Effective: 21 October 2021. Last updated 21 October 2021. If you have questions about this policy, email contact@oiesu.com. Due to workload, emails are sometimes missed — for the fastest response we highly recommend calling or messaging a real human directly.
OIESU is a performance marketing agency operating globally. We manage paid advertising campaigns — including Google Ads, Meta Ads, and Microsoft Ads — and build landing pages, websites, SEO content, and automation systems for clients worldwide. Our registered office is at Nababpally, Kolkata – 743127, West Bengal, India.
For privacy-related matters, contact us at: contact@oiesu.com.
Programmatic pages on this website, including service pages, industry pages, location pages, FAQs, blog posts, meta descriptions, and related automated pages, may be drafted, expanded, monitored, or improved with generative AI models and automation systems. AI-assisted content may contain mistakes, omissions, outdated references, hallucinations, duplicated wording, or assumptions that are not suitable for your exact business, industry, location, budget, compliance obligations, or market conditions.
If you are considering hiring OIESU, connecting an advertising account, approving a budget, or relying on an industry/location page, you should first discuss your exact requirements with us and satisfy yourself that the service, expectations, and risks are suitable. The full AI-usage, market-risk, no-guarantee, and service-limitation policy is in our Terms of Service.
Contact data: Name, email address, phone number, and business name submitted via our website forms, free audit requests, or direct email correspondence.
Usage data: IP address, browser type, device type, pages visited, time on page, referral source, advertising click identifiers, campaign parameters, and coarse location signals where available — collected automatically through our internal visitor logging and analytics tools when you visit our website.
Payment data: Invoicing and billing is handled through Stripe and/or PayPal. We never see or store your full card number. Payment processors handle card data under their own PCI-DSS compliant systems.
Cookie data: Functional cookies (session management), analytics cookies (Google Analytics 4), and marketing cookies (Google Ads remarketing, Meta Pixel) — subject to your consent where required by law.
Attribution data: For enquiry and fraud-prevention purposes, we may store first-touch and last-touch attribution such as campaign, ad group, keyword, click ID, device, landing page, referrer, and search term values when those values are supplied by an advertising platform URL.
We maintain internal visitor logs to understand traffic quality, diagnose abuse, prevent spam, improve landing-page performance, attribute enquiries, and protect the website from suspicious traffic. These logs may include IP address, user agent, approximate location, referrer, page path, session identifier, advertising parameters, and bot/crawler classification.
Raw internal visitor events may be retained for up to five years unless a shorter retention period is configured or deletion is required by applicable law. Search engines generally do not provide the exact organic search query in the visitor referrer; organic query reporting, where available, is usually aggregate data from tools such as Google Search Console or Bing Webmaster Tools.
If you are located in the European Economic Area or United Kingdom, we process your personal data under the following legal bases:
Responding to your enquiry and conducting our business operations.
Delivering agreed services to clients under a signed Service Agreement.
Sending marketing emails and placing non-essential cookies.
Retaining financial records as required by applicable law.
OIESU accesses the Google Ads API solely to create, manage, optimise, troubleshoot, and report on Google Ads campaigns for clients who have explicitly granted us access to their accounts. We use this data exclusively to perform the services described in each client’s Service Agreement or written service scope.
We do not use Google Ads API data for any purpose unrelated to the services requested by our clients. We do not allow any person to read client account data without the client’s permission, except as strictly necessary for campaign management, reporting, security, or troubleshooting a technical issue. We do not sell, rent, redistribute, sublicense, or transfer Google Ads account-specific data, including keywords, bids, campaign settings, performance reports, audience lists, or conversion data, except as necessary to deliver the requested service or as required by law.
Where reports combine Google Ads data with data from Meta, Microsoft, LinkedIn, analytics tools, CRM systems, or other non-Google sources, we keep Google Ads-specific reporting identifiable or separately accessible where required by Google Ads API policies. If Google Ads reporting data is delayed by more than 24 hours, we will disclose that delay to affected clients.
Clients may request that OIESU stop managing their Google Ads account at any time. Upon termination or a valid written disconnection request, we will provide a practical way to remove manager/API access and return exclusive control within the time required by applicable platform policy, normally within three working days.
Login sessions, CSRF protection tokens. These cookies are strictly necessary and cannot be disabled.
Google Analytics 4 with IP anonymisation enabled. Used to understand how visitors use our site in aggregate.
Google Ads remarketing tags and Meta Pixel, configured with Conversions API for server-side matching. Used to show relevant ads and measure campaign performance.
You can manage or opt out of non-essential cookies via your browser settings or our cookie consent banner displayed on first visit.
We share data only with the service providers necessary to operate our business. These providers are contractually bound to process data only on our instructions:
We never sell your personal data to third parties.
3 years
Enquiry and lead data
Name, email, and message from website form submissions.
5 years post-contract
Client account data
Retained for the duration of the contract plus 5 years to satisfy legal and accounting obligations under Indian accounting law and applicable tax regulations.
14 months
Analytics data
Google Analytics 4 default retention window; data is aggregated and anonymised before storage.
Indefinitely (purpose-limited)
Advertising audience exclusion data
Contact information (including email addresses and phone numbers) of enquirers, past clients, and existing clients is retained in our advertising platforms’ Customer Match audience lists for the sole purpose of excluding such individuals from new lead acquisition campaigns. This prevents OIESU from advertising services to people who have already engaged with us — ensuring our advertising budget is used to reach genuinely new prospects rather than re-targeting people who are already clients. This retention is based on our legitimate interest under GDPR Article 6(1)(f) in maintaining accurate and efficient advertising audiences. The data is held for as long as we operate paid advertising accounts, because removing a person from exclusion lists would result in that person being re-targeted as a cold prospect, which is contrary to their reasonable expectations. You may request removal from advertising exclusion audiences at any time by emailing contact@oiesu.com. Removal will take effect within 5 business days. Please note that removal from exclusion lists may result in you seeing OIESU advertisements as a new prospect.
Depending on your location, you have the following rights over your personal data:
California residents (CCPA): You have the right to know what personal information we collect, the right to delete it, and the right to opt out of its sale. We do not sell personal information.
To exercise any of these rights, email contact@oiesu.com. We will respond within 30 days.
As a global agency, your data may be processed in the United States, the European Union, or the United Kingdom. Where personal data is transferred from the EEA to the United States, we rely on Standard Contractual Clauses (SCCs) as the legal transfer mechanism. For transfers involving the United Kingdom, we comply with UK GDPR requirements post-Brexit, including the UK International Data Transfer Agreement where applicable.
We take the security of your personal data seriously. Our measures include:
For any privacy enquiry, request, or complaint, contact our privacy team at contact@oiesu.com. We aim to respond to all privacy requests within 30 days.
If you are located in the EEA and believe we have not adequately addressed your concern, you have the right to lodge a complaint with your local data protection authority. In the UK, this is the Information Commissioner’s Office (ICO).