads, etc.) require explicit user confirmation through your AI client interface. You maintain complete control over all changes before they are executed.
4. Meta Permissions We Use
Our MCP server requires the following Meta API permissions to function:
ads_management: Enables creation, editing, and management of advertising campaigns, ad sets, and ads on your behalf
ads_read: Enables retrieval of campaign performance data, insights, creative content, and account configurations
business_management: (If applicable) Enables access to Business Manager features for multi-account management
These permissions are granted when you authenticate with Meta through our service and can be revoked at any time through your Meta Business settings.
5. Information We Do Store
While we do not store any Meta advertising data, we do maintain minimal technical information necessary for service operation:
Authentication Tokens: Your Meta OAuth access tokens and refresh tokens are stored securely to maintain your authenticated session
Connection Logs: Basic system logs recording connection attempts, authentication events, and API request counts (no advertising data is included in these logs)
Error Logs: Technical error information to diagnose service issues (stripped of any advertising data or personal information)
This technical information is retained for 90 days and is used solely for service operation, security monitoring, and technical support.
6. Third-Party Services
6.1 Meta Platforms
Our service connects directly to Meta's Marketing API. All advertising data remains subject to Meta's own privacy policies and data handling practices. We recommend reviewing Meta's Platform Terms and Data Policy.
6.2 Apify Services
We use Apify services to retrieve publicly available social media statistics (Instagram followers, likes, views, etc.) for certain features. Important: None of your Meta advertising data accessed through our MCP server is sent to or processed by Apify. These are completely separate data flows.
6.3 No Other Data Sharing
We do not sell, rent, trade, or otherwise share your Meta advertising data with any third parties. We do not use your advertising data for any purpose beyond facilitating your real-time commands through the MCP server.
7. Data Security
Although we do not store your advertising data, we implement security measures to protect your authentication credentials and service integrity:
Encryption in Transit: All data transmitted between your AI client, our servers, and Meta's API uses HTTPS/TLS encryption
Secure Token Storage: Authentication tokens are encrypted at rest using industry-standard encryption
Access Controls: Limited personnel access to server infrastructure with audit logging
Regular Security Audits: Ongoing monitoring and security assessments of our systems
8. Data Retention and Deletion
8.1 Advertising Data Retention
We do not retain any Meta advertising data. All campaign information, performance metrics, and creative content flows through our servers in real-time without storage or logging.
8.2 Technical Data Retention
Authentication Tokens: Retained until you revoke access or for 90 days of inactivity, whichever comes first
Connection and Error Logs: Automatically deleted after 90 days
8.3 Account Deletion
To disconnect your Meta account and delete associated authentication tokens:
Email liam@automa.solutions with the subject "Account Deletion Request"
Include your Meta Business Account ID or the email address associated with your Meta account
We will process your request within 48 hours and confirm deletion via email
Alternatively, you can revoke our app's access directly through your Meta Business settings, which will immediately prevent our server from accessing your advertising data.
9. Your Rights and Choices
You have the following rights regarding your information:
Access and Transparency: Since we don't store advertising data, there is no stored data to access. Authentication tokens can be confirmed as active or inactive upon request.
Revoke Access: You can revoke our app's Meta permissions at any time through Meta Business settings
Data Deletion: Request deletion of authentication tokens and technical logs as described in Section 8.3
Data Portability: Since we don't store advertising data, data portability does not apply. All advertising data remains with Meta and can be exported directly from Meta's platform
10. Children's Privacy
Our service is not directed at individuals under the age of 18. We do not knowingly collect information from children. If you believe a child has used our service, please contact us immediately.
11. International Data Transfers
Our service operates from Australia. When you use our MCP server, your authentication credentials may be processed on servers located in Australia. Meta advertising data flows directly between Meta's servers and your AI client—we do not intermediate or store this data in any geographic location.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this policy indicates when it was last revised. Continued use of our service after changes constitutes acceptance of the updated policy.
