Effective Date: March 27, 2026 | Last Updated: June 5, 2026
eGiiG ("we," "us," "our") operates the eGiiG Agency Suite platform accessible at https://egiig.com and https://apps.egiig.com, including the eGiiG browser extension (collectively, the "Service"). eGiiG is a multi-tenant SaaS platform for digital marketing agencies that enables centralized management of client ad accounts, social media, analytics, and outreach across multiple advertising and marketing platforms. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Service.
When you create an account, we collect:
When you use our platform to manage clients and prospects, you may store:
Our browser extension collects the following data from LinkedIn with your explicit authorization:
What we do NOT collect from LinkedIn:
We do not scrape or bulk-download LinkedIn user data. We do not access LinkedIn data of users who have not been explicitly added to your campaigns. We do not collect or store LinkedIn passwords. We do not sell LinkedIn data to third parties.
In addition to the browser extension, agencies may connect LinkedIn accounts via OAuth for publishing and advertising features. We request the following scopes through LinkedIn's official OAuth 2.0 flow:
| Scope | What It Accesses | Why We Need It |
|---|---|---|
openid | OpenID Connect identity verification | Securely identify the LinkedIn user during the OAuth login flow. |
profile | Basic profile info (name, photo) | Display your name and photo within the eGiiG dashboard for account identification. |
email | Email address on file with LinkedIn | Associate the connection with your eGiiG account and send connection-related notifications. |
w_member_social | Publish posts on your LinkedIn profile | Allow agencies to schedule and publish thought-leadership content on behalf of connected LinkedIn profiles via the Social Scheduler. |
r_ads | Read LinkedIn ad account data | Display LinkedIn ad campaign performance metrics (impressions, clicks, spend) in the Ad Control dashboard. |
rw_ads | Create and manage LinkedIn ad campaigns | Allow agencies to create, edit, pause, and manage LinkedIn advertising campaigns from within eGiiG. |
r_ads_reporting | Access LinkedIn advertising reports | Generate detailed performance reports for client-facing reporting within the platform. |
r_ad_library | View publicly available ads from the LinkedIn Ad Library | Enable competitive analysis by viewing competitor ad activity within the Brand Intelligence module. |
r_events | Read LinkedIn event data | Display events associated with a LinkedIn Page or profile for campaign coordination. |
w_events | Create and manage LinkedIn events | Allow agencies to create and manage professional events on behalf of connected accounts. |
Data safety: LinkedIn OAuth tokens are encrypted at rest and stored on a per-team, per-account basis. Tokens are automatically refreshed before expiry and immediately deleted when an account is disconnected. We never share LinkedIn data with third parties or use it for purposes beyond what is described above.
When agencies connect client Google accounts, we request access to multiple Google services through a single OAuth 2.0 consent flow. Each scope below corresponds to a specific feature within eGiiG. Only the data necessary for the authorized feature is accessed.
