Privacy Policy
Last updated: 15 July 2026
This Privacy Policy explains how we collect, use, and protect your personal data when you use AsPromised (the "Service"), available at aspromised.io.
Who we are (Data Controller)
The Service is operated by:
Blending Lab, obrt za digitalne usluge, vl. Karlo Osman Voćarska cesta 28c, 10000 Zagreb, Croatia OIB: 84953432471 Contact: support@aspromised.io
We are the data controller for the personal data described in this policy.
What data we collect
- Analysis inputs. When you use the Service, you provide an ad (headline and creative) and a landing page URL. We process these to produce your analysis. The landing page URL is fetched and its public content is read to perform the audit.
- Email address. If you choose to save a report or create an account, we collect your email address.
- Account data. If you create an account, we store your email and authentication data.
- Payment data. If you purchase a paid service, payment is processed by our reseller Paddle (see below). We do not collect or store your card or bank details. Paddle collects the billing information necessary to process your payment.
- Technical data. Like most websites, our infrastructure providers automatically process limited technical data (such as IP address and request logs) needed to operate and secure the Service.
How we use your data
- To run your analysis and deliver your report.
- To build and deliver any paid personalized landing page you purchase.
- To contact you about a report you saved or a purchase you made.
- To operate, secure, and improve the Service.
Legal bases (GDPR)
We rely on: performance of a contract (to deliver a paid service you purchased); your consent (when you give us your email to save or receive a report, which you may withdraw at any time); and our legitimate interests (to operate, secure, and improve the Service).
Third parties who process data for us
We use trusted providers to run the Service:
- Supabase (database, authentication, and hosting of your account and saved data).
- Paddle (payment processing; Paddle acts as Merchant of Record and reseller for paid purchases).
- Firecrawl (fetches the public content of the landing page URL you submit, so it can be analyzed).
- Lovable (application hosting and infrastructure).
- Cloudflare (domain and email routing).
Some of these providers may process data outside the European Economic Area. Where that happens, transfers are protected by appropriate safeguards such as the European Commission's Standard Contractual Clauses.
How long we keep it
We keep saved reports, leads, and account data for as long as needed to provide the Service or as required by law. You can ask us to delete your data at any time, and account deletion is available from within your account.
Your rights
Under the GDPR you have the right to access, correct, delete, restrict, or object to the processing of your personal data, to data portability, and to withdraw consent at any time. To exercise any of these, contact us at support@aspromised.io.
You also have the right to lodge a complaint with the Croatian Personal Data Protection Agency (Agencija za zaštitu osobnih podataka, AZOP).
Changes to this policy
We may update this policy from time to time. The "last updated" date above reflects the current version.
Contact
For any privacy question or request, contact us at support@aspromised.io.