13. Compliance with Meta Policies
Our service complies with:
Meta Platform Terms of Service
Meta Developer Policies and Terms
Meta Advertising Policies
Meta Data Use Policy
We do not use Meta advertising data for any purposes beyond facilitating your direct commands through the MCP server interface.
14. Legal Disclosures
We may disclose information if required by law, court order, or government regulation, or if necessary to protect our rights, property, or safety, or the rights of others. Given that we do not store advertising data, such disclosures would be limited to authentication logs and technical operational data.
15. Contact Information
Data Controller: LCLA Media Pty Ltd (trading as Automa Solutions)
Privacy Contact: liam@automa.solutions
Support Contact: liam@automa.solutions
Website: automa.solutions
For questions about this Privacy Policy, data handling practices, or to exercise your rights, please contact us at the email address above. We will respond to all inquiries within 7 business days.
© 2026 LCLA Media Pty Ltd. All rights reserved.
Privacy Policy
Last Updated: January 23, 2026
1. Introduction
This Privacy Policy describes how LCLA Media Pty Ltd (trading as Automa Solutions) handles information when you use our Meta Ads Management MCP (Model Context Protocol) Server. Our registered business address is 2 Bowra Cl, Bangor, NSW, Australia.
Automa Solutions provides an MCP server that acts as an intermediary bridge between AI clients (such as Claude, ChatGPT, or other LLM applications) and the Meta Marketing API. We enable users to manage their Meta advertising campaigns through natural language commands.
Key Principle: We do not store, retain, or process any of your Meta advertising data. All data flows directly between Meta's servers and your AI client in real-time.
2. Information We Access (But Do Not Store)
When you authenticate with Meta through our MCP server, we facilitate access to the following types of data from your Meta advertising account:
Campaign Information: Campaign names, IDs, statuses, objectives, and structures
Ad Set Data: Targeting parameters, budgets, schedules, optimization goals, bid strategies
Ad Creative Content: Ad text, images, videos, headlines, descriptions, call-to-action buttons
Performance Metrics: Impressions, clicks, reach, spend, conversions, cost-per-result, return on ad spend
Account Settings: Ad account identifiers, currency settings, time zones, payment information visibility
Audience Information: Targeting configurations, custom audience names (not individual user data)
Important: This data is retrieved on-demand and passed directly to your AI client. We function purely as a conduit—no advertising data is stored on our servers, logged, or retained after the request completes.
3. How Your Data Flows Through Our Service
3.1 Real-Time Bridge Architecture
When you issue a command through your AI client (e.g., "What is my most profitable ad?"), the following occurs:
Your AI client sends the request to our MCP server
Our server authenticates with Meta using your access token
We make the necessary API call to Meta Marketing API
Meta returns the requested data directly to our server
We immediately forward this data to your AI client
No data is stored, logged, or retained at any point in this process
3.2 User Confirmation Requirements
All actions that modify your Meta advertising campaigns (creating campaigns, editing budgets, pausing ads, etc.) require explicit user confirmation through your AI client interface. You maintain complete control over all changes before they are executed.
4. Meta Permissions We Use
Our MCP server requires the following Meta API permissions to function:
ads_management: Enables creation, editing, and management of advertising campaigns, ad sets, and ads on your behalf
ads_read: Enables retrieval of campaign performance data, insights, creative content, and account configurations
business_management: (If applicable) Enables access to Business Manager features for multi-account management
These permissions are granted when you authenticate with Meta through our service and can be revoked at any time through your Meta Business settings.
5. Information We Do Store
While we do not store any Meta advertising data, we do maintain minimal technical information necessary for service operation:
Authentication Tokens: Your Meta OAuth access tokens and refresh tokens are stored securely to maintain your authenticated session
Connection Logs: Basic system logs recording connection attempts, authentication events, and API request counts (no advertising data is included in these logs)
Error Logs: Technical error information to diagnose service issues (stripped of any advertising data or personal information)
This technical information is retained for 90 days and is used solely for service operation, security monitoring, and technical support.