| Scope | Google Service | What It Accesses | Why We Need It |
|---|---|---|---|
adwords | Google Ads API | Ad accounts, campaigns, ad groups, keywords, performance metrics, conversions | Display campaign performance in the Ad Control dashboard, allow agencies to create and manage Google Ads campaigns, create conversion actions, and generate client reports. |
analytics | Google Analytics | Website traffic data, user behavior, conversion events, audience demographics | Display website analytics in the reporting dashboard so agencies can correlate ad spend with website performance. |
analytics.edit | Google Analytics (write) | Create goals, audiences, link Google Ads, manage Measurement Protocol secrets | Set up conversion goals and create Measurement Protocol secrets required for server-side event tracking on behalf of clients. |
analytics.readonly | Google Analytics (read) | List properties, data streams, account configuration | Discover which Analytics properties a client has so the agency can select the correct one for reporting. |
tagmanager.manage.accounts | Google Tag Manager | List GTM accounts and containers | Discover the client's GTM setup so the agency can identify where tracking tags need to be installed. |
tagmanager.edit.containers | Google Tag Manager (write) | Create, edit, and deploy tags, triggers, and variables | Install conversion tracking tags (Google Ads, Analytics, Meta Pixel) on client websites via GTM without requiring direct website access. |
tagmanager.readonly | Google Tag Manager (read) | View existing tags, triggers, and variables | Audit current tracking setups on client websites and verify required tags are properly configured. |
webmasters | Google Search Console | Search performance data, keyword rankings, crawl errors, sitemaps | Display organic search performance and keyword ranking data in the SEO and reporting modules. |
business.manage | Google Business Profile | Business listing data, reviews, photos, business information | Manage client Google Business Profiles within the Reputation Management module — respond to reviews, update business info, and monitor listing health. |
content | Google Merchant Center | Product feeds, product data, shopping campaign inventory | Sync client product catalogs for Google Shopping campaigns, ensuring product data is accurate and up-to-date. |
datamanager | Google Data Manager API | Server-side conversion events, offline conversion data, enhanced conversion signals | Upload server-side conversion events (purchases, leads, bookings) to Google on behalf of clients for accurate conversion tracking and attribution. |
Google API Services — Limited Use Disclosure: eGiiG's use and transfer to any other app of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. We access Google data only to provide the features described in this policy as directed by the agency user. We do not use Google data for advertising, do not sell Google data, and do not allow humans to read Google data except for security purposes, to comply with applicable law, or with explicit user consent.
Data safety: Google OAuth tokens are encrypted at rest. Refresh tokens maintain access without requiring re-authorization. We access only the data required for features the agency actively uses. When an account is disconnected, all tokens are immediately revoked and deleted. Agencies and their clients can also revoke access at any time via Google Account Permissions.
When agencies connect client Facebook or Instagram accounts, we request different scopes depending on the intended use. The agency selects whether the connection is for advertising management, social media posting, or both. Only the scopes relevant to the selected purpose are requested.
| Scope | What It Accesses | Why We Need It |
|---|---|---|
business_management | Business assets, ad accounts, Pages within Meta Business Suite | Connect and discover client business assets — identify which ad accounts, Pages, and Instagram accounts are available for agency management. |
pages_show_list | List of Facebook Pages the user manages | Display client Facebook Pages in the connection flow so the agency can select which Pages to manage. |
pages_read_engagement | Page posts, comments, reactions, follower counts | Display social engagement data in the analytics and reputation dashboards. |
| Scope | What It Accesses | Why We Need It |
|---|---|---|
ads_management | Create, edit, pause, and delete ad campaigns | Build and manage Meta advertising campaigns on behalf of clients from the Ad Control module. |
ads_read | Ad performance metrics — spend, impressions, clicks, conversions, ROAS | Display campaign performance data in the dashboard and generate client-facing reports. |
pages_manage_ads | Create ads directly from Page posts (boost posts) | Promote organic Page posts as paid ads without leaving the eGiiG platform. |
leads_retrieval | Lead data from Facebook Lead Ads forms | Pull leads generated by Lead Ad campaigns into eGiiG's CRM for agency follow-up. |
catalog_management | Product catalogs for Dynamic Product Ads | Manage e-commerce product feeds for clients running Dynamic Product Ads and Shopping campaigns. |
| Scope | What It Accesses | Why We Need It |
|---|---|---|
pages_manage_posts | Publish, edit, and delete posts on connected Facebook Pages | Schedule and publish organic content on client Facebook Pages via the Social Scheduler module. |
pages_manage_engagement | Manage comments and moderate Page engagement | Respond to comments, hide spam, and moderate engagement on client Pages from the Unified Inbox. |
pages_read_user_content | Content posted by visitors on the Page | Display visitor posts and comments in the agency dashboard for monitoring and community management. |
instagram_basic | Instagram Business account profile info and media | Display the connected Instagram account within the social management dashboard. Requested only when Instagram is selected as a connected asset. |
instagram_content_publish | Publish photos, videos, reels, and stories to Instagram | Schedule and publish Instagram content on behalf of clients through the Social Scheduler. Requested only when Instagram is selected. |
Meta Platform Compliance: Our use of Meta Platform data complies with Meta Platform Terms and Meta's Developer Policy. We only request the minimum scopes necessary for the features selected. We do not sell, license, or share Meta user data with third parties.
