Skip to content
Picata

Last updated: 25 May 2026

Privacy Policy

This Privacy Policy explains what data Picata (“we”, “us”) collects when you use the audit at picata.ai, what we do with it, and the choices you have. We aim to collect only what we need to run the audit and to keep the product working.

Who we are

Picata is operated by Menturi OÜ, an Estonian private limited company (registry code 17205350). For privacy questions, email privacy@picata.ai.

What we collect

How we use it

How we share it

We do not sell your data and we do not share it with advertisers. We share data with the following categories of processors only as needed to run the product:

We may also share data if required by law, or to enforce our Terms.

Google user data and Limited Use

Picata’s use and transfer of information received from Google APIs to any other app will adhere to the Google API Services User Data Policy, including the Limited Use requirements.

In practice, we only use the Google Ads data you connect to provide and improve the audit you asked for. We do not use it for advertising, we do not sell it, and we do not transfer it to others except the processors listed above as needed to run the product or where the law requires it. No human reads your Google Ads data except where you ask us for support, where it is necessary for security, or to comply with law.

Retention

How long we keep your data depends on what it is:

You can ask us to delete your account and the underlying audit data at any time by emailing privacy@picata.ai; we will do so within 30 days, except where law requires us to keep certain records (e.g. billing).

Your rights

Under the EU GDPR (and equivalents like the UK GDPR and California CCPA), you have rights to access, correct, delete, and port the personal data we hold about you, and to object to certain uses. To exercise any of these rights, email privacy@picata.ai. You also have the right to lodge a complaint with your local data-protection authority. In Estonia, that is the Andmekaitse Inspektsioon (AKI).

Disconnecting Google Ads access

You can revoke Picata’s read-only access to your Google Ads account at any time from your Google account permissions page. Revoking stops any further data pulls; it does not by itself delete data we already have. For that, request deletion as above.

Security

We use standard industry practices to protect your data in transit (TLS) and at rest. No system is perfectly secure; if we ever become aware of a breach affecting your data, we will notify you in line with applicable law.

Children

Picata is not directed to anyone under 16, and we do not knowingly collect data from children.

Changes

If we make material changes to this policy, we’ll update the “Last updated” date at the top and, where appropriate, notify you by email.

Contact

Questions about this policy? Email privacy@picata.ai.