Your data, straight up.

We collect the minimum data needed to run your account and generate useful recommendations. Your briefs, campaigns and platform data are yours. We never sell them, never train shared models on identifiable content, and you can revoke any connection or export your data at any time.

Three buckets:

• Account info. Name, work email, company, role, password hash. Used to log you in and contact you about your account.
• Platform data. When you connect an ad platform (Meta, Google, TikTok, LinkedIn, DV360), Medusa pulls campaign structure, spend, impressions and performance metrics through official APIs. We do not read DMs, personal profiles or anything outside the advertising scope you grant.
• Plan content. Briefs you upload, personas you generate, audiences you save, allocations and tactics. This is the workspace data you create inside Medusa.

Strictly to deliver the product. Concretely, that means: generating personas and audiences from your brief, recommending channel mixes, showing pacing vs plan, surfacing AI recommendations and improving those recommendations as more data flows in.

We do not use your data to train generic foundation models for other customers, sell to data brokers, or build advertising profiles outside Medusa.

When you upload a brief or ask Medusa a question about your plan, the system uses Retrieval-Augmented Generation (RAG). In plain terms: we turn relevant pieces of your content into mathematical embeddings (vectors) and store them in a vector database. When you ask something, the closest matching vectors are retrieved and used as context for the language model to compose an answer.

This pattern matters for privacy because:

• Your content stays in your tenant in the vector store. Vectors are scoped per account.
• The language model only sees the small slice of context retrieved for that specific query, never the whole library.
• No customer's vectors are mixed into another customer's retrieval pool.

Before content is embedded, we run an anonymization pass that strips obvious identifiers: people's names, email addresses, phone numbers, account IDs and similar PII. What ends up as a vector is the structural and strategic content of your work, not who it's for.

For metrics from ad platforms, Medusa stores aggregates and campaign identifiers, not the underlying audience members that platforms showed your ads to (we don't have access to that data anyway).

Connecting an ad platform stores an OAuth token, not your password. Tokens are encrypted at rest using envelope encryption with rotated keys. You can revoke any connection from the Platforms screen inside Medusa, which deletes the token from our store and revokes our read access at the source.

Data is hosted on industry-standard cloud infrastructure (currently AWS in the EU and US regions) with encryption in transit (TLS 1.2+) and at rest (AES-256). Access to production systems is restricted to a small operations team, gated behind SSO and MFA, and audit-logged.

We run regular security reviews and have a coordinated disclosure policy. If you spot something concerning, email hello@getmedusa.ai.

We do not sell your data. We share it only with sub-processors who help us run the service (cloud hosting, payment processing, transactional email, analytics for product usage). Each is bound by a data processing agreement.

We will disclose data if compelled by valid legal process, and where allowed we will tell you first.

Depending on where you live (GDPR, UK GDPR, CCPA and friends), you have rights to access, correct, delete or port your data, and to object to certain processing. Email hello@getmedusa.ai and we'll get it done. No dark patterns, no friction.

Account and workspace data is retained while your account is active. If you delete your account, we purge your data within 30 days, except where we're required to keep limited records (billing, tax) longer. You can also export your plans at any time.

The marketing site uses only essential cookies for session state. We do not run third-party advertising trackers here. The product app uses cookies for authentication and lightweight product analytics (event names and timings, not content).

When we update this policy materially, we'll email account holders and date-stamp the new version at the top. Minor wording fixes (typos, clarifications) go in quietly.

Questions, a data request, or a security report? Email hello@getmedusa.ai. A human replies within one working day.