Data safety: Meta OAuth tokens are encrypted at rest and scoped per-client. When an account is disconnected, tokens are immediately revoked. Clients can also revoke access via Facebook Business Integrations settings.
When agencies connect client TikTok Business accounts, we request access through TikTok's Marketing API OAuth flow for advertising management and reporting.
| Scope / Permission | What It Accesses | Why We Need It |
|---|---|---|
ad_account_management | TikTok ad account settings and configuration | Connect and identify client TikTok ad accounts for management within the Ad Control dashboard. |
campaign_management | Create, edit, and manage ad campaigns, ad groups, and ads | Build and manage TikTok advertising campaigns from within eGiiG. |
| Audience Management | Custom and lookalike audience data | Create and manage audience segments for targeted ad delivery on behalf of clients. |
| Reporting | Campaign performance metrics — impressions, clicks, spend, conversions | Display TikTok ad performance in the dashboard and generate cross-platform reports. |
| Creative Management | Ad creative assets — videos, images, playable ads | Upload and manage ad creative assets within the Creative Studio module. |
| Pixel Management | TikTok Pixel configuration and events | Set up and manage conversion tracking pixels on client websites. |
| Lead Management | Lead data from TikTok Lead Gen forms | Pull leads generated by TikTok campaigns into eGiiG's CRM for agency follow-up. |
| Measurement | Attribution and conversion measurement data | Analyze conversion attribution across campaigns for accurate ROI reporting. |
TikTok Events API (Server-Side Tracking): When enabled, eGiiG transmits conversion events to TikTok's Events API on behalf of the client. Data transmitted includes event type, event timestamp, and anonymized user parameters (hashed email, hashed phone). The TikTok click identifier (ttclid) and tracking parameter (ttp) are captured client-side by our tracking snippet to enable accurate attribution. All user identifiers are hashed using SHA-256 before transmission.
Compliance: Our use of TikTok Marketing API data complies with TikTok for Business Developer Terms. We access ad account data solely for campaign management and reporting.
When agencies connect client Microsoft Advertising (Bing Ads) accounts, we request the following scope:
| Scope | What It Accesses | Why We Need It |
|---|---|---|
msads.manage | Full management of Microsoft Advertising campaigns — accounts, campaigns, ad groups, keywords, performance data, and spend | Manage Bing/Microsoft search campaigns from eGiiG. Microsoft's search network covers approximately 30% of US desktop search traffic (Bing, Yahoo, DuckDuckGo), so agencies need centralized management alongside Google Ads. |
Data safety: Microsoft OAuth tokens are encrypted at rest. We access only the campaign and performance data necessary for the Ad Control dashboard. Clients can revoke access at any time via Microsoft Account Permissions.
eGiiG provides a server-side conversion tracking engine that enables agencies to accurately measure the performance of their clients' ad campaigns across Google, Meta, and TikTok.
How it works: A lightweight JavaScript tracking snippet is installed on the client's website. This snippet captures platform-specific click identifiers when a visitor arrives from an ad:
gclid, gbraid, wbraid parametersttclid, ttp parametersfbclid parameterWhen a conversion event occurs (e.g., a purchase, form submission, or phone call), the conversion data is sent to our servers. eGiiG then transmits the conversion event to the appropriate advertising platform via their official server-side APIs:
datamanager OAuth scope)Data safety: All user identifiers (email addresses, phone numbers) are hashed using SHA-256 before being transmitted to any advertising platform. Click identifiers are stored temporarily in the browser (sessionStorage + first-party cookie) and on our servers only for the duration needed for attribution (typically 30–90 days). The tracking snippet does not collect browsing history, form inputs, or any data beyond the click identifiers and conversion events explicitly configured by the agency.
