Privacy Policy

Product: Nerds Data Science

Effective Date: January 23, 2026

Rough-In Labs LLC (“Rough-In Labs,” “we,” “us,” or “our”) provides the Nerds Data Science web application and related services (collectively, the “Service”). This Privacy Policy describes how we collect, use, disclose, and protect information when business users (“you,” “your,” or “Customer”) use the Service, including when you connect Meta advertising accounts and we retrieve advertising insights data.

1) Scope and Audience

The Service is intended for business and organizational use. This Privacy Policy applies to information processed in connection with:

• account creation and use of the Service;
• integrations you enable (including Meta);
• communications with us (support and administrative messages).

2) Information We Collect

A. Information You Provide

We collect information you provide directly, such as:

• Account and workspace information (e.g., name, business email address, organization/workspace name, user role).
• Support and communications (e.g., messages, feedback, and information you submit to help diagnose issues).

B. Information We Receive From Meta (When You Connect Meta)

If you choose to connect Meta through Meta Login and the Meta Marketing API, we may request permissions including read_insights and ads_read (or equivalent permissions depending on Meta’s platform changes and your configuration). When authorized, we may retrieve and process:

• Aggregated advertising insights and performance data (e.g., metrics and breakdowns available via Meta Ads Insights and related reporting endpoints).
• Ads-related objects and metadata needed for reporting (e.g., campaign/ad set/ad identifiers and names, status, and other non-user-level fields required to map insights to entities).
• Connection credentials such as access tokens required to maintain the integration and fetch insights data (stored securely, including encryption where feasible).

Important: We use Meta data in aggregated form for analytics and reporting. We do not intend to retrieve or process Meta user-level personal data through these permissions.

C. Information Collected Automatically

When you use the Service, we may collect:

• Usage and activity data (e.g., features used, pages viewed, timestamps).
• Device and log data (e.g., IP address, browser type, operating system, and diagnostic logs).
• Cookies and similar technologies used for essential functions such as authentication and security.

3) How We Use Information

We use information to:

• Provide, operate, and maintain the Service (including dashboards, reporting, and analytics you request).
• Authenticate users, manage workspaces, and administer access controls.
• Provide customer support, troubleshoot issues, and respond to requests.
• Protect the Service and our users (security monitoring, abuse prevention, debugging, auditing, and enforcing our terms).
• Improve the Service (including analysis of usage trends, and aggregated or de-identified analysis where appropriate).
• Comply with legal obligations and resolve disputes.

4) Workspace Admin Access and Company Access

A. Workspace Admin Access

If your organization uses a workspace model, workspace administrators may be able to view and manage workspace settings and information, including managing users and permissions and viewing workspace-level data and reports.

B. Our Access

We may access, view, and process information associated with your use of the Service, including integration data, to operate the Service, provide support, maintain security, and comply with legal obligations. We limit such access to authorized personnel.

5) How We Share Information

We do not sell personal information.

We may disclose information in the following circumstances:

• Service providers: We use third-party vendors to help operate the Service (such as hosting, infrastructure, monitoring, and customer support). They may process information only on our instructions and are required to protect it.
• Within your organization: Information may be shared among users in your workspace according to roles and permissions set by your organization.
• Legal and safety: We may disclose information if we believe it is required by law, regulation, legal process, or to protect the rights, safety, and security of Rough-In Labs, our users, or others.
• Business transfers: If we are involved in a merger, acquisition, financing, reorganization, or sale of assets, information may be transferred as part of that transaction subject to appropriate protections.

6) Meta Platform Data Commitments

When you connect Meta, we process Meta Platform Data to provide the Service’s analytics and reporting features. We:

• use Meta Platform Data only to provide and improve the Service’s reporting and analytics features for your organization;
• do not sell Meta Platform Data or share it with data brokers;
• do not use Meta Platform Data to build or augment profiles for advertising or marketing unrelated to the Service;
• restrict access to Meta Platform Data to authorized personnel and service providers who need it to operate the Service.

7) Data Retention

We retain information for as long as reasonably necessary to provide the Service, meet contractual obligations, comply with legal requirements, resolve disputes, and enforce agreements. You may request deletion as described below. Some information may be retained where required for legal compliance, security, fraud prevention, or backup integrity.

8) Security

We use reasonable administrative, technical, and organizational safeguards designed to protect information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9) Your Choices and Requests

A. Integration Controls

You can disconnect Meta within the Service (if available) or by removing the app’s access in your Meta settings. Disconnecting stops future data retrieval, but previously retrieved reporting data may remain available in the Service unless you request deletion.

B. Access, Correction, and Deletion Requests

You may request access to, correction of, export of, or deletion of information associated with your account/workspace by contacting us at hi@hellonerds.co. We may need to verify your request and your authority to act on behalf of the workspace.

C. Data Deletion Instructions

To request deletion of data associated with your account or any of your connections, email hi@hellonerds.co with the subject line "Data Deletion Request” and include:

• the email address associated with your Nerds Data Science account, and
• the relevant Meta ad account identifier(s) (if available).

After verification, we will delete or de-identify Meta Platform Data associated with your account/workspace, unless retention is required by law or necessary for security or fraud prevention.

10) International Use

The Service is operated from the United States. If you access the Service from outside the United States, your information may be processed in the United States or other locations where we or our service providers operate.

11) Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will post the updated version and update the Effective Date above. Your continued use of the Service after changes become effective means you accept the updated policy.

12) Contact Us

Rough-In Labs LLC (Pennsylvania, USA)
Email: hi@hellonerds.co