6. Third-Party Services
6.1 Meta Platforms
Our service connects directly to Meta's Marketing API. All advertising data remains subject to Meta's own privacy policies and data handling practices. We recommend reviewing Meta's Platform Terms and Data Policy.
6.2 Apify Services
We use Apify services to retrieve publicly available social media statistics (Instagram followers, likes, views, etc.) for certain features. Important: None of your Meta advertising data accessed through our MCP server is sent to or processed by Apify. These are completely separate data flows.
6.3 No Other Data Sharing
We do not sell, rent, trade, or otherwise share your Meta advertising data with any third parties. We do not use your advertising data for any purpose beyond facilitating your real-time commands through the MCP server.
7. Data Security
Although we do not store your advertising data, we implement security measures to protect your authentication credentials and service integrity:
Encryption in Transit: All data transmitted between your AI client, our servers, and Meta's API uses HTTPS/TLS encryption
Secure Token Storage: Authentication tokens are encrypted at rest using industry-standard encryption
Access Controls: Limited personnel access to server infrastructure with audit logging
Regular Security Audits: Ongoing monitoring and security assessments of our systems
8. Data Retention and Deletion
8.1 Advertising Data Retention
We do not retain any Meta advertising data. All campaign information, performance metrics, and creative content flows through our servers in real-time without storage or logging.
8.2 Technical Data Retention
Authentication Tokens: Retained until you revoke access or for 90 days of inactivity, whichever comes first
Connection and Error Logs: Automatically deleted after 90 days
8.3 Account Deletion
To disconnect your Meta account and delete associated authentication tokens:
Email liam@automa.solutions with the subject "Account Deletion Request"
Include your Meta Business Account ID or the email address associated with your Meta account
We will process your request within 48 hours and confirm deletion via email
Alternatively, you can revoke our app's access directly through your Meta Business settings, which will immediately prevent our server from accessing your advertising data.
9. Your Rights and Choices
You have the following rights regarding your information:
Access and Transparency: Since we don't store advertising data, there is no stored data to access. Authentication tokens can be confirmed as active or inactive upon request.
Revoke Access: You can revoke our app's Meta permissions at any time through Meta Business settings
Data Deletion: Request deletion of authentication tokens and technical logs as described in Section 8.3
Data Portability: Since we don't store advertising data, data portability does not apply. All advertising data remains with Meta and can be exported directly from Meta's platform
10. Children's Privacy
Our service is not directed at individuals under the age of 18. We do not knowingly collect information from children. If you believe a child has used our service, please contact us immediately.
11. International Data Transfers
Our service operates from Australia. When you use our MCP server, your authentication credentials may be processed on servers located in Australia. Meta advertising data flows directly between Meta's servers and your AI client—we do not intermediate or store this data in any geographic location.
12. Changes to This Privacy Policy
We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. The "Last Updated" date at the top of this policy indicates when it was last revised. Continued use of our service after changes constitutes acceptance of the updated policy.
13. Compliance with Meta Policies
Our service complies with:
Meta Platform Terms of Service
Meta Developer Policies and Terms
Meta Advertising Policies
Meta Data Use Policy
We do not use Meta advertising data for any purposes beyond facilitating your direct commands through the MCP server interface.
14. Legal Disclosures
We may disclose information if required by law, court order, or government regulation, or if necessary to protect our rights, property, or safety, or the rights of others. Given that we do not store advertising data, such disclosures would be limited to authentication logs and technical operational data.
15. Contact Information
Data Controller: LCLA Media Pty Ltd (trading as Automa Solutions)
Privacy Contact: liam@automa.solutions
Support Contact: liam@automa.solutions
Website: automa.solutions
For questions about this Privacy Policy, data handling practices, or to exercise your rights, please contact us at the email address above. We will respond to all inquiries within 7 business days.
© 2026 LCLA Media Pty Ltd. All rights reserved.
Curious about what
we can achieve for you?
Schedule a call with us.
Automa Solutions © 2025.
Curious about what
we can achieve for you?
Schedule a call with us.
Automa Solutions © 2025.