When agencies connect client websites via our SEO plugin or Google Search Console integration:
Our BrandEngine feature analyzes publicly available business information to generate brand profiles for campaign planning. Data sources include:
business.manage scope when connected, or via public listings)Data safety: Brand analysis is performed only on businesses that the agency has explicitly added as clients. We do not perform unsolicited data collection. All crawled data is processed through our AI pipeline and stored as structured analysis — raw crawl data is not permanently retained.
We automatically collect:
We use the collected information for the following purposes:
We do NOT sell your personal information or your clients' data to third parties.
We may share information with:
We transmit data back to advertising platforms in the following scenarios, all explicitly initiated by the agency user:
If you use our white-label feature, your clients interact with the platform under your branding. We do not independently contact your clients.
We may disclose information if required by law, regulation, legal process, or governmental request.
We implement industry-standard security measures:
You may request a copy of all personal data we hold about you by contacting support@egiig.com.
You may update your account information at any time through the dashboard Settings page.
You may request deletion of your account and all associated data by contacting support@egiig.com. We will process deletion requests within 30 days. Deletion includes all OAuth tokens, campaign data, client records, and brand analysis data.
You may disconnect any connected account at any time through our dashboard. This immediately revokes our access to that platform's data and deletes the stored tokens. You may also revoke access directly from each platform:
You may uninstall the browser extension at any time. Uninstalling immediately stops all data collection from LinkedIn. To also delete stored LinkedIn session data from our servers, disconnect the LinkedIn account from the dashboard.
Agencies can disable server-side conversion tracking for any client at any time through the Ad Control dashboard. When disabled, no further conversion events are transmitted to advertising platforms. Existing conversion data is retained for the standard 90-day attribution window, then automatically purged.
You may opt out of non-essential emails by clicking "unsubscribe" in any marketing email or updating your notification preferences in Settings.
We use the following cookies:
| Cookie | Purpose | Duration |
|---|---|---|
| Session cookie | Authentication | Browser session |
| Sanctum token | API authentication | 30 days |
| Preference cookies | Dashboard settings | 1 year |
Client-side tracking snippet: When installed on a client's website for server-side conversion tracking, our snippet stores ad click identifiers (gclid, gbraid, wbraid, ttclid, ttp, fbclid) in the browser's sessionStorage and a first-party cookie. These identifiers are used solely for conversion attribution and are not used for cross-site tracking, behavioral profiling, or advertising.
We do not use third-party advertising trackers on the eGiiG platform itself. We do not serve ads within our platform.
Our servers are located in Europe. If you access our Service from outside Europe, your data may be transferred to and processed at our server locations. We ensure appropriate safeguards are in place for international data transfers, including encryption in transit and at rest.
Our Service is not intended for individuals under the age of 18. We do not knowingly collect personal information from children. If we discover that a child under 18 has provided us with personal information, we will delete it promptly.
If you are a resident of the European Economic Area (EEA), you have the following rights under the General Data Protection Regulation (GDPR):
Legal bases for processing:
To exercise any of these rights, contact us at privacy@egiig.com.
If you are a California resident, you have the right to:
Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements. Specifically:
Our use of Meta Platform data complies with Meta Platform Terms and Meta's Developer Policy. We access only the data necessary to provide our advertising management and social posting services. We do not store Meta data longer than necessary.
Our use of TikTok Marketing API data complies with TikTok for Business Developer Terms. We access ad account data solely for campaign management, conversion tracking, and reporting.
Our use of LinkedIn data complies with LinkedIn API Terms of Use. OAuth-based access is used for publishing and advertising features. Browser extension-based access is used for outreach automation. We do not scrape LinkedIn, bulk-download data, or use LinkedIn data for purposes beyond those authorized by the user.
Our use of Microsoft Advertising API data complies with Microsoft Advertising API Terms. We access campaign data solely for display and management within the eGiiG Ad Control dashboard.
We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on this page and updating the "Last Updated" date. Your continued use of the Service after changes constitutes acceptance of the updated policy.
If you have questions about this Privacy Policy or our data practices:
Our Service may contain links to third-party websites. We are not responsible for the privacy practices of these websites. We encourage you to read the privacy policies of any third-party sites